{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,13]],"date-time":"2026-01-13T23:34:13Z","timestamp":1768347253410,"version":"3.49.0"},"publisher-location":"Cham","reference-count":47,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031368394","type":"print"},{"value":"9783031368400","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-36840-0_12","type":"book-chapter","created":{"date-parts":[[2023,7,21]],"date-time":"2023-07-21T07:06:27Z","timestamp":1689923187000},"page":"249-280","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Putting the\u00a0Pieces Together: Model-Based Engineering Workflows for\u00a0Attribute-Based Access Control Policies"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6596-2823","authenticated-orcid":false,"given":"Marius","family":"Schlegel","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7711-4450","authenticated-orcid":false,"given":"Peter","family":"Amthor","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,7,22]]},"reference":[{"key":"12_CR1","unstructured":"Dacquiri: An authorization framework with compile-time enforcement (2022). https:\/\/github.com\/resyncgg\/dacquiri"},{"key":"12_CR2","doi-asserted-by":"crossref","unstructured":"Ahmed, T., Sandhu, R.: Safety of ABAC$$_\\alpha $$ Is decidable. In: NSS 2017 (2017)","DOI":"10.1007\/978-3-319-64701-2_19"},{"key":"12_CR3","doi-asserted-by":"crossref","unstructured":"Amthor, P.: Efficient heuristic safety analysis of core-based security policies. In: SECRYPT 2017 (2017)","DOI":"10.5220\/0006477103840392"},{"key":"12_CR4","unstructured":"Amthor, P.: Aspect-oriented Security Engineering. Cuvillier Verlag (2019). ISBN 978-3-7369-9980-0"},{"key":"12_CR5","doi-asserted-by":"crossref","unstructured":"Amthor, P., K\u00fchnhauser, W.E., P\u00f6lck, A.: Heuristic safety analysis of access control models. In: SACMAT 2013 (2013)","DOI":"10.1145\/2462410.2462413"},{"key":"12_CR6","doi-asserted-by":"crossref","unstructured":"Amthor, P., K\u00fchnhauser, W.E., P\u00f6lck, A.: WorSE: a workbench for model-based security engineering. Elsevier COSE 42 (2014)","DOI":"10.1016\/j.cose.2014.01.002"},{"key":"12_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/978-3-030-45371-8_13","volume-title":"Foundations and Practice of Security","author":"P Amthor","year":"2020","unstructured":"Amthor, P., Rabe, M.: Command dependencies in heuristic safety analysis of access control models. In: Benzekri, A., Barbeau, M., Gong, G., Laborde, R., Garcia-Alfaro, J. (eds.) FPS 2019. LNCS, vol. 12056, pp. 207\u2013224. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45371-8_13"},{"key":"12_CR8","doi-asserted-by":"crossref","unstructured":"Amthor, P., Schlegel, M.: Towards language support for model-based security policy engineering. In: SECRYPT 2020 (2020)","DOI":"10.5220\/0009893205130521"},{"key":"12_CR9","doi-asserted-by":"crossref","unstructured":"Anderson, J.P.: Computer security technology planning study. Tech. Rep. ESD-TR-73-51, vol. II (1972)","DOI":"10.21236\/AD0772806"},{"key":"12_CR10","unstructured":"Apache Software Foundation: Apache Shiro (2022). https:\/\/shiro.apache.org"},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"Barker, S.: The next 700 access control models or a unifying meta-model? In: SACMAT 2009 (2009)","DOI":"10.1145\/1542207.1542238"},{"key":"12_CR12","doi-asserted-by":"crossref","unstructured":"Basin, D., Clavel, M., Egea, M.: A decade of model-driven security. In: SACMAT 2011 (2011)","DOI":"10.1145\/1998441.1998443"},{"key":"12_CR13","doi-asserted-by":"crossref","unstructured":"Bertolissi, C., Fern\u00e1ndez, M., Thuraisingham, B.: Admin-CBAC: an administration model for category-based access control. In: CODASPY 2020 (2020)","DOI":"10.1145\/3374664.3375725"},{"key":"12_CR14","doi-asserted-by":"crossref","unstructured":"Bhatt, S., Sandhu, R.: ABAC-CC: attribute-based access control and communication control for internet of things. In: SACMAT 2020 (2020)","DOI":"10.1145\/3381991.3395618"},{"key":"12_CR15","doi-asserted-by":"crossref","unstructured":"Biswas, P., Sandhu, R., Krishnan, R.: Label-based access control: an ABAC model with enumerated authorization policy. In: ABAC 2016 (2016)","DOI":"10.1145\/2875491.2875498"},{"key":"12_CR16","unstructured":"Casbin Organization: Casbin (2022). https:\/\/casbin.org"},{"key":"12_CR17","doi-asserted-by":"crossref","unstructured":"Fern\u00e1ndez, M., Mackie, I., Thuraisingham, B.: Specification and analysis of ABAC policies via the category-based metamodel. In: CODASPY 2019 (2019)","DOI":"10.1145\/3292006.3300033"},{"key":"12_CR18","doi-asserted-by":"crossref","unstructured":"Ferraiolo, D., Chandramouli, R., Kuhn, R., et al.: Extensible access control markup language (XACML) and next generation access control (NGAC). In: ABAC 2016 (2016)","DOI":"10.1145\/2875491.2875496"},{"key":"12_CR19","doi-asserted-by":"crossref","unstructured":"Gupta, M., M. Awaysheh, F., Benson, J., et al.: An attribute-based access control for cloud-enabled industrial smart vehicles. TII 17(6), 4288-4297 (2020)","DOI":"10.1109\/TII.2020.3022759"},{"key":"12_CR20","doi-asserted-by":"crossref","unstructured":"Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in Operating Systems. Comm. ACM 19(8) (1976)","DOI":"10.1145\/360303.360333"},{"key":"12_CR21","doi-asserted-by":"crossref","unstructured":"Hu, V.C., Ferraiolo, D., Kuhn, R., et al.: Guide to attribute based access control (ABAC) definition and considerations. NIST Special Publication, pp. 800\u2013162 (2014)","DOI":"10.6028\/NIST.SP.800-162"},{"key":"12_CR22","unstructured":"Intel Corp.: Intel\u00aeSGX. https:\/\/software.intel.com\/en-us\/sgx (2022)"},{"key":"12_CR23","doi-asserted-by":"crossref","unstructured":"Jha, S., Sural, S., Atluri, V., et al.: Security analysis of ABAC under an administrative model. IET Inf. Secur. 13(2), 96\u2013103 (2019)","DOI":"10.1049\/iet-ifs.2018.5010"},{"key":"12_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-31540-4_4","volume-title":"Data and Applications Security and Privacy XXVI","author":"X Jin","year":"2012","unstructured":"Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC and RBAC. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 41\u201355. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-31540-4_4"},{"key":"12_CR25","unstructured":"Klabnik, S., Nichols, C.: The Rust Programming Language. No Starch Press (2018)"},{"key":"12_CR26","doi-asserted-by":"crossref","unstructured":"Lang, B., Foster, I.T., Siebenlist, F., et al.: A flexible attribute based access control method for grid computing. J. Grid Comput. 7(2), 169\u2013180 (2009)","DOI":"10.1007\/s10723-008-9112-1"},{"key":"12_CR27","doi-asserted-by":"crossref","unstructured":"Matsakis, N.D., Klock, F.S.: The Rust language. In: HILT 2014 (2014)","DOI":"10.1145\/2663171.2663188"},{"key":"12_CR28","doi-asserted-by":"crossref","unstructured":"Mukherjee, S., Ray, I., Ray, I., et al.: Attribute based access control for healthcare resources. In: ABAC 2017 (2017)","DOI":"10.1145\/3041048.3041055"},{"key":"12_CR29","doi-asserted-by":"crossref","unstructured":"Narouei, M., Khanpour, H., Takabi, H., et al.: Towards a top-down policy engineering framework for attribute-based access control. In: SACMAT 2017 (2017)","DOI":"10.1145\/3078861.3078874"},{"key":"12_CR30","unstructured":"Oso Security Inc: Oso (2022). https:\/\/www.osohq.com"},{"key":"12_CR31","unstructured":"Oso Security Inc: Polar Language Reference (2022). https:\/\/docs.osohq.com\/rust\/reference\/polar.html"},{"key":"12_CR32","doi-asserted-by":"crossref","unstructured":"Ray, I., Alangot, B., Nair, S., et al.: Using attribute-based access control for remote healthcare monitoring. In: SDS 2017 (2017)","DOI":"10.1109\/SDS.2017.7939154"},{"key":"12_CR33","doi-asserted-by":"crossref","unstructured":"Sandhu, R., Bhamidipati, V., Munawer, Q.: The ARBAC97 Model for Role-based Administration of Roles. TISSEC 2(1) (1999)","DOI":"10.1145\/300830.300839"},{"key":"12_CR34","doi-asserted-by":"crossref","unstructured":"Sandhu, R.S., Coyne, E.J., Feinstein, H.L., et al.: Role-based access control models. IEEE Comput. 