{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,12]],"date-time":"2026-03-12T15:52:26Z","timestamp":1773330746476,"version":"3.50.1"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319248578","type":"print"},{"value":"9783319248585","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-24858-5_4","type":"book-chapter","created":{"date-parts":[[2015,9,19]],"date-time":"2015-09-19T13:09:52Z","timestamp":1442668192000},"page":"55-71","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["A Declarative Framework for Specifying and\u00a0Enforcing Purpose-Aware Policies"],"prefix":"10.1007","author":[{"given":"Riccardo","family":"De Masellis","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chiara","family":"Ghidini","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Silvio","family":"Ranise","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,12,9]]},"reference":[{"key":"4_CR1","unstructured":"Directive 95\/46\/ec of the european parliament and of the council of 24 october 1995. http:\/\/eur-lex.europa.eu\/LexUriServ\/LexUriServ.do?uri=CELEX:31995L0046:en:HTML"},{"issue":"2","key":"4_CR2","first-page":"99","volume":"23","author":"WMP Aalst van der","year":"2009","unstructured":"van der Aalst, W.M.P., Pesic, M., Schonenberg, H.: Declarative workflows: balancing between flexibility and support. CS - R&D 23(2), 99\u2013113 (2009)","journal-title":"CS - R&D"},{"issue":"4","key":"4_CR3","first-page":"17","volume":"16","author":"K Arkoudas","year":"2014","unstructured":"Arkoudas, K., Chadha, R., Chiang, C.J.: Sophisticated access control via SMT and logical frameworks. Proc. ACM TISSEC 16(4), 17 (2014)","journal-title":"Proc. ACM TISSEC"},{"key":"4_CR4","doi-asserted-by":"crossref","unstructured":"Barth, A., Datta, A., Mitchell, J.C., Sundaram, S.: Privacy and utility in business processes. In: Proceedings of 20th IEEE Computer Security Foundations Symposium, July 2007","DOI":"10.1109\/CSF.2007.26"},{"key":"4_CR5","doi-asserted-by":"crossref","unstructured":"Basin, D., Klaedtke, F., M\u00fcller, S.: Monitoring security policies with metric first-order temporal logic. In: Proceedings of ACM SACMAT, pp. 23\u201334. ACM, New York, USA (2010)","DOI":"10.1145\/1809842.1809849"},{"issue":"3","key":"4_CR6","doi-asserted-by":"publisher","first-page":"13:1","DOI":"10.1145\/2382448.2382451","volume":"15","author":"D Basin","year":"2012","unstructured":"Basin, D., Burri, S.J., Karjoth, G.: Dynamic enforcement of abstract separation of duty constraints. ACM TISSeC 15(3), 13:1\u201313:30 (2012)","journal-title":"ACM TISSeC"},{"key":"4_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1007\/978-3-642-40787-1_4","volume-title":"Runtime Verification","author":"A Bauer","year":"2013","unstructured":"Bauer, A., K\u00fcster, J.-C., Vegliach, G.: From propositional to first-order monitoring. In: Legay, A., Bensalem, S. (eds.) RV 2013. LNCS, vol. 8174, pp. 59\u201375. Springer, Heidelberg (2013)"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"Bertolissi, C., dos Santos, D.R., Ranise, S.: Automated synthesis of run-time monitors to enforce authorization policies in business processes. In: Asia CCS. ACM (2015)","DOI":"10.1145\/2714576.2714633"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Byun, J.W., Bertino, E., Li, N.: Purpose based access control of complex data for privacy protection. In: Proceedings of the ACM SACMAT, pp. 102\u2013110. ACM (2005)","DOI":"10.1145\/1063979.1063998"},{"issue":"4","key":"4_CR10","doi-asserted-by":"publisher","first-page":"603","DOI":"10.1007\/s00778-006-0023-0","volume":"17","author":"J Byun","year":"2008","unstructured":"Byun, J., Li, N.: Purpose based access control for privacy protection in relational database systems. VLDB J. 17(4), 603\u2013619 (2008)","journal-title":"VLDB J."