{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:08:26Z","timestamp":1742911706256,"version":"3.40.3"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319661964"},{"type":"electronic","value":"9783319661971"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-66197-1_13","type":"book-chapter","created":{"date-parts":[[2017,8,11]],"date-time":"2017-08-11T21:02:30Z","timestamp":1502485350000},"page":"203-218","source":"Crossref","is-referenced-by-count":2,"title":["On Run-Time Enforcement of Authorization Constraints in Security-Sensitive Workflows"],"prefix":"10.1007","author":[{"given":"Daniel Ricardo","family":"dos Santos","sequence":"first","affiliation":[]},{"given":"Silvio","family":"Ranise","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,8,13]]},"reference":[{"key":"13_CR1","first-page":"29","volume":"8","author":"F Alberti","year":"2012","unstructured":"Alberti, F., Ghilardi, S., Pagani, E., Ranise, S., Rossi, G.P.: Universal guards, relativization of quantifiers, and failure models in model checking modulo theories. JSAT 8, 29\u201361 (2012)","journal-title":"JSAT"},{"key":"13_CR2","first-page":"111","volume-title":"Studies in Computational Intelligence","author":"Bandar Alhaqbani","year":"2013","unstructured":"Alhaqbani, B., Adams, M., Fidge, C.J., ter Hofstede, A.H.M.: Privacy-aware workflow management. In: Proceedings of BPM, pp. 111\u2013128. Springer, Heidelberg (2013)"},{"issue":"3","key":"13_CR3","doi-asserted-by":"crossref","first-page":"13:1","DOI":"10.1145\/2382448.2382451","volume":"15","author":"D Basin","year":"2012","unstructured":"Basin, D., Burri, S.J., Karjoth, G.: Dynamic enforcement of abstract separation of duty constraints. TISSEC 15(3), 13:1\u201313:30 (2012)","journal-title":"TISSEC"},{"issue":"5","key":"13_CR4","doi-asserted-by":"crossref","first-page":"661","DOI":"10.3233\/JCS-140500","volume":"22","author":"D Basin","year":"2014","unstructured":"Basin, D., Burri, S.J., Karjoth, G.: Obstruction-free authorization enforcement: Aligning security and business objectives. JCS 22(5), 661\u2013698 (2014)","journal-title":"JCS"},{"issue":"2","key":"13_CR5","first-page":"3","volume":"4","author":"D Bell","year":"1996","unstructured":"Bell, D.: The bell-lapadula model. JCS 4(2), 3 (1996)","journal-title":"JCS"},{"issue":"1","key":"13_CR6","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1145\/300830.300837","volume":"2","author":"E Bertino","year":"1999","unstructured":"Bertino, E., Ferrari, E., Atluri, V.: The specification and enforcement of authorization constraints in workflow management systems. TISSEC 2(1), 65\u2013104 (1999)","journal-title":"TISSEC"},{"key":"13_CR7","doi-asserted-by":"crossref","unstructured":"Bertolissi, C., dos Santos, D.R., Ranise, S.: Automated synthesis of run-time monitors to enforce authorization policies in business processes. In: Proceedings of ASIACCS. ACM (2015)","DOI":"10.1145\/2714576.2714633"},{"key":"13_CR8","unstructured":"Biba, K.: Integrity considerations for secure computer systems. Technical report, DTIC Document (1977)"},{"key":"13_CR9","doi-asserted-by":"crossref","unstructured":"Brewer, D., Nash, M.J.: The Chinese wall security policy. In: Proceedings of S&P. IEEE (1989)","DOI":"10.1109\/SECPRI.1989.36295"},{"key":"13_CR10","doi-asserted-by":"crossref","first-page":"411","DOI":"10.1007\/978-3-642-28115-0_39","volume-title":"Business Process Management Workshops","author":"Samuel J. Burri","year":"2012","unstructured":"Burri, S.J, Karjoth, G.: Flexible scoping of authorization constraints on business processes with loops and parallelism. In: Proceedings of BPMW. Springer (2012)"},{"key":"13_CR11","doi-asserted-by":"crossref","first-page":"555","DOI":"10.1613\/jair.4435","volume":"51","author":"D Cohen","year":"2014","unstructured":"Cohen, D., Crampton, J., Gagarin, A., Gutin, G., Jones, M.: Iterative plan construction for the workflow satisfiability problem. JAIR 51, 555\u2013577 (2014)","journal-title":"JAIR"},{"issue":"1","key":"13_CR12","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1007\/s10878-015-9877-7","volume":"32","author":"D Cohen","year":"2016","unstructured":"Cohen, D., Crampton, J., Gagarin, A., Gutin, G., Jones, M.: Algorithms for the workflow satisfiability problem engineered for counting constraints. J. Comb. Optim. 