29(2), 38\u201347 (1996)","DOI":"10.1109\/2.485845"},{"key":"12_CR35","doi-asserted-by":"crossref","unstructured":"Schlegel, M.: Poster: Shielding AppSPEAR - enhancing memory safety for trusted application-level security policy enforcement. In: SACMAT 2021 (2021)","DOI":"10.1145\/3450569.3464396"},{"key":"12_CR36","doi-asserted-by":"crossref","unstructured":"Schlegel, M.: Trusted enforcement of application-specific security policies. In: SECRYPT 2021 (2021)","DOI":"10.5220\/0010579700002998"},{"key":"12_CR37","doi-asserted-by":"crossref","unstructured":"Schlegel, M., Amthor, P.: Beyond administration: a modeling scheme supporting the dynamic analysis of role-based access control policies. In: SECRYPT 2020 (2020)","DOI":"10.5220\/0009834304310442"},{"key":"12_CR38","doi-asserted-by":"crossref","unstructured":"Schlegel, M., Amthor, P.: The missing piece of the ABAC puzzle: a modeling scheme for dynamic analysis. In: SECRYPT 2021 (2021)","DOI":"10.5220\/0010556200002998"},{"key":"12_CR39","doi-asserted-by":"crossref","unstructured":"Schlegel, M., K\u00fchnhauser, W.: Exploiting hot spots in heuristic safety analysis of dynamic access control models. In: SECRYPT 2020 (2020)","DOI":"10.5220\/0009907705220532"},{"key":"12_CR40","doi-asserted-by":"crossref","unstructured":"Singh, M.P., Sural, S., Atluri, V., et al.: Security analysis of unified access control policies. In: SKM 2019 (2020)","DOI":"10.1007\/978-981-15-3817-9_8"},{"key":"12_CR41","doi-asserted-by":"crossref","unstructured":"Stoller, S.D., Yang, P., Gofman, M., et al.: Symbolic reachability analysis for parameterized administrative role based access control. In: SACMAT 2009 (2009)","DOI":"10.1145\/1542207.1542233"},{"key":"12_CR42","doi-asserted-by":"crossref","unstructured":"Tripunitara, M.V., Li, N.: A theory for comparing the expressive power of access control models. J. Comput. Secur. 15(2), 231\u2013272 (2007)","DOI":"10.3233\/JCS-2007-15202"},{"key":"12_CR43","doi-asserted-by":"crossref","unstructured":"Tripunitara, M.V., Li, N.: The Foundational Work of Harrison-Ruzzo-Ullman Revisited. TDSC 10(1), 28\u201339 (2013)","DOI":"10.1109\/TDSC.2012.77"},{"key":"12_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"225","DOI":"10.1007\/978-3-540-31970-2_18","volume-title":"Databases in Networked Information Systems","author":"S De Capitani di Vimercati","year":"2005","unstructured":"De Capitani di Vimercati, S., Samarati, P., Jajodia, S.: Policies, models, and languages for access control. In: Bhalla, S. (ed.) DNIS 2005. LNCS, vol. 3433, pp. 225\u2013237. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/978-3-540-31970-2_18"},{"key":"12_CR45","unstructured":"VMware Inc: Spring Security (2022). https:\/\/spring.io\/projects\/spring-security"},{"key":"12_CR46","doi-asserted-by":"crossref","unstructured":"Watson, R.N.M.: A decade of OS access-control extensibility. Queue 11(1) (2013)","DOI":"10.1145\/2428616.2430732"},{"key":"12_CR47","doi-asserted-by":"crossref","unstructured":"Xu, Z., Stoller, S.D.: Mining attribute-based access control policies. TDSC 12(5) (2015)","DOI":"10.1109\/TDSC.2014.2369048"}],"container-title":["Communications in Computer and Information Science","E-Business and Telecommunications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-36840-0_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,21]],"date-time":"2023-07-21T07:09:50Z","timestamp":1689923390000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-36840-0_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031368394","9783031368400"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-36840-0_12","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"value":"1865-0929","type":"print"},{"value":"1865-0937","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"22 July 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICETE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on E-Business and Telecommunications","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6 July 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 July 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icete2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.ice-business.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"PRIMORIS","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"197","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"17","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"9% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}