{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,15]],"date-time":"2025-11-15T10:18:33Z","timestamp":1763201913410,"version":"3.41.0"},"publisher-location":"Cham","reference-count":48,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319240176"},{"type":"electronic","value":"9783319240183"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-24018-3_9","type":"book-chapter","created":{"date-parts":[[2015,8,21]],"date-time":"2015-08-21T11:32:50Z","timestamp":1440156770000},"page":"137-152","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["Automatic Top-Down Role Engineering Framework Using Natural Language Processing Techniques"],"prefix":"10.1007","author":[{"given":"Masoud","family":"Narouei","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hassan","family":"Takabi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,10,24]]},"reference":[{"key":"9_CR1","unstructured":"Ammar, W., Wilson, S., Sadeh, N., Smith, N.: Automatic Categorization of Privacy Policies: A Pilot Study. School of Computer Science, Language Technology Institute, Technical Report CMU-LTI-12-019, December 2012"},{"key":"9_CR2","unstructured":"Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise Privacy Architecture Language (EPAL 1.2) (2003). http:\/\/www.w3.org\/Submission\/EPAL\/"},{"key":"9_CR3","doi-asserted-by":"crossref","unstructured":"Baumgrass, A., Strembeck, M., Ma, S.R.: Deriving role engineering artifacts from business processes and scenario models. In: Proceeding of ACM SACMAT 2011, June 15\u201317, Innsbruck, Austria, pp. 11\u201320 (2011)","DOI":"10.1145\/1998441.1998445"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Beckerle, M., Martucci, L.A.: Formal definitions for usable access control rule sets from goals to metrics. In: Proceedings of the Ninth Symposium on Usable Privacy and Security (SOUPS), pp. 2:1\u20132:11. ACM (2013)","DOI":"10.1145\/2501604.2501606"},{"key":"9_CR5","doi-asserted-by":"crossref","unstructured":"Breaux, T.D., Ant\u00f3n, A.I.: Deriving semantic models from privacy policies. In: 6th IEEE International Workshop on Policies for Distributed Systems & Networks, pp. 67\u201376 (2005)","DOI":"10.1109\/POLICY.2005.12"},{"key":"9_CR6","doi-asserted-by":"crossref","unstructured":"Breaux, T.D., Ant\u00f3n, A.I.: Analyzing goal semantics for rights, permissions and obligations. In: Proc. IEEE 13th International Requirements Engineering Conference (RE 2005), Paris, France, pp. 177\u2013186, August 2005","DOI":"10.1109\/RE.2005.12"},{"issue":"1","key":"9_CR7","first-page":"5","volume":"34","author":"TD Breaux","year":"2008","unstructured":"Breaux, T.D., Ant\u00f3n, A.I.: Analyzing regulatory rules for privacy and security requirements. IEEE Transactions on Software Engineering, Special Issue on Software Engineering for Secure Systems (IEEE TSE) 34(1), 5\u201320 (2008)","journal-title":"IEEE Transactions on Software Engineering, Special Issue on Software Engineering for Secure Systems (IEEE TSE)"},{"key":"9_CR8","doi-asserted-by":"crossref","unstructured":"Breaux, T.D., Ant\u00f3n, A.I., Doyle, J.: Semantic parameterization: a process for modeling domain descriptions. ACM Transactions on Software Engineering Methodology (ACM TOSEM) 18(2), Article 5 (2008)","DOI":"10.1145\/1416563.1416565"},{"key":"9_CR9","unstructured":"Breaux, T.D.: Legal Requirements Acquisition for the Specification of Legally Compliant Information Systems. Ph.D. Thesis, North Carolina State University, April 2009"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"Brodie, C.A., Karat, C.