{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T11:49:28Z","timestamp":1772020168211,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":30,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540203001","type":"print"},{"value":"9783540396505","type":"electronic"}],"license":[{"start":{"date-parts":[[2003,1,1]],"date-time":"2003-01-01T00:00:00Z","timestamp":1041379200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2003]]},"DOI":"10.1007\/978-3-540-39650-5_17","type":"book-chapter","created":{"date-parts":[[2010,6,25]],"date-time":"2010-06-25T19:20:21Z","timestamp":1277493621000},"page":"291-308","source":"Crossref","is-referenced-by-count":11,"title":["An Improved Reference Flow Control Model for Policy-Based Intrusion Detection"],"prefix":"10.1007","author":[{"given":"Jacob","family":"Zimmermann","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ludovic","family":"M\u00e9","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christophe","family":"Bidan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"issue":"8","key":"17_CR1","doi-asserted-by":"publisher","first-page":"805","DOI":"10.1016\/S1389-1286(98)00017-6","volume":"31","author":"H. Debar","year":"1999","unstructured":"Debar, H., Dacier, M., Wespi, A.: Towards a taxonomy of intrusiondetection systems. Computer Networks\u00a031(8), 805\u2013822 (1999)","journal-title":"Computer Networks"},{"key":"17_CR2","unstructured":"Boeckman, C.: Getting closer to policy-based intrusion detection. Information Security Bulletin, 13\u201320 (May 2000)"},{"issue":"8","key":"17_CR3","doi-asserted-by":"publisher","first-page":"461","DOI":"10.1145\/360303.360333","volume":"19","author":"M.A. Harrison","year":"1976","unstructured":"Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. ACM\u00a019(8), 461\u2013471 (1976)","journal-title":"ACM"},{"issue":"7","key":"17_CR4","doi-asserted-by":"publisher","first-page":"504","DOI":"10.1145\/359636.359712","volume":"20","author":"D.E. Denning","year":"1977","unstructured":"Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Communications of the ACM\u00a020(7), 504\u2013513 (1977)","journal-title":"Communications of the ACM"},{"issue":"3","key":"17_CR5","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1145\/357369.357374","volume":"1","author":"R.A. Kemmerer","year":"1983","unstructured":"Kemmerer, R.A.: Shared resource matrix methodology: An approach to identifying storage and timing channels. j-TOCS\u00a01(3), 256\u2013277 (1983)","journal-title":"j-TOCS"},{"key":"17_CR6","doi-asserted-by":"crossref","unstructured":"Bell, D., LaPadula, L.: Secure computer systems: Unified exposition and multics interpretation. Technical report, The Mitre Corp. (1976)","DOI":"10.21236\/ADA023588"},{"key":"17_CR7","unstructured":"Biba, K.: Integrity considerations for secure computer systems. MTR-3153, Mitre Corporation (1975)"},{"key":"17_CR8","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1109\/SECPRI.1989.36295","volume-title":"Proceedings of the IEEE Symposium on Research in Security and Privacy","author":"D.F.C. Brewer","year":"1989","unstructured":"Brewer, D.F.C., Nash, M.J.: The chinese wall security policy. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 206\u2013214. IEEE Computer Society Press, Los Alamitos (1989)"},{"key":"17_CR9","unstructured":"Walter, K.G., et al.: Primitive models for computer security. Technical Report ESD-TR4 -117, Case Western Reserve University (1974)"},{"key":"17_CR10","doi-asserted-by":"crossref","unstructured":"Ferrari, E., Samarati, P., Bertino, E., Jajodia, S.: Providing flexibility in information flow control for object-oriented systems. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 130\u2013140 (1997)","DOI":"10.1109\/SECPRI.1997.601328"},{"key":"17_CR11","doi-asserted-by":"crossref","unstructured":"Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: Symposium on Operating Systems Principles, pp. 129\u2013142 (1997)","DOI":"10.1145\/269005.266669"},{"key":"17_CR12","doi-asserted-by":"crossref","unstructured":"Jensen, T.P., Metayer, D.L., Thorn, T.: Verification of control flow based security properties. In: IEEE Symposium on Security and Privacy, pp. 89\u2013103 (1999)","DOI":"10.1109\/SECPRI.1999.766902"},{"key":"17_CR13","doi-asserted-by":"crossref","unstructured":"Hagimont, D., Mossiere, J., de Pina, X.R., Saunier, F.: Hidden software capabilities. In: International Conference on Distributed Computing Systems, pp. 282\u2013289 (1996)","DOI":"10.1109\/ICDCS.1996.507926"},{"key":"17_CR14","unstructured":"Karp, A.H., Gupta, R., Rozas, G., Banerji, A.: Split capabilities for access control. HP Laboratories Palo Alto, HPL-2001-164 (2001)"},{"key":"17_CR15","doi-asserted-by":"crossref","unstructured":"Sandhu, R.S.: The typed access matrix model. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 122\u2013136 (1992)","DOI":"10.1109\/RISP.1992.213266"},{"key":"17_CR16","doi-asserted-by":"crossref","unstructured":"Tidswell, J., Outhred, G.H., Potter, J.: Dynamic rights: Safe extensible access control. In: ACM Workshop on Role-Based Access Control, pp. 113\u2013120 (1999)","DOI":"10.1145\/319171.319182"},{"issue":"3","key":"17_CR17","doi-asserted-by":"publisher","first-page":"455","DOI":"10.1145\/322017.322025","volume":"24","author":"R.J. Lipton","year":"1977","unstructured":"Lipton, R.J., Snyder, L.: A linear time algorithm for deciding subject security. JACM\u00a024(3), 455\u2013464 (1977)","journal-title":"JACM"},{"issue":"3","key":"17_CR18","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1016\/0020-0190(84)90095-4","volume":"19","author":"J. Biskup","year":"1984","unstructured":"Biskup, J.: Some variants of the take-grant protection model. Information Processing Letters\u00a019(3), 151\u2013156 (1984)","journal-title":"Information Processing Letters"},{"key":"17_CR19","first-page":"99","volume-title":"6th IEEE Computer Security Foundations Workshop","author":"M. Dacier","year":"1993","unstructured":"Dacier, M.: A petri net representation of the take-grant model. In: 6th IEEE Computer Security Foundations Workshop, Franconia, NH, June 15-17, pp. 99\u2013108. IEEE Computer Society Press, Los Alamitos (1993)"},{"key":"17_CR20","doi-asserted-by":"crossref","unstructured":"Bishop, M., Snyder, L.: The transfer of information and authority in a protection system. In: Proceedings of the Seventh Symposium in Operating Systems Principles, pp. 45\u201354 (December 1979)","DOI":"10.1145\/800215.806569"},{"key":"17_CR21","doi-asserted-by":"publisher","first-page":"333","DOI":"10.1016\/0022-0000(81)90069-6","volume":"23","author":"L. Snyder","year":"1981","unstructured":"Snyder, L.: Theft and conspiracy in the take-grant protection model. Journal of Computer and System Sciences\u00a023, 333\u2013347 (1981)","journal-title":"Journal of Computer and System Sciences"},{"key":"17_CR22","unstructured":"Bishop, M.: Theft of Information in the Take-Grant Protection Model. Technical Report PCS-TR88-137, Dartmouth College, Computer Science, Hanover, NH (1988)"},{"issue":"4","key":"17_CR23","doi-asserted-by":"crossref","first-page":"331","DOI":"10.3233\/JCS-1996-4404","volume":"4","author":"M. Bishop","year":"1996","unstructured":"Bishop, M.: Conspiracy and information flow in the take-grant protection model. Journal of Computer Security\u00a04(4), 331\u2013359 (1996)","journal-title":"Journal of Computer Security"},{"key":"17_CR24","unstructured":"Ko, C., Redmond, T.: Noninterference and intrusion detection. In: Proccedings of the IEEE Symposium on Security and Privacy (2002)"},{"key":"17_CR25","series-title":"Lecture Notes in Computer Science","volume-title":"Computer Security - ESORICS 94","author":"M. Dacier","year":"1994","unstructured":"Dacier, M., Deswarte, Y.: Privilege graph: an extension to the typed access matrix. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol.\u00a0875. Springer, Heidelberg (1994)"},{"key":"17_CR26","unstructured":"The reiser4 filesystem - in progress draft document, http:\/\/www.namesys.com\/v4\/v4.html"},{"issue":"1","key":"17_CR27","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1145\/353323.353382","volume":"3","author":"F.B. Schneider","year":"2000","unstructured":"Schneider, F.B.: Enforceable security policies. Information and System Security\u00a03(1), 30\u201350 (2000)","journal-title":"Information and System Security"},{"issue":"7","key":"17_CR28","doi-asserted-by":"publisher","first-page":"558","DOI":"10.1145\/359545.359563","volume":"21","author":"L. Lamport","year":"1978","unstructured":"Lamport, L.: Time, clocks, and the ordering of events in a distributed system. Communications of the ACM\u00a021(7), 558\u2013565 (1978)","journal-title":"Communications of the ACM"},{"key":"17_CR29","unstructured":"CMU CERT\/CC. Vu#40327: Openssh uselogin option allows remote execution of commands as root (November 2001), http:\/\/www.kb.cert.org\/vuls\/id\/40327"},{"key":"17_CR30","unstructured":"Zimmermann, J., M\u00e9, L., Bidan, C.: Experimenting a policy-based hids based on the reference flow model. Technical Report SSIR-2003-01, Sup\u00e9lec (March 2003), http:\/\/www.supelecrennes.fr\/rennes\/si\/equipe\/lme\/ZMB03.pdf"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2003"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-39650-5_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,22]],"date-time":"2025-02-22T07:44:05Z","timestamp":1740210245000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-39650-5_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2003]]},"ISBN":["9783540203001","9783540396505"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-39650-5_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2003]]}}}