{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T04:56:52Z","timestamp":1742965012425,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":26,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540229872"},{"type":"electronic","value":"9783540301080"}],"license":[{"start":{"date-parts":[[2004,1,1]],"date-time":"2004-01-01T00:00:00Z","timestamp":1072915200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2004]]},"DOI":"10.1007\/978-3-540-30108-0_3","type":"book-chapter","created":{"date-parts":[[2010,9,16]],"date-time":"2010-09-16T18:15:03Z","timestamp":1284660903000},"page":"33-52","source":"Crossref","is-referenced-by-count":19,"title":["An Algebra for Composing Enterprise Privacy Policies"],"prefix":"10.1007","author":[{"given":"Michael","family":"Backes","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Markus","family":"D\u00fcrmuth","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rainer","family":"Steinwandt","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"3_CR1","unstructured":"Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise Privacy Authorization Language (EPAL). Research Report 3485, IBM Research (2003)"},{"key":"3_CR2","doi-asserted-by":"crossref","unstructured":"Ashley, P., Hada, S., Karjoth, G., Schunter, M.: E-P3P privacy policies and privacy authorization. In: Proc. 1st ACM Workshop on Privacy in the Electronic Society (WPES), pp. 103\u2013109 (2002)","DOI":"10.1145\/644527.644538"},{"key":"3_CR3","doi-asserted-by":"crossref","unstructured":"Backes, M., D\u00fcrmuth, M., Steinwandt, R.: An algebra for composing enterprise privacy policies. Research Report 3557, IBM Research (2004)","DOI":"10.1007\/978-3-540-30108-0_3"},{"key":"3_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/978-3-540-39650-5_10","volume-title":"Computer Security \u2013 ESORICS 2003","author":"M. Backes","year":"2003","unstructured":"Backes, M., Pfitzmann, B., Schunter, M.: A toolkit for managing enterprise privacy policies. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol.\u00a02808, pp. 162\u2013180. Springer, Heidelberg (2003)"},{"key":"3_CR5","doi-asserted-by":"crossref","unstructured":"Bettini, C., Jajodia, S., Wang, X.S., Wijesekerat, D.: Obligation monitoring in policy management. In: Proc. 3rd IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 2\u201312 (2002)","DOI":"10.1109\/POLICY.2002.1011288"},{"key":"3_CR6","doi-asserted-by":"crossref","unstructured":"Bonatti, P.A., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: A component-based architecture for secure data publication. In: Proc. 17th Annual Computer Security Applications Conference, pp. 309\u2013318 (2001)","DOI":"10.1109\/ACSAC.2001.991546"},{"key":"3_CR7","doi-asserted-by":"crossref","unstructured":"Bonatti, P.A., De Capitani di Vimercati, S., Samarati, P.: A modular approach to composing access control policies. In: Proc. 7th ACM Conference on Computer and Communications Security, pp. 164\u2013173 (2000)","DOI":"10.1145\/352600.352623"},{"issue":"1","key":"3_CR8","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/504909.504910","volume":"5","author":"P.A. Bonatti","year":"2002","unstructured":"Bonatti, P.A., de Capitani di Vimercati, S., Samarati, P.: An algebra for composing access comtrol policies. ACM Transactions on Information and System Security\u00a05(1), 1\u201335 (2002)","journal-title":"ACM Transactions on Information and System Security"},{"key":"3_CR9","unstructured":"Cavoukian, A., Hamilton, T.J.: The Privacy Payoff: How successful businesses build customer trust. McGraw-Hill\/Ryerson (2002)"},{"key":"3_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1007\/3-540-61770-1_30","volume-title":"Computer Security - ESORICS 96","author":"S. Capitani di Vimercati De","year":"1996","unstructured":"De Capitani di Vimercati, S., Samarati, P.: An authorization model for federated systems. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol.\u00a01146, pp. 99\u2013117. Springer, Heidelberg (1996)"},{"key":"3_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/3-540-45150-1_3","volume-title":"IT-Security and Privacy","author":"S. Fischer-H\u00fcbner","year":"2001","unstructured":"Fischer-H\u00fcbner, S.: IT-security and privacy: Design and use of privacy-enhancing security mechanisms. In: Fischer-H\u00fcbner, S. (ed.) IT-Security and Privacy. LNCS, vol.\u00a01958, p. 35. Springer, Heidelberg (2001)"},{"key":"3_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/3-540-44569-2_3","volume-title":"Policies for Distributed Systems and Networks","author":"Z. Fu","year":"2001","unstructured":"Fu, Z., Wu, S.F., Huang, H., Loh, K., Gong, F., Baldine, I., Xu, C.: IPSec\/VPN security policy: Correctness, conflict detection and resolution. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol.\u00a01995, pp. 39\u201356. Springer, Heidelberg (2001)"},{"key":"3_CR13","doi-asserted-by":"crossref","unstructured":"Gligor, V.D., Gavrila, S.I., Ferraiolo, D.: On the formal definition of separation-of-duty policies and their composition. In: Proc. 19th IEEE Symposium on Security & Privacy, pp. 172\u2013183 (1998)","DOI":"10.1109\/SECPRI.1998.674833"},{"key":"3_CR14","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1007\/978-1-4615-1467-1_8","volume-title":"Proc. Ecommerce Security and Privacy","author":"S. Jajodia","year":"2001","unstructured":"Jajodia, S., Kudo, M., Subrahmanian, V.S.: Provisional authorization. In: Proc. Ecommerce Security and Privacy, pp. 133\u2013159. Kluwer Academic Publishers, Dordrecht (2001)"},{"issue":"4","key":"3_CR15","first-page":"216","volume":"26","author":"S. Jajodia","year":"2001","unstructured":"Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.: Flexible support for multiple access control policies. ACM Transactions on Database Systems\u00a026(4), 216\u2013260 (2001)","journal-title":"ACM Transactions on Database Systems"},{"key":"3_CR16","doi-asserted-by":"crossref","unstructured":"Karjoth, G., Schunter, M.: A privacy policy model for enterprises. In: Proc. 15th IEEE Computer Security Foundations Workshop (CSFW), pp. 271\u2013281 (2002)","DOI":"10.1109\/CSFW.2002.1021821"},{"key":"3_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/3-540-36467-6_6","volume-title":"Privacy Enhancing Technologies","author":"G. Karjoth","year":"2003","unstructured":"Karjoth, G., Schunter, M., Waidner, M.: The platform for enterprise privacy practices \u2013 privacy-enabled management of customer data. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol.\u00a02482, pp. 69\u201384. Springer, Heidelberg (2003)"},{"key":"3_CR18","unstructured":"Lakshminarayanan, S., Ramamoorthy, R., Hung, P.C.K.: Conflicts in inter-prise epal policies. In: W3C Workshop on the long term Future of P3P and Enterprise Privacy Langugate; Position Papers. World Wide Web Consortium (2003)"},{"key":"3_CR19","doi-asserted-by":"crossref","unstructured":"McLean, J.: The algebra of security. In: Proc. 9th IEEE Symposium on Security & Privacy, pp. 2\u20137 (1988)","DOI":"10.1109\/SECPRI.1988.8092"},{"issue":"9","key":"3_CR20","first-page":"1404","volume":"11","author":"J.D. Moffett","year":"1993","unstructured":"Moffett, J.D., Sloman, M.S.: Policy hierarchies for distributed systems management. IEEE JSAC Special Issue on Network Management\u00a011(9), 1404\u201331414 (1993)","journal-title":"IEEE JSAC Special Issue on Network Management"},{"key":"3_CR21","unstructured":"Platform for Privacy Preferences (P3P). W3C Recommendation (April 2002)"},{"key":"3_CR22","unstructured":"Ribeiro, C., Zuquete, A., Ferreira, P., Guedes, P.: SPL: An access control language for security policies with complex constraints. In: Proc. Network and Distributed System Security Symposium, NDSS (2001)"},{"key":"3_CR23","doi-asserted-by":"crossref","unstructured":"Simon, R.T., Zurko, M.E.: Separation of duty in role-based environments. In: Proc. 10th IEEE Computer Security Foundations Workshop (CSFW), pp. 183\u2013194 (1997)","DOI":"10.1109\/CSFW.1997.596811"},{"key":"3_CR24","doi-asserted-by":"crossref","unstructured":"Wijesekera, D., Jajodia, S.: Policy algebras for access control \u2013 the propositional case. In: Proc. 8th ACM Conference on Computer and Communications Security, pp. 38\u201347 (2001)","DOI":"10.1145\/501983.501990"},{"issue":"2","key":"3_CR25","doi-asserted-by":"publisher","first-page":"286","DOI":"10.1145\/762476.762481","volume":"6","author":"D. Wijesekera","year":"2003","unstructured":"Wijesekera, D., Jajodia, S.: A propositional policy algebra for access control. ACM Transactions on Information and System Security\u00a06(2), 286\u2013325 (2003)","journal-title":"ACM Transactions on Information and System Security"},{"key":"3_CR26","unstructured":"eXtensible Access Control Markup Language (XACML). OASIS Committee Specification 1.0 (December 2002), www.oasis-open.org\/committees\/xacml"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2004"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-30108-0_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,25]],"date-time":"2025-02-25T21:52:07Z","timestamp":1740520327000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-30108-0_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004]]},"ISBN":["9783540229872","9783540301080"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-30108-0_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2004]]}}}