-M., Karat, J., Feng, J.: Usable security and privacy: a case study of developing privacy management tools. In: Proc. SOUPS 2005 (2005)","DOI":"10.1145\/1073001.1073005"},{"key":"9_CR11","doi-asserted-by":"crossref","unstructured":"Brodie, C.A., Karat, C.-M., Karat, J.: An empirical study of natural language parsing of privacy policy rules using the SPARCLE policy workbench. In: Proc. SOUPS 2006, pp. 8\u201319 (2006)","DOI":"10.1145\/1143120.1143123"},{"key":"9_CR12","doi-asserted-by":"crossref","unstructured":"Charniak, E., Elsner, M.: EM works for pronoun anaphora resolution. In: Proceedings of the European Chapter of the ACL (2009)","DOI":"10.3115\/1609067.1609083"},{"key":"9_CR13","unstructured":"Collobert, R., Weston, J., Bottou, L., Karlen, M., Kavukcuoglu, K., Kuksa, P.: Natural Language Processing (Almost) from Scratch. Journal of Machine Learning Research (JMLR) (2011)"},{"key":"9_CR14","unstructured":"Federal information security management act of 2002. Title III of the E-Government Act of 2002 (Public Law 107-347) (2002)"},{"key":"9_CR15","doi-asserted-by":"crossref","unstructured":"Fernandez, E.B., Hawkins, J.C.: Determining role rights from use cases. In: Proc. ACM Workshop on Role-Based Access Control 1997, pp. 121\u2013125 (1997)","DOI":"10.1145\/266741.266767"},{"key":"9_CR16","unstructured":"Fontaine, P.J.: Goal-Oriented Elaboration of Security Requirements. Universit\u00e9 catholique de Louvain (2001)"},{"key":"9_CR17","doi-asserted-by":"crossref","unstructured":"Frank, M., Basin, D., Buhmann, J.M.: A class of probabilistic models for role engineering. In: Proc. 15th ACM Conference on Computer and Communications Security (CCS) 2008, pp. 299\u2013310 (2008)","DOI":"10.1145\/1455770.1455809"},{"key":"9_CR18","doi-asserted-by":"crossref","unstructured":"Frank, M., Buhmann, J.M., Basin, D.A.: Role mining with probabilistic models. ACM Transactions on Information and System Security 15(4), 1\u201328 (2013)","DOI":"10.1145\/2445566.2445567"},{"key":"9_CR19","unstructured":"Gallagher, M.P., O\u2019Connor, A.C., Kropp, B.: The economic impact of role-based access control. Planning report 02-1, National Institute of Standards and Technology (2002)"},{"key":"9_CR20","unstructured":"Gesmundo, A., Samard\u017ei\u0107, T.: Lemmatisation as a tagging task. In: Proc. ACL 2012, pp. 368\u2013372 (2012)"},{"issue":"3","key":"9_CR21","doi-asserted-by":"publisher","first-page":"245","DOI":"10.1162\/089120102760275983","volume":"28","author":"D Gildea","year":"2002","unstructured":"Gildea, D., Jurafsky, D.: Automatic Labeling of Semantic Roles. Computational Linguistics 28(3), 245\u2013288 (2002)","journal-title":"Computational Linguistics"},{"issue":"6","key":"9_CR22","doi-asserted-by":"publisher","first-page":"993","DOI":"10.1016\/j.infsof.2008.11.005","volume":"51","author":"Q He","year":"2009","unstructured":"He, Q., Ant\u00f3n, A.I.: Requirements-based Access Control Analysis and Policy Specification (ReCAPS). Information and Software Technology 51(6), 993\u20131009 (2009)","journal-title":"Information and Software Technology"},{"key":"9_CR23","unstructured":"Hernandez, M.H., Laredo, J.A., Mandala, S., Ruan, Y., Sreedhar, V.C., Vukovic, M.: System and Method for Hybrid Role Mining, May 2, 2013. http:\/\/www.google.com\/patents\/US20130111583 . US Patent App. 13\/283,371"},{"key":"9_CR24","unstructured":"Hu, V.C., Ferraiolo, D., Kuhn, R., Friedman, A.R., Lang, A.J., Cogdell, M.M., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to attribute based access control (abac) definition and considerations (final draft). NIST Special Publication 