{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T07:46:34Z","timestamp":1742975194034,"version":"3.40.3"},"publisher-location":"Cham","reference-count":39,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319302218"},{"type":"electronic","value":"9783319302225"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-30222-5_13","type":"book-chapter","created":{"date-parts":[[2016,3,1]],"date-time":"2016-03-01T03:45:11Z","timestamp":1456803911000},"page":"270-292","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["The Entity Labeling Pattern for Modeling Operating Systems Access Control"],"prefix":"10.1007","author":[{"given":"Peter","family":"Amthor","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,3,1]]},"reference":[{"key":"13_CR1","unstructured":"Amthor, P., K\u00fchnhauser, W.: An information flow view on privacy in social networks. ACM Trans. Internet Technol., 0: 1\u20130: 17 (2015). (under review)"},{"key":"13_CR2","doi-asserted-by":"crossref","unstructured":"Amthor, P., K\u00fchnhauser, W.E., P\u00f6lck, A.: Model-based safety analysis of SELinux security policies. In: Samarati, P., Foresti, S., Hu, J., Livraga, G. (eds.) Proceedings of 5th International Conference on Network and System Security, pp. 208\u2013215. IEEE (2011)","DOI":"10.1109\/ICNSS.2011.6060002"},{"key":"13_CR3","unstructured":"Amthor, P., K\u00fchnhauser, W.E., P\u00f6lck, A.: Heuristic safety analysis of access control models. In: Proceedings of the 18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013, pp. 137\u2013148. ACM, New York (2013). \n                    http:\/\/doi.acm.org\/10.1145\/2462410.2462413"},{"key":"13_CR4","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1016\/j.cose.2014.01.002","volume":"42","author":"P Amthor","year":"2014","unstructured":"Amthor, P., K\u00fchnhauser, W.E., P\u00f6lck, A.: WorSE: a workbench for model-based security engineering. Comput. Secur. 42, 40\u201355 (2014). \n                    http:\/\/www.sciencedirect.com\/science\/article\/pii\/S0167404814000066","journal-title":"Comput. Secur."},{"key":"13_CR5","doi-asserted-by":"crossref","unstructured":"Barker, S.: The next 700 access control models or a unifying meta-model? In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT 2009, pp. 187\u2013196. ACM, New York (2009)","DOI":"10.1145\/1542207.1542238"},{"key":"13_CR6","doi-asserted-by":"crossref","unstructured":"Bell, D., LaPadula, L.: Secure Computer System: Unified Exposition and Multics Interpretation. Technical report AD-A023 588, MITRE, March 1976","DOI":"10.21236\/ADA023588"},{"key":"13_CR7","unstructured":"Bugiel, S., Heuser, S., Sadeghi, A.R.: Flexible and fine-grained mandatory access control on android for diverse security and privacy policies. In: 22nd USENIX Security Symposium (USENIX Security 2013), USENIX, August 2013"},{"issue":"5","key":"13_CR8","doi-asserted-by":"publisher","first-page":"1426","DOI":"10.1109\/TIFS.2012.2204249","volume":"7","author":"M Conti","year":"2012","unstructured":"Conti, M., Crispo, B., Fernandes, E., Zhauniarovich, Y.: Cr\u00eape: a system for enforcing fine-grained context-related policies on android. IEEE Trans. Inf. Forensics Secur. 7(5), 1426\u20131438 (2012)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"13_CR9","unstructured":"Faden, G.: Multilevel filesystems in solaris trusted extensions. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, SACMAT 2007, pp. 121\u2013126. ACM, New York (2007). \n                    http:\/\/doi.acm.org\/10.1145\/1266840.1266859"},{"issue":"4","key":"13_CR10","doi-asserted-by":"publisher","first-page":"412","DOI":"10.1016\/j.sysarc.2010.04.005","volume":"57","author":"D Ferraiolo","year":"2011","unstructured":"Ferraiolo, D., Atluri, V., Gavrila, S.: The policy machine: a novel architecture and framework for access control policy specification and enforcement. J. Syst. Archit. EUROMICRO J. 57(4), 412\u2013424 (2011)","journal-title":"J. Syst. Archit. EUROMICRO J."},{"key":"13_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"432","DOI":"10.1007\/978-3-642-36742-7_30","volume-title":"Tools and Algorithms for the Construction and Analysis of Systems","author":"AL Ferrara","year":"2013","unstructured":"Ferrara, A.L., Madhusudan, P., Parlato, G.: Policy analysis for self-administrated role-based access control. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013 (ETAPS 2013). LNCS, vol. 7795, pp. 432\u2013447. Springer, Heidelberg (2013)"},{"key":"13_CR12","unstructured":"Fong, P.W., Siahaan, I.: Relationship-based access control policies and their policy languages. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, SACMAT 2011, pp. 51\u201360. ACM, New York (2011). \n                    http:\/\/doi.acm.org\/10.1145\/1998441.1998450"},{"key":"13_CR13","volume-title":"Windows Vista Security: Securing Vista Against Malicious Attacks","author":"RA Grimes","year":"2007","unstructured":"Grimes, R.A., Johansson, J.M.: Windows Vista Security: Securing Vista Against Malicious Attacks. John Wiley & Sons Inc, New York (2007)"},{"issue":"8","key":"13_CR14","doi-asserted-by":"publisher","first-page":"461","DOI":"10.1145\/360303.360333","volume":"19","author":"MA Harrison","year":"1976","unstructured":"Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. Commun. ACM 19(8), 461\u2013471 (1976). \n                    http:\/\/doi.acm.org\/10.1145\/360303.360333","journal-title":"Commun. ACM"},{"key":"13_CR15","unstructured":"Kafura, D., Gracanin, D.: An information flow control meta-model. In: Proceedings of the 18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013, pp. 101\u2013112. ACM, New York (2013). \n                    http:\/\/doi.acm.org\/10.1145\/2462410.2462414"},{"issue":"6","key":"13_CR16","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1109\/MC.2010.155","volume":"43","author":"D Kuhn","year":"2010","unstructured":"Kuhn, D., Coyne, E., Weil, T.: Adding attributes to role-based access control. IEEE Comput. 43(6), 79\u201381 (2010)","journal-title":"IEEE Comput."},{"key":"13_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1007\/978-3-642-25560-1_27","volume-title":"Information Systems Security","author":"WE K\u00fchnhauser","year":"2011","unstructured":"K\u00fchnhauser, W.E., P\u00f6lck, A.: Towards access control model engineering. In: Jajodia, S., Mazumdar, C. (eds.) ICISS 2011. LNCS, vol. 7093, pp. 379\u2013382. Springer, Heidelberg (2011). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-642-25560-1_27"},{"key":"13_CR18","unstructured":"Loscocco, P.A., Smalley, S.D.: Integrating flexible support for security policies into the linux operating system. In: Cole, C. (ed.) 2001 USENIX Annual Technical Conference, pp. 29\u201342 (2001)"},{"key":"13_CR19","unstructured":"Naldurg, P., Raghavendra, K.: SEAL: a logic programming framework for specifying and verifying access control models. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, SACMAT 2011, pp. 83\u201392. ACM, New York (2011). \n                    http:\/\/doi.acm.org\/10.1145\/1998441.1998454"},{"issue":"4","key":"13_CR20","doi-asserted-by":"publisher","first-page":"286","DOI":"10.1504\/IJGUC.2014.065372","volume":"5","author":"SM Park","year":"2014","unstructured":"Park, S.M., Chung, S.M.: Privacy-preserving attribute-based access control for grid computing. Int. J. Grid Util. Comput. 5(4), 286\u2013296 (2014). \n                    http:\/\/dx.org\/10.1504\/ijguc.2014.065372","journal-title":"Int. J. Grid Util. Comput."},{"key":"13_CR21","unstructured":"PeBenito, C.J., Mayer, F., MacMillan, K.: Reference policy for security enhanced linux. In: Proceedings of the 3rd Annual SELinux Symposium (2006)"},{"key":"13_CR22","unstructured":"P\u00f6lck, A.: Small TCBs of Policy-controlled Operating Systems. Universit\u00e4tsverlag Ilmenau, May 2014"},{"key":"13_CR23","unstructured":"Russello, G., Conti, M., Crispo, B., Fernandes, E.: MOSES: Supporting operation modes on smartphones. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, SACMAT 2012, pp. 3\u201312. ACM, New York (2012). \n                    http:\/\/doi.acm.org\/10.1145\/2295136.2295140"},{"key":"13_CR24","unstructured":"Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST model for role-based access control: towards a unified standard. In: Proceedings 5th ACM Workshop on Role-Based Access Control, pp. 47\u201363. ACM, New York (2000). ISBN 1-58113-259-X"},{"key":"13_CR25","unstructured":"Sandhu, R.S.: The typed access matrix model. In: Proceedings of the 1992 IEEE Symposium on Security and Privacy, SP 1992, pp. 122\u2013136. IEEE Computer Society, Washington, DC (1992). \n                    http:\/\/dl.acm.org\/citation.cfm?id=882488.884182"},{"key":"13_CR26","unstructured":"Sarna-Starosta, B., Stoller, S.D.: Policy analysis for security-enhanced linux. In: Proceedings of the 2004 Workshop on Issues in the Theory of Security (WITS) (2004)"},{"key":"13_CR27","unstructured":"Shebaro, B., Oluwatimi, O., Bertino, E.: Context-based access control systems for mobile devices. IEEE Trans. Dependable Secure Comput. PP(99), 1 (2014)"},{"key":"13_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"693","DOI":"10.1007\/978-3-642-03095-6_65","volume-title":"Algorithms and Architectures for Parallel Processing","author":"H Shen","year":"2009","unstructured":"Shen, H.: A semantic-aware attribute-based access control model for web services. In: Hua, A., Chang, S.