{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T22:51:29Z","timestamp":1742943089844,"version":"3.40.3"},"publisher-location":"Cham","reference-count":47,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031651717"},{"type":"electronic","value":"9783031651724"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-65172-4_3","type":"book-chapter","created":{"date-parts":[[2024,7,12]],"date-time":"2024-07-12T12:02:41Z","timestamp":1720785761000},"page":"44-52","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["IAM Meets CTI: Make Identity and\u00a0Access Management Ready for\u00a0Cyber Threat Intelligence"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-6239-1651","authenticated-orcid":false,"given":"Alexander","family":"Puchta","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0157-3057","authenticated-orcid":false,"given":"Thomas","family":"Baumer","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5562-1280","authenticated-orcid":false,"given":"Mathis","family":"M\u00fcller","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1338-9003","authenticated-orcid":false,"given":"G\u00fcnther","family":"Pernul","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,7,13]]},"reference":[{"doi-asserted-by":"crossref","unstructured":"Asghar, M.R., Backes, M., Simeonovski, M.: PRIMA: privacy-preserving identity and access management at internet-scale. In: 2018 IEEE International Conference on Communications (ICC), Kansas City, MO, USA, pp.\u00a01\u20136. IEEE (2018)","key":"3_CR1","DOI":"10.1109\/ICC.2018.8422732"},{"unstructured":"Basel Comittee on Banking Supervisions: Basel III: International framework for liquidity risk measurement, standards and monitoring (2010)","key":"3_CR2"},{"issue":"3","key":"3_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1541880.1541883","volume":"41","author":"C Batini","year":"2009","unstructured":"Batini, C., Cappiello, C., Francalanci, C., Maurino, A.: Methodologies for data quality assessment and improvement. ACM Comput. Surv. 41(3), 1\u201316 (2009)","journal-title":"ACM Comput. Surv."},{"key":"3_CR4","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-33173-5","volume-title":"Data quality: Concepts, Methodologies and Techniques","author":"C Batini","year":"2006","unstructured":"Batini, C., Scannapieco, M.: Data quality: Concepts, Methodologies and Techniques. Springer, New York (2006). https:\/\/doi.org\/10.1007\/3-540-33173-5"},{"key":"3_CR5","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-24106-7","volume-title":"Data and Information Quality: Dimensions, Principles and Techniques","author":"C Batini","year":"2016","unstructured":"Batini, C., Scannapieco, M.: Data and Information Quality: Dimensions, Principles and Techniques, 1st edn. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-24106-7","edition":"1"},{"key":"3_CR6","doi-asserted-by":"publisher","first-page":"86872","DOI":"10.1109\/ACCESS.2023.3304270","volume":"11","author":"T Baumer","year":"2023","unstructured":"Baumer, T., M\u00fcller, M., Pernul, G.: System for cross-domain identity management (SCIM): Survey and enhancement with RBAC. IEEE Access 11, 86872\u201386894 (2023)","journal-title":"IEEE Access"},{"issue":"6","key":"3_CR7","doi-asserted-by":"publisher","first-page":"1120","DOI":"10.1109\/TKDE.2011.37","volume":"24","author":"A Colantonio","year":"2012","unstructured":"Colantonio, A., Di Pietro, R., Ocello, A., Verde, N.: Visual role mining: a picture is worth a thousand roles. IEEE Trans. Knowl. Data Eng. 24(6), 1120\u20131133 (2012)","journal-title":"IEEE Trans. Knowl. Data Eng."},{"unstructured":"Diodati, M., Ruddy, M., Rabinovich, P., Mezzera, P.: Gartner - 2020 planning guide for identity and access management (2019)","key":"3_CR8"},{"issue":"5","key":"3_CR9","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1016\/S1361-3723(11)70051-3","volume":"2011","author":"C Everett","year":"2011","unstructured":"Everett, C.: Identity and access management: the second wave. Comput. Fraud Secur. 2011(5), 11\u201313 (2011)","journal-title":"Comput. Fraud Secur."