800-162, National Institute of Standards and Technology, September 2013. http:\/\/csrc.nist.gov\/publications\/drafts\/800-162\/sp800_162_draft.pdf"},{"key":"9_CR25","doi-asserted-by":"crossref","unstructured":"Inglesant, P., Sasse, M.A., Chadwick, D., Shi, L.L.: Expressions of expertness: the virtuous circle of natural language for access control policy specification. In: Proc. SOUPS 2008, pp. 77\u201388 (2008)","DOI":"10.1145\/1408664.1408675"},{"key":"9_CR26","unstructured":"Jurafsky, D., Martin, J.: Speech and Language Processing: An Introduction to Natural Language Processing, Computational Linguistics, and Speech Recognition. Pearson (2009)"},{"key":"9_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"671","DOI":"10.1007\/11555261_54","volume-title":"Human-Computer Interaction - INTERACT 2005","author":"J Karat","year":"2005","unstructured":"Karat, J., Karat, C.-M., Brodie, C., Feng, J.: Designing natural language and structured entry methods for privacy policy authoring. In: Costabile, M.F., Patern\u00f3, F. (eds.) INTERACT 2005. LNCS, vol. 3585, pp. 671\u2013684. Springer, Heidelberg (2005)"},{"key":"9_CR28","doi-asserted-by":"crossref","unstructured":"Kennedy, C., Boguraev, B.: Anaphora for everyone: pronominal anaphora resoluation without a parser. In: Proc. Coling 1996, pp. 113\u2013118 (1996)","DOI":"10.3115\/992628.992651"},{"key":"9_CR29","unstructured":"Language-Independent Named Entity Recognition (2003). http:\/\/www.cnts.ua.ac.be\/conll2003\/ner"},{"key":"9_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"171","DOI":"10.1007\/978-3-642-19400-9_14","volume-title":"Computational Linguistics and Intelligent Text Processing","author":"CD Manning","year":"2011","unstructured":"Manning, C.D.: Part-of-speech tagging from 97% to 100%: is it time for some linguistics? In: Gelbukh, A.F. (ed.) CICLing 2011, Part I. LNCS, vol. 6608, pp. 171\u2013189. Springer, Heidelberg (2011)"},{"key":"9_CR31","doi-asserted-by":"crossref","unstructured":"Manning, C.D., Surdeanu, M., Bauer, J., Finkel, J., Bethard, S.J., McClosky, D.: The stanford CoreNLP natural language processing toolkit. In: Proceedings of 52nd Annual Meeting of the Association for Computational Linguistics: System Demonstrations, pp. 55\u201360 (2014)","DOI":"10.3115\/v1\/P14-5010"},{"key":"9_CR32","unstructured":"Meneely, A., Smith, B., Williams, L.: iTrust electronic health care system: a case study. In: Software System Traceability (2011)"},{"key":"9_CR33","unstructured":"Minimum security requirements for federal information and information systems. Technical report, National Institute of Standards, March 2006. FIPS Pub 200"},{"key":"9_CR34","doi-asserted-by":"crossref","unstructured":"Molloy, I., Chen, H., Li, T., Wang, Q., Li, N., Bertino, E., Calo, S., Lobo, J.: Mining Roles with Multiple Objectives. ACM Transactions on Information and System Security 13(4), Article 36 (2010)","DOI":"10.1145\/1880022.1880030"},{"issue":"3\u20134","key":"9_CR35","first-page":"2004","volume":"10","author":"MS Neff","year":"2004","unstructured":"Neff, M.S., Byrd, R.J., Boguraev, B.K.: The Talent System: TEXTRACT Architecture and Data Model. Nat. Lang. Eng. 10(3\u20134), 2004 (2004)","journal-title":"Nat. Lang. Eng."},{"key":"9_CR36","unstructured":"OASIS. Privacy Policy Profile of XACML v3.0. (2010). http:\/\/docs.oasis-open.org\/xacml\/3.0\/xacml-3.0-privacy-v1-spec-cs-01-en.pdf"},{"issue":"1","key":"9_CR37","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1162\/0891201053630264","volume":"31","author":"M Palmer","year":"2005","unstructured":"Palmer, M., Gildea, D., Kingsbury, P.: The proposition bank: An annotated corpus of semantic roles. Comput. Linguist. 