-L. (eds.) ICA3PP 2009. LNCS, vol. 5574, pp. 693\u2013703. Springer, Heidelberg (2009). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-642-03095-6_65"},{"key":"13_CR29","unstructured":"Smalley, S., Craig, R.: Security Enhanced (SE) android: bringing flexible MAC to android. In: 20th Annual Network & Distributed System Security Symposium (NDSS), February 2013"},{"key":"13_CR30","unstructured":"Smalley, S.D.: Configuring the SELinux Policy. Technical report 02\u2013007, NAI Labs, February 2005"},{"key":"13_CR31","unstructured":"Spencer, R., Smalley, S., Loscocco, P., Hibler, M., Andersen, D., Lepreau, J.: The flask security architecture: system support for diverse security policies. In: Proceedings 8th USENIX Security Symposium (1999)"},{"issue":"2\u20133","key":"13_CR32","doi-asserted-by":"publisher","first-page":"148","DOI":"10.1016\/j.cose.2010.08.002","volume":"30","author":"SD Stoller","year":"2011","unstructured":"Stoller, S.D., Yang, P., Gofman, M., Ramakrishnan, C.R.: Symbolic reachability analysis for parameterized administrative role based access control. Comput. Secur. 30(2\u20133), 148\u2013164 (2011)","journal-title":"Comput. Secur."},{"issue":"1","key":"13_CR33","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1109\/TDSC.2012.77","volume":"10","author":"MV Tripunitara","year":"2013","unstructured":"Tripunitara, M.V., Li, N.: The foundational work of harrison-ruzzo-ullman revisited. IEEE Trans. Dependable Secur. Comput. 10(1), 28\u201339 (2013). \n                    http:\/\/dx.org\/10.1109\/TDSC.2012.77","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"13_CR34","unstructured":"Watson, R., Vance, C.: Security-Enhanced BSD. Technical report, Network Associates Laboratories, Rockville, MD, USA, July 2003"},{"issue":"1","key":"13_CR35","first-page":"20:20","volume":"11","author":"RNM Watson","year":"2013","unstructured":"Watson, R.N.M.: A decade of OS access-control extensibility. ACM Queue 11(1), 20:20\u201320:41 (2013). \n                    http:\/\/doi.acm.org\/10.1145\/2428616.2430732","journal-title":"ACM Queue"},{"issue":"3","key":"13_CR36","doi-asserted-by":"publisher","first-page":"155","DOI":"10.1007\/s10207-012-0180-7","volume":"12","author":"W Xu","year":"2013","unstructured":"Xu, W., Shehab, M., Ahn, G.J.: Visualization-based policy analysis for SELinux: framework and user study. Int. J. Inf. Secur. 12(3), 155\u2013171 (2013). \n                    http:\/\/dx.org\/10.1007\/s10207-012-0180-7","journal-title":"Int. J. Inf. Secur."},{"key":"13_CR37","doi-asserted-by":"crossref","unstructured":"Yuan, E., Tong, J.: Attributed Based Access Control (ABAC) for web services. In: Proceedings of the IEEE International Conference on Web Services, ICWS 2005, pp. 561\u2013569. IEEE Press, Washington, DC (2005)","DOI":"10.1109\/ICWS.2005.25"},{"key":"13_CR38","doi-asserted-by":"crossref","unstructured":"Zanin, G., Mancini, L.V.: Towards a formal model for security policies specification and validation in the SELinux system. In: Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, pp. 136\u2013145, ACM (2004)","DOI":"10.1145\/990036.990059"},{"key":"13_CR39","doi-asserted-by":"crossref","unstructured":"Zhang, X., Li, Y., Nalla, D.: An attribute-based access matrix model. In: Proceedings 2005 ACM Symposium on Applied Computing, SAC 2005, pp. 359\u2013363. ACM, New York (2005)","DOI":"10.1145\/1066677.1066760"}],"container-title":["Communications in Computer and Information Science","E-Business and Telecommunications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-30222-5_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,1]],"date-time":"2019-06-01T12:25:59Z","timestamp":1559391959000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-30222-5_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319302218","9783319302225"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-30222-5_13","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"1 March 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}