32(1), 3\u201324 (2016)","journal-title":"J. Comb. Optim."},{"key":"13_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"567","DOI":"10.1007\/978-3-662-49674-9_36","volume-title":"Tools and Algorithms for the Construction and Analysis of Systems","author":"L Compagna","year":"2016","unstructured":"Compagna, L., dos Santos, D.R., Ponta, S.E., Ranise, S.: Cerberus: Automated synthesis of enforcement mechanisms for security-sensitive business processes. In: Chechik, M., Raskin, J.-F. (eds.) TACAS 2016. LNCS, vol. 9636, pp. 567\u2013572. Springer, Heidelberg (2016). doi: 10.1007\/978-3-662-49674-9_36"},{"key":"13_CR14","doi-asserted-by":"crossref","unstructured":"Crampton, J.: A reference monitor for workflow systems with constrained task execution. In: Proceedings of SACMAT. ACM (2005)","DOI":"10.1145\/1063979.1063986"},{"issue":"3","key":"13_CR15","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1145\/2988239","volume":"19","author":"J Crampton","year":"2016","unstructured":"Crampton, J., Gagarin, A., Gutin, G., Jones, M., Wahlstr\u00f6m, M.: On the workflow satisfiability problem with class-independent constraints for hierarchical organizations. TOPS 19(3), 81\u2013829 (2016)","journal-title":"TOPS"},{"key":"13_CR16","doi-asserted-by":"crossref","unstructured":"Crampton, J., Gutin, G.: Constraint expressions and workflow satisfiability. In: Proceedings of SACMAT. ACM (2013)","DOI":"10.1145\/2462410.2462419"},{"issue":"1","key":"13_CR17","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1145\/2487222.2487226","volume":"16","author":"J Crampton","year":"2013","unstructured":"Crampton, J., Gutin, G., Yeo, A.: On the parameterized complexity and kernelization of the workflow satisfiability problem. TISSEC 16(1), 4 (2013)","journal-title":"TISSEC"},{"issue":"1","key":"13_CR18","doi-asserted-by":"crossref","first-page":"31","DOI":"10.1007\/s10009-012-0269-3","volume":"16","author":"J Crampton","year":"2014","unstructured":"Crampton, J., Huth, M., Kuo, J.: Authorized workflow schemas: deciding realizability through LTL(F) model checking. STTT 16(1), 31\u201348 (2014)","journal-title":"STTT"},{"key":"13_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1007\/10722167_8","volume-title":"Computer Aided Verification","author":"G Delzanno","year":"2000","unstructured":"Delzanno, G.: Automatic verification of parameterized cache coherence protocols. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, pp. 53\u201368. Springer, Heidelberg (2000). doi: 10.1007\/10722167_8"},{"issue":"12","key":"13_CR20","doi-asserted-by":"crossref","first-page":"1281","DOI":"10.1016\/j.infsof.2008.02.006","volume":"50","author":"RM Dijkman","year":"2008","unstructured":"Dijkman, R.M., Dumas, M., Ouyang, C.: Semantics and analysis of business process models in BPMN. Inf. Soft. Tech. 50(12), 1281\u20131294 (2008)","journal-title":"Inf. Soft. Tech."},{"key":"13_CR21","doi-asserted-by":"crossref","unstructured":"dos Santos, D.R., Ranise, S., Ponta, S.E.: Modular synthesis of enforcement mechanisms for the workflow satisfiability problem: scalability and reusability. In: Proceedings of SACMAT. ACM (2016)","DOI":"10.1145\/2914642.2914649"},{"key":"13_CR22","doi-asserted-by":"crossref","unstructured":"Ghilardi, S., Ranise, S.: Backward reachability of array-based systems by SMT solving: Termination and invariant synthesis. LMCS 6(4) (2010)","DOI":"10.2168\/LMCS-6(4:10)2010"},{"key":"13_CR23","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1007\/978-3-642-14203-1_3","volume-title":"Automated