31(1), 71\u2013106 (2005). ISSN: 0891-2017","journal-title":"Comput. Linguist."},{"key":"9_CR38","doi-asserted-by":"crossref","unstructured":"Piskorski, J., Yangarber, R.: Information extraction: past, present, and future. In: Poibeau, T. (ed.) Multi-source, Multilingual Information Extraction and Summarization, pp. 23\u201350. Springer, Heidelberg (2013)","DOI":"10.1007\/978-3-642-28569-1_2"},{"key":"9_CR39","doi-asserted-by":"crossref","unstructured":"Roeckle, H., Schimpf, G., Weidinger, R.: Process-oriented approach for role-finding to implement role-based security administration in a large industrial organization. In: Proceedings of the Fifth ACM Workshop on Role-Based Access Control, RBAC 2000, pp. 103\u2013110. ACM, New York (2000)","DOI":"10.1145\/344287.344308"},{"key":"9_CR40","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1016\/j.jss.2013.08.036","volume":"88","author":"VVBR Sagar","year":"2014","unstructured":"Sagar, V.V.B.R., Abirami, S.: Conceptual modeling of natural language functional requirements. Journal of Systems and Software 88, 25\u201341 (2014)","journal-title":"Journal of Systems and Software"},{"issue":"2","key":"9_CR41","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"R Sandhu","year":"1996","unstructured":"Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. IEEE Computer 29(2), 38\u201347 (1996)","journal-title":"IEEE Computer"},{"key":"9_CR42","unstructured":"Schwitter, R.: Controlled natural languages for knowledge representation. In: Proc. CICLing 2010, pp. 1113\u20131121 (2010)"},{"key":"9_CR43","doi-asserted-by":"crossref","unstructured":"Sinha, A., Sutton Jr., S.M., Paradkar, A.: Text2test: automated inspection of natural language use cases. In: Proc. ICST, pp. 155\u2013164 (2010)","DOI":"10.1109\/ICST.2010.19"},{"key":"9_CR44","doi-asserted-by":"crossref","unstructured":"Slankas, J., Xiao, X., Williams, L., Xie, T.: Relation extraction for inferring access control rules from natural language artifacts. In: Proceedings of the of 2014 Annual Computer Security Applications Conference (ACSAC 2014), New Orleans, LA (2014)","DOI":"10.1145\/2664243.2664280"},{"key":"9_CR45","unstructured":"Socher, R., Bauer, J., Manning, C.D., Ng, A.Y.: Parsing with compositional vector grammars. In: Proc. ACL 2013 (2013)"},{"key":"9_CR46","doi-asserted-by":"crossref","unstructured":"Tan, L., Yuan, D., Krishna, G., Zhou, Y.: 21st SOSP 2007, pp. 145\u2013158 (2007)","DOI":"10.1145\/1323293.1294276"},{"key":"9_CR47","unstructured":"Terms of Service, Didn\u2019t Read project. http:\/\/tosdr.org\/"},{"key":"9_CR48","doi-asserted-by":"crossref","unstructured":"Xiao, X., Paradkar, A., Thummalapenta, S., Xie, T.: Automated extraction of security policies from natural-language software documents. In: Proc. 20th FSE, November 2012","DOI":"10.1145\/2393596.2393608"}],"container-title":["Lecture Notes in Computer Science","Information Security Theory and Practice"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-24018-3_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,30]],"date-time":"2025-05-30T03:28:24Z","timestamp":1748575704000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-24018-3_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319240176","9783319240183"],"references-count":48,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-24018-3_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"24 October 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}