},{"unstructured":"Fuchs, L., Kunz, M., Pernul, G.: Role model optimization for secure role-based identity management. In: European Conference on Information Systems (ECIS), Tel Aviv, Israel, pp. 1\u201315. AIS (2014)","key":"3_CR10"},{"doi-asserted-by":"publisher","unstructured":"Fuchs, L., Pernul, G.: Supporting compliant and secure user handling - a structured approach for in-house identity management. In: The Second International Conference on Availability, Reliability and Security (ARES\u201907), Vienna, Austria, pp. 374\u2013384. IEEE (2007). https:\/\/doi.org\/10.1109\/ARES.2007.145","key":"3_CR11","DOI":"10.1109\/ARES.2007.145"},{"key":"3_CR12","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-86586-3_1","volume-title":"Trust, Privacy and Security in Digital Business","author":"S Groll","year":"2021","unstructured":"Groll, S., Kern, S., Fuchs, L., Pernul, G.: Monitoring access reviews by crowd labelling. In: Fischer-H\u00fcbner, S., Lambrinoudakis, C., Kotsis, G., Tjoa, A.M., Khalil, I. (eds.) Trust, Privacy and Security in Digital Business, pp. 3\u201317. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-86586-3_1"},{"unstructured":"Heinrich, B., Kaiser, M., Klier, M.: How to measure data quality? a metric-based approach. In: Rivard, S., Webster, J. (eds.) Proceedings of the 28th International Conference on Information Systems (ICIS). Montreal, Queen\u2019s University, Montreal, pp. 1\u201315. AISeL (2007). https:\/\/epub.uni-regensburg.de\/23633\/","key":"3_CR13"},{"unstructured":"Ho, G., Sharma, A., Javed, M., Paxson, V., Wagner, D.: Detecting credential spearphishing attacks in enterprise settings. In: Proceedings of the 26th USENIX Conference on Security Symposium. SEC\u201917, USA, pp. 469\u2013485. USENIX Association (2017)","key":"3_CR14"},{"doi-asserted-by":"crossref","unstructured":"Hu, V., et al.: Guide to attribute based access control (ABAC) definition and considerations. Technical report, NIST (2014)","key":"3_CR15","DOI":"10.6028\/NIST.SP.800-162"},{"doi-asserted-by":"publisher","unstructured":"Hu, V., Ferraiolo, D.F., Kuhn, D.R., Kacker, R.N., Lei, Y.: Implementing and managing policy rules in attribute based access control. In: 2015 IEEE International Conference on Information Reuse and Integration, San Francisco, CA, USA, pp. 518\u2013525. IEEE (2015).https:\/\/doi.org\/10.1109\/IRI.2015.98","key":"3_CR16","DOI":"10.1109\/IRI.2015.98"},{"doi-asserted-by":"crossref","unstructured":"Hu, V., Scarfone, K.: Guidelines for access control system evaluation metrics. Technical report, NIST (2012)","key":"3_CR17","DOI":"10.6028\/NIST.IR.7874"},{"doi-asserted-by":"crossref","unstructured":"Hummer, M., Groll, S., Kunz, M., Fuchs, L., Pernul, G.: Measuring identity and access management performance - an expert survey on possible performance indicators. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy, Funchal, Madeira, Portugal, pp. 233\u2013240. SCITEPRESS - Science and Technology Publications (2018)","key":"3_CR18","DOI":"10.5220\/0006557702330240"},{"issue":"1","key":"3_CR19","first-page":"19","volume":"2016","author":"M Hummer","year":"2016","unstructured":"Hummer, M., Kunz, M., Netter, M., Fuchs, L., Pernul, G.: Adaptive identity and access management\u2013contextual data based policies. J. Inf. Secur. 2016(1), 19 (2016)","journal-title":"J. Inf. Secur."},{"unstructured":"Hutchins, E., Cloppert, M., Amin, R.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Technical report, Lockheed Martin (2011)","key":"3_CR20"},{"unstructured":"ISO 27001: Information technology - Security techniques - Information security management systems - Requirements. Standard, International Organization for Standardization (2013)","key":"3_CR21"},{"key":"3_CR22","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/978-3-031-37586-6_14","volume-title":"Data and Applications Security and Privacy XXXVII","author":"S Kern","year":"2023","unstructured":"Kern, S., Baumer, T., Fuchs, L., Pernul, G.: Maintain high-quality access control policies: an academic and practice-driven approach. In: Atluri, V., Ferrara, A.L. (eds.) Data and Applications Security and Privacy XXXVII, pp. 223\u2013242. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-37586-6_14"},{"key":"3_CR23","volume":"70","author":"S Kern","year":"2022","unstructured":"Kern, S., Baumer, T., Groll, S., Fuchs, L., Pernul, G.: Optimization of access control policies. J. Inf. Secur. Appl. 70, 103301 (2022)","journal-title":"J. Inf. Secur. Appl."},{"key":"3_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/978-3-319-26961-0_9","volume-title":"Information Systems Security","author":"M Kunz","year":"2015","unstructured":"Kunz, M., Fuchs, L., Hummer, M., Pernul, G.: Introducing dynamic identity and access management in organizations. In: Jajodia, S., Mazumdar, C. (eds.) ICISS 2015. LNCS, vol. 9478, pp. 139\u2013158. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-26961-0_9"},{"key":"3_CR25","first-page":"64","volume":"44","author":"M Kunz","year":"2019","unstructured":"Kunz, M., Puchta, A., Groll, S., Fuchs, L., Pernul, G.: Attribute quality management for dynamic identity and access management. J. Inf. Secur. Appl. 44, 64\u201379 (2019)","journal-title":"J. Inf. Secur. Appl."},{"doi-asserted-by":"crossref","unstructured":"Levy, Y., Ellis, T.: A systems approach to conduct an effective literature review in support of information systems research. Int. J. Emerg. Transdiscipl. 9 (2006)","key":"3_CR26","DOI":"10.28945\/479"},{"unstructured":"Maxim, M., Cser, A.: Forrester - Top trends shaping IAM in 2022 (2022)","key":"3_CR27"},{"unstructured":"Meier, S., Fuchs, L., Pernul, G.: Managing the access grid - a process view to minimize insider misuse risks. In: 11. Internationale Tagung Wirtschaftsinformatik, Leipzig, Germany, February 27 \u2013 March 1, 2013. p.\u00a066. AIS (2013). http:\/\/aisel.aisnet.org\/wi2013\/66","key":"3_CR28"},{"unstructured":"MITRE: CAPEC common attack pattern enumeration and classification (2023). https:\/\/capec.mitre.org\/index.html. Accessed 22 May 2023","key":"3_CR29"},{"unstructured":"MITRE: CWE common weakness enumeration (2023). https:\/\/cwe.mitre.org\/index.html. Accessed 22 May 2023","key":"3_CR30"},{"key":"3_CR31","volume-title":"Identity and Access Management: Business Performance Through Connected Intelligence","author":"E Osmanoglu","year":"2013","unstructured":"Osmanoglu, E.: Identity and Access Management: Business Performance Through Connected Intelligence. Newnes, Waltham (2013)"},{"issue":"6","key":"3_CR32","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3533703","volume":"55","author":"S Parkinson","year":"2022","unstructured":"Parkinson, S., Khan, S.: A survey on empirical security analysis of access-control systems: A real-world perspective. ACM Comput. Surv. 55(6), 1\u201328 (2022)","journal-title":"ACM Comput. Surv."},{"unstructured":"Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management (2010)","key":"3_CR33"},{"key":"3_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1007\/978-3-030-22479-0_12","volume-title":"Data and Applications Security and Privacy XXXIII","author":"A Puchta","year":"2019","unstructured":"Puchta, A., B\u00f6hm, F., Pernul, G.: Contributing to current challenges in identity and access management with visual analytics. In: Foley, S.N. (ed.) DBSec 2019. LNCS, vol. 11559, pp. 221\u2013239. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-22479-0_12"},{"doi-asserted-by":"crossref","unstructured":"Puchta, A., Groll, S., Pernul., G.: Leveraging dynamic information for identity and access management: an extension of current enterprise iam architecture. In: Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP, pp. 611\u2013618. INSTICC, SciTePress, Online Streaming (2021)","key":"3_CR35","DOI":"10.5220\/0010315706110618"},{"unstructured":"Reinwarth, M.: Access reviews done right. Technical report, Kuppingercole Analysts (2019). https:\/\/www.kuppingercole.com\/report\/lb80195","key":"3_CR36"},{"key":"3_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1007\/3-540-45608-2_3","volume-title":"Foundations of Security Analysis and Design","author":"P Samarati","year":"2001","unstructured":"Samarati, P., de Vimercati, S.C.: Access control: policies, models, and mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 137\u2013196. