{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T17:51:17Z","timestamp":1725558677944},"publisher-location":"Berlin, Heidelberg","reference-count":20,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540255840"},{"type":"electronic","value":"9783540319795"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005]]},"DOI":"10.1007\/978-3-540-31979-5_14","type":"book-chapter","created":{"date-parts":[[2010,6,30]],"date-time":"2010-06-30T16:42:55Z","timestamp":1277916175000},"page":"156-167","source":"Crossref","is-referenced-by-count":7,"title":["A Practical Aspect Framework for Enforcing Fine-Grained Access Control in Web Applications"],"prefix":"10.1007","author":[{"given":"Kung","family":"Chen","sequence":"first","affiliation":[]},{"given":"Chih-Mao","family":"Huang","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"14_CR1","unstructured":"The Apache Struts Web Application Framework, http:\/\/struts.apache.org\/"},{"key":"14_CR2","doi-asserted-by":"crossref","unstructured":"Chandramouli, R.: A Framework for Multiple Authorization Types in a Healthcare Application System. In: 17th Annual Computer Security Applications Conference (December 2001)","DOI":"10.1109\/ACSAC.2001.991530"},{"key":"14_CR3","unstructured":"De Win, B., Piessens, F., Joosen, W., Verhanneman, T.: On the importance of the separation-of-concerns principle in secure software engineering. In: Workshop on the Application of Engineering Principles to System Security Design (2002)"},{"key":"14_CR4","unstructured":"De Win, B., Vanhaute, B., De Decker, B.: Building Frameworks in AspectJ. In: ECOOP 2001. Workshop on Advanced Separation of Concerns, pp. 1\u20136 (2001)"},{"key":"14_CR5","first-page":"125","volume-title":"Advances in Network and Distributed Systems Security","author":"B. Win De","year":"2001","unstructured":"De Win, B., Vanhaute, B., De Decker, B.: Security Through Aspect-Oriented Programming. In: Advances in Network and Distributed Systems Security, pp. 125\u2013138. Kluwer Academic, Dordrecht (2001)"},{"key":"14_CR6","unstructured":"Hanenberg, S., Schmidmeier, A.: Idioms for Building Software Frameworks in AspectJ. In: 2nd AOSD Workshop on Aspects, Components, and Patterns for Infrastructure Software (ACP4IS), Boston, MA, March 17 (2003)"},{"key":"14_CR7","volume-title":"Design Patterns","author":"Gamma","year":"1995","unstructured":"Gamma, Helm, Johnson, Vlissides: Design Patterns. Addison-Wesley, Reading (1995)"},{"key":"14_CR8","doi-asserted-by":"crossref","unstructured":"Georg, G., Ray, I., France, R.: Using Aspects to Design a Secure System. In: Proc. of the 8th IEEE Int\u2019l Conf. on Engineering of Complex Computer Systems (December 2002)","DOI":"10.1109\/ICECCS.2002.1181504"},{"key":"14_CR9","doi-asserted-by":"crossref","unstructured":"Georgiadis, C.K., Mavridis, I., Pangalos, G., Thomas, R.K.: Flexible Team-based Access Control Using Contexts. In: Sixth ACM Symposium on Access Control Models and Technologies (SACMAT 2001), Chantilly, VA, USA (May 2001)","DOI":"10.1145\/373256.373259"},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Giuri, L., Iglio, P.: Role Templates for Content-Based Access Control. In: Proceedings, 2nd ACM Workshop on Role-Based Access Control, Fairfax, VA, October 28\u201329, pp. 153\u2013159 (1997)","DOI":"10.1145\/266741.266773"},{"key":"14_CR11","doi-asserted-by":"crossref","unstructured":"Goodwin, R., Goh, S.F., Wu, F.Y.: Instance-level access control for business-to-business electronic commerce. IBM System Journal\u00a041(2) (2002)","DOI":"10.1147\/sj.412.0303"},{"key":"14_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"220","DOI":"10.1007\/BFb0053381","volume-title":"ECOOP \u201997 - Object-Oriented Programming","author":"G. Kiczales","year":"1997","unstructured":"Kiczales, G., Lamping, J., Menhdhekar, A., Maeda, C., Lopes, C., Loingtier, J.-M., Irwin, J.: Aspect-oriented programming. In: Aksit, M., Matsuoka, S. (eds.) ECOOP 1997. LNCS, vol.\u00a01241, pp. 220\u2013242. Springer, Heidelberg (1997)"},{"issue":"10","key":"14_CR13","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1145\/383845.383858","volume":"44","author":"G. Kiczales","year":"2001","unstructured":"Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., Griswold, W.G.: Getting Started with AspectJ. Communications of ACM\u00a044(10), 59\u201365 (2001)","journal-title":"Communications of ACM"},{"key":"14_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"204","DOI":"10.1007\/3-540-44958-2_17","volume-title":"Modeling and Using Context","author":"G. Kouadri Most\u00e9faoui","year":"2003","unstructured":"Kouadri Most\u00e9faoui, G., Br\u00e9zillon, P.: A generic framework for context-based distributed authorizations. In: Blackburn, P., Ghidini, C., Turner, R.M., Giunchiglia, F. (eds.) CONTEXT 2003. LNCS, vol.\u00a02680, pp. 204\u2013217. Springer, Heidelberg (2003)"},{"key":"14_CR15","unstructured":"Open Web Application Security Project: The Top Ten Most Critical Web Application Security Vulnerabilities, http:\/\/www.owasp.org\/documentation\/topten"},{"issue":"2","key":"14_CR16","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"R. Sandhu","year":"1996","unstructured":"Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer\u00a029(2), 38\u201347 (1996)","journal-title":"IEEE Computer"},{"key":"14_CR17","unstructured":"Sun Microsystems, Java Authentication and Authorization Service (JAAS), http:\/\/java.sun.com\/products\/jaas\/index.jsp"},{"key":"14_CR18","unstructured":"Sun Microsystems, JavaServer Pages Technology (JSP), http:\/\/java.sun.com\/products\/jsp\/"},{"key":"14_CR19","unstructured":"Sun Microsystems, Java Servlet Technology, http:\/\/java.sun.com\/products\/servlet\/"},{"key":"14_CR20","doi-asserted-by":"crossref","unstructured":"Tzelepi1, S.K., Koukopoulos, D.K., Pangalos, G.: A flexible Content and Context-based Access Control Model for Multimedia Medical Image Database Systems. In: ACM SIGMM Electronic Proceedings (2001)","DOI":"10.1145\/1232454.1232473"}],"container-title":["Lecture Notes in Computer Science","Information Security Practice and Experience"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-31979-5_14.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,19]],"date-time":"2020-11-19T04:32:34Z","timestamp":1605760354000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-31979-5_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005]]},"ISBN":["9783540255840","9783540319795"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-31979-5_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2005]]}}}