Reasoning","author":"S Ghilardi","year":"2010","unstructured":"Ghilardi, S., Ranise, S.: MCMT: A model checker modulo theories. In: Giesl, J., H\u00e4hnle, R. (eds.) IJCAR 2010. LNCS (LNAI), vol. 6173, pp. 22\u201329. Springer, Heidelberg (2010). doi: 10.1007\/978-3-642-14203-1_3"},{"key":"13_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"652","DOI":"10.1007\/978-3-642-35063-4_49","volume-title":"Web Information Systems Engineering - WISE 2012","author":"M Leitner","year":"2012","unstructured":"Leitner, M., Mangler, J., Rinderle-Ma, S.: Definition and enactment of instance-spanning process constraints. In: Wang, X.S., Cruz, I., Delis, A., Huang, G. (eds.) WISE 2012. LNCS, vol. 7651, pp. 652\u2013658. Springer, Heidelberg (2012). doi: 10.1007\/978-3-642-35063-4_49"},{"issue":"3","key":"13_CR25","first-page":"121","volume":"55","author":"N Li","year":"2008","unstructured":"Li, N., Wang, Q.: Beyond separation of duty: An algebra for specifying high-level security policies. J. ACM 55(3), 121\u20131246 (2008)","journal-title":"J. ACM"},{"key":"13_CR26","doi-asserted-by":"crossref","unstructured":"Nassr, N., Steegmans, E.: Mitigating conflicts of interest by authorization policies. In: Proceedings of SIN. ACM (2015)","DOI":"10.1145\/2799979.2800013"},{"issue":"29","key":"13_CR27","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1109\/2.485845","volume":"2","author":"R Sandhu","year":"1996","unstructured":"Sandhu, R., Coyne, E., Feinstein, H., Youmann, C.: Role-based access control models. IEEE Comput. 2(29), 38\u201347 (1996)","journal-title":"IEEE Comput."},{"key":"13_CR28","first-page":"682","volume-title":"Lecture Notes in Computer Science","author":"Sriram Sankaranarayanan","year":"2003","unstructured":"Sankaranarayanan, S., Sipma, H., Manna, Z.: Petri net analysis using invariant generation. In: Verification: Theory and Practice. Springer (2003)"},{"key":"13_CR29","unstructured":"Tan, K., Crampton, J., Gunter, C.A.: The consistency of task-based authorization constraints in workflow. In Proceedings of CSF. IEEE (2004)"},{"issue":"3","key":"13_CR30","doi-asserted-by":"crossref","first-page":"333","DOI":"10.1007\/s00165-010-0161-4","volume":"23","author":"WMP Aalst van der","year":"2011","unstructured":"van der Aalst, W.M.P., van Hee, K.M., ter Hofstede, A.H.M., Sidorova, N., Verbeek, H.M.W., Voorhoeve, M., Wynn, M.T.: Soundness of workflow nets: classification, decidability, and analysis. Formal Aspects Comp. 23(3), 333\u2013363 (2011)","journal-title":"Formal Aspects Comp."},{"issue":"4","key":"13_CR31","doi-asserted-by":"crossref","first-page":"401","DOI":"10.1145\/1880022.1880034","volume":"13","author":"Q Wang","year":"2010","unstructured":"Wang, Q., Li, N.: Satisfiability and resiliency in workflow authorization systems. TISSEC 13(4), 401\u20134035 (2010)","journal-title":"TISSEC"},{"key":"13_CR32","doi-asserted-by":"crossref","unstructured":"Warner, J., Atluri, V.: Inter-instance authorization constraints for secure workflow management. In: Proceedings of SACMAT (2006). ACM","DOI":"10.1145\/1133058.1133085"},{"key":"13_CR33","volume-title":"Task-based entailment constraints for basic workflow patterns","author":"C Wolter","year":"2008","unstructured":"Wolter, C., Schaad, A., Meinel, C.: Task-based entailment constraints for basic workflow patterns. ACM, In Proc. of SACMAT (2008)"}],"container-title":["Lecture Notes in Computer Science","Software Engineering and Formal Methods"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-66197-1_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,2]],"date-time":"2019-10-02T06:03:16Z","timestamp":1569996196000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-66197-1_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319661964","9783319661971"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-66197-1_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]}}}