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45608-2_3"},{"doi-asserted-by":"crossref","unstructured":"Sandhu, R.: The authorization leap from rights to attributes: maturation or chaos? In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies. SACMAT \u201912, New York, NY, USA, pp. 69\u201370. Association for Computing Machinery (2012)","key":"3_CR38","DOI":"10.1145\/2295136.2295150"},{"issue":"2","key":"3_CR39","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"R Sandhu","year":"1996","unstructured":"Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. Computer 29(2), 38\u201347 (1996)","journal-title":"Computer"},{"issue":"4","key":"3_CR40","doi-asserted-by":"publisher","first-page":"2525","DOI":"10.1109\/COMST.2021.3117338","volume":"23","author":"D Schlette","year":"2021","unstructured":"Schlette, D., Caselli, M., Pernul, G.: A comparative study on cyber threat intelligence: the security incident response perspective. IEEE Commun. Surv. Tutor. 23(4), 2525\u20132556 (2021)","journal-title":"IEEE Commun. Surv. Tutor."},{"issue":"4","key":"3_CR41","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3007204","volume":"49","author":"D Servos","year":"2017","unstructured":"Servos, D., Osborn, S.: Current research and open problems in attribute-based access control. ACM Comput. Surv. 49(4), 1\u201365 (2017)","journal-title":"ACM Comput. Surv."},{"unstructured":"Small, M.: Kuppingercole report - advisory note - big data security, governance, stewardship (2018)","key":"3_CR42"},{"doi-asserted-by":"crossref","unstructured":"SOX: Sarbanes-Oxley Act of 2002, pl 107-204, 116 stat 745 (2002)","key":"3_CR43","DOI":"10.2307\/1342618"},{"unstructured":"Strom, B., Applebaum, A., Miller, D., Pennington, A., Thomas, C.: MITRE ATT &CK: Design and Philosophy. Framework, The MITRE Corporation, McLean, USA (2020)","key":"3_CR44"},{"unstructured":"Struse, R., Darley, T.: STIX Version 2.1. OASIS Standard, OASIS (2021)","key":"3_CR45"},{"doi-asserted-by":"crossref","unstructured":"Vijayalakshmi, K., Jayalakshmi, V.: Identifying considerable anomalies and conflicts in ABAC security policies. In: 2021 5th International Conference on Intelligent Computing and Control Systems (ICICCS), Madurai, India, pp. 1273\u20131280. IEEE (2021)","key":"3_CR46","DOI":"10.1109\/ICICCS51141.2021.9432162"},{"key":"3_CR47","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101589","volume":"87","author":"T Wagner","year":"2019","unstructured":"Wagner, T., Mahbub, K., Palomar, E., Abdallah, A.: Cyber threat intelligence sharing: survey and research directions. Comput. Secur. 87, 101589 (2019)","journal-title":"Comput. Secur."}],"container-title":["Lecture Notes in Computer Science","Data and Applications Security and Privacy XXXVIII"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-65172-4_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,12]],"date-time":"2024-07-12T12:03:29Z","timestamp":1720785809000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-65172-4_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031651717","9783031651724"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-65172-4_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"13 July 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DBSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP Annual Conference on Data and Applications Security and Privacy","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"San Jose, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 July 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 July 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"38","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dbsec2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.dbsec2024.unimol.it\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}