},{"issue":"4","key":"4_CR11","doi-asserted-by":"publisher","first-page":"369","DOI":"10.3233\/JCS-2008-0328","volume":"16","author":"CA Ardagna","year":"2008","unstructured":"Ardagna, C.A., Cremonini, M., De Capitani di Vimercati, S., Samarati, P.: A privacy-aware access control system. J. Comput. Secur. (JCS) 16(4), 369\u2013392 (2008)","journal-title":"J. Comput. Secur. (JCS)"},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Crampton, J.: A reference monitor for workflow systems with constrained task execution. In: Proceedings of ACM SACMAT, pp. 38\u201347. ACM (2005)","DOI":"10.1145\/1063979.1063986"},{"issue":"1","key":"4_CR13","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/s10009-012-0269-3","volume":"16","author":"J Crampton","year":"2014","unstructured":"Crampton, J., Huth, M., Kuo, J.P.: Authorized workflow schemas: deciding realizability through $${\\sf LTL(F)}$$ model checking. Int. J. Soft. Tools Technol. Transf. (STTT) 16(1), 31\u201348 (2014)","journal-title":"Int. J. Soft. Tools Technol. Transf. (STTT)"},{"issue":"2","key":"4_CR14","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1504\/IJCSE.2007.015739","volume":"3","author":"S Capitani di Vimercati De","year":"2007","unstructured":"De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Samarati, P.: Access control policies and languages. IJCSE 3(2), 94\u2013102 (2007)","journal-title":"IJCSE"},{"key":"4_CR15","series-title":"Lecture Notes in Computer Science","first-page":"1","volume-title":"Business Process Management","author":"G Giacomo De","year":"2014","unstructured":"De Giacomo, G., De Masellis, R., Grasso, M., Maggi, F.M., Montali, M.: Monitoring business metaconstraints based on LTL and LDL for finite traces. In: Sadiq, S., Soffer, P., V\u00f6lzer, H. (eds.) BPM 2014. LNCS, vol. 8659, pp. 1\u201317. Springer, Heidelberg (2014)"},{"key":"4_CR16","doi-asserted-by":"crossref","unstructured":"De Giacomo, G., De Masellis, R., Montali, M.: Reasoning on LTL on finite traces: Insensitivity to infiniteness. In: Proceedings of AAAI Conference on AI, pp. 1027\u20131033 (2014)","DOI":"10.1609\/aaai.v28i1.8872"},{"key":"4_CR17","unstructured":"De Masellis, R., Ghidini, C., Ranise, S.: A declarative framework for specifying and enforcing purpose-aware policies (2015). arxiv.org\/abs\/1507.08153"},{"key":"4_CR18","doi-asserted-by":"crossref","unstructured":"De Masellis, R., Maggi, F.M., Montali, M.: Monitoring data-aware business constraints with finite state automata. In: Proceedings of ICSSP, pp. 134\u2013143 (2014)","DOI":"10.1145\/2600821.2600835"},{"key":"4_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1007\/978-3-642-45005-1_5","volume-title":"Service-Oriented Computing","author":"R Masellis De","year":"2013","unstructured":"De Masellis, R., Su, J.: Runtime enforcement of first-order LTL properties on data-aware business processes. In: Basu, S., Pautasso, C., Zhang, L., Fu, X. (eds.) ICSOC 2013. LNCS, vol. 8274, pp. 54\u201368. Springer, Heidelberg (2013)"},{"key":"4_CR20","doi-asserted-by":"crossref","unstructured":"Jafari, M., Safavi-Naini, R., Sheppard, N.P.: Enforcing purpose of use via workflows. In: Proceedings of WPES, pp. 113\u2013116 (2009)","DOI":"10.1145\/1655188.1655206"},{"issue":"1","key":"4_CR21","doi-asserted-by":"publisher","first-page":"3:1","DOI":"10.1145\/2629689","volume":"17","author":"M Jafari","year":"2014","unstructured":"Jafari, M., Safavi-Naini, R., Fong, P.W.L., Barker, K.: A framework for expressing and enforcing purpose-based privacy policies. ACM Trans. Inf. Syst. Secur. 17(1), 3:1\u20133:31 (2014)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"4_CR22","series-title":"Texts in Theoretical Computer Science. An EATCS Series","volume-title":"Temporal Logic and State Systems","author":"F Kr\u00f6ger","year":"2008","unstructured":"Kr\u00f6ger, F., Merz, S.: Temporal Logic and State Systems. Texts in Theoretical Computer Science. An EATCS Series. Springer, Heidelberg (2008)"},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Li, N., Mitchell, J.C.: Datalog with constraints: a foundation for trust management languages. In: PADL 2003, pp. 58\u201373 (2003)","DOI":"10.1007\/3-540-36388-2_6"},{"key":"4_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"132","DOI":"10.1007\/978-3-642-23059-2_13","volume-title":"Business Process Management","author":"FM Maggi","year":"2011","unstructured":"Maggi, F.M., Montali, M., Westergaard, M., van der Aalst, W.M.P.: Monitoring business constraints with linear temporal logic: an approach based on colored automata. In: Rinderle-Ma, S., Toumani, F., Wolf, K. (eds.) BPM 2011. LNCS, vol. 6896, pp. 132\u2013147. Springer, Heidelberg (2011)"},{"key":"4_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1104","DOI":"10.1007\/978-3-540-88873-4_12","volume-title":"On the Move to Meaningful Internet Systems: OTM 2008","author":"A Masoumzadeh","year":"2008","unstructured":"Masoumzadeh, A., Joshi, J.B.D.: PuRBAC: purpose-aware role-based access control. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1104\u20131121. Springer, Heidelberg (2008)"},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Mossakowski, T., Drouineaud, M., Sohr, K.: A temporal-logic extension of role-based access control covering dynamic separation of duties. In: Proceedings of TIME-ICTL, pp. 83\u201390 (2003)","DOI":"10.1109\/TIME.2003.1214883"},{"key":"4_CR27","unstructured":"P. Yang, X. Xie, I.R., Lu, S.: Satisfiability analysis of workflows with control-flow patterns and authorization constraints. IEEE TSC 99 (2013)"},{"key":"4_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1007\/978-3-642-23556-6_10","volume-title":"Secure Data Management","author":"M Petkovi\u0107","year":"2011","unstructured":"Petkovi\u0107, M., Prandi, D., Zannone, N.: Purpose control: did you process the data for the intended purpose? In: Jonker, W., Petkovi\u0107, M. (eds.) SDM 2011. LNCS, vol. 6933, pp. 145\u2013168. Springer, Heidelberg (2011)"},{"key":"4_CR29","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1145\/1151030.1151053","volume":"49","author":"A Pretschner","year":"2006","unstructured":"Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Comm. ACM 49, 39\u201344 (2006)","journal-title":"Comm. ACM"},{"key":"4_CR30","first-page":"1","volume":"13","author":"N Qun","year":"2010","unstructured":"Qun, N., Elisa, B., Jorge, L., Carolyn, B., Karat, C.M., Alberto, T.: Privacy-aware role-based access control. TISSeC 13, 1\u201331 (2010)","journal-title":"TISSeC"},{"key":"4_CR31","doi-asserted-by":"crossref","unstructured":"Rath, A.T., Colin, J.N.: Modeling and expressing purpose validation policy for privacy-aware usage control in distributed environment. In: Proceedings of ICUIMC, pp. 14:1\u201314:8. ACM (2014)","DOI":"10.1145\/2557977.2557991"},{"key":"4_CR32","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1145\/353323.353382","volume":"3","author":"FB Schneider","year":"2000","unstructured":"Schneider, F.B.: Enforceable security policies. TISSeC 3, 30\u201350 (2000)","journal-title":"TISSeC"},{"key":"4_CR33","doi-asserted-by":"crossref","unstructured":"Tschantz, M.C., Datta, A., Wing, J.M.: Formalizing and enforcing purpose restrictions in privacy policies. In: IEEE Symposium on Security and Privacy, pp. 176\u2013190 (2012)","DOI":"10.1109\/SP.2012.21"},{"key":"4_CR34","first-page":"40:1","volume":"13","author":"Q Wang","year":"2010","unstructured":"Wang, Q., Li, N.: Satisfiability and resiliency in workflow authorization systems. TISSeC 13, 40:1\u201340:35 (2010)","journal-title":"TISSeC"},{"key":"4_CR35","unstructured":"Westergaard, M., Maggi, F.M.: Declare: A tool suite for declarative workflow modeling and enactment. In: Proceedings of BPM (2011)"},{"key":"4_CR36","volume-title":"Privacy and Freedom","author":"A Westin","year":"1968","unstructured":"Westin, A.: Privacy and Freedom. Atheneum, New York (1968)"}],"container-title":["Lecture Notes in Computer Science","Security and Trust Management"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-24858-5_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,30]],"date-time":"2025-05-30T18:33:12Z","timestamp":1748629992000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-24858-5_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319248578","9783319248585"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-24858-5_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"9 December 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}