{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T19:05:41Z","timestamp":1725563141339},"publisher-location":"Berlin, Heidelberg","reference-count":21,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642151132"},{"type":"electronic","value":"9783642151149"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-15114-9_13","type":"book-chapter","created":{"date-parts":[[2010,8,27]],"date-time":"2010-08-27T04:47:53Z","timestamp":1282884473000},"page":"150-165","source":"Crossref","is-referenced-by-count":5,"title":["Automated Detection of Least Privilege Violations in Software Architectures"],"prefix":"10.1007","author":[{"given":"Riccardo","family":"Scandariato","sequence":"first","affiliation":[]},{"given":"Koen","family":"Buyens","sequence":"additional","affiliation":[]},{"given":"Wouter","family":"Joosen","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"13_CR1","doi-asserted-by":"crossref","unstructured":"Barkley, J.: Comparing simple role based access control models and access control lists. In: ACM Workshop on Role Based Access Control, RBAC (1997)","DOI":"10.1145\/266741.266769"},{"key":"13_CR2","doi-asserted-by":"crossref","unstructured":"Bernstein, D.J.: Some thoughts on security after ten years of qmail 1.0. In: ACM Workshop on Computer Security Architecture (2007)","DOI":"10.1145\/1314466.1314467"},{"key":"13_CR3","unstructured":"Brumley, D., Song, D.: Privtrans: Automatically partitioning programs for privilege separation. In: USENIX (2004)"},{"key":"13_CR4","doi-asserted-by":"crossref","unstructured":"Buyens, K., De Win, B., Joosen, W.: Resolving least privilege violations in software architectures. In: Workshop on Software Engineering for Secure Systems, SESS (2009)","DOI":"10.1109\/IWSESS.2009.5068453"},{"key":"13_CR5","doi-asserted-by":"crossref","unstructured":"Buyens, K., Scandariato, R., Joosen, W.: Process activities supporting security principles. In: International Workshop on Security in Software Engineering, IWSSE (2007)","DOI":"10.1109\/COMPSAC.2007.170"},{"key":"13_CR6","doi-asserted-by":"crossref","unstructured":"Dashofy, E., Asuncion, H., Hendrickson, S., Suryanarayana, G., Georgas, J., Taylor, R.: Archstudio 4: An architecture-based meta-modeling environment. In: ICSE Companion (2007)","DOI":"10.1109\/ICSECOMPANION.2007.21"},{"key":"13_CR7","unstructured":"Debie, E., De Ryck, P.: Non-repudiation middleware for web-based architectures. Master\u2019s thesis, Katholieke Universiteit Leuven (2009)"},{"key":"13_CR8","doi-asserted-by":"crossref","unstructured":"H\u00f6hn, S., J\u00fcrjens, J.: Rubacon: automated support for model-based compliance engineering. In: ICSE (2008)","DOI":"10.1145\/1368088.1368228"},{"key":"13_CR9","unstructured":"Howard, M., Lipner, S.: The Security Development Lifecycle. Microsoft Press (2006)"},{"key":"13_CR10","volume-title":"Secure Systems Development With UML","author":"J. J\u00fcrjens","year":"2005","unstructured":"J\u00fcrjens, J.: Secure Systems Development With UML. Springer, Heidelberg (2005)"},{"key":"13_CR11","unstructured":"Van Landuyt, D., Gr\u00e9goire, J., Michiels, S., Truyen, E., Joosen, W.: Architectural design of a digital publishing system. Technical Report CW465, Katholieke Universiteit Leuven (2006)"},{"key":"13_CR12","unstructured":"MSDN Library. Access control lists, http:\/\/msdn.microsoft.com"},{"key":"13_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"182","DOI":"10.1007\/978-3-540-79488-2_14","volume-title":"Agent-Oriented Software Engineering VIII","author":"M. Morandini","year":"2008","unstructured":"Morandini, M., Nguyen, D.C., Perini, A., Siena, A., Susi, A.: Tool-supported development with tropos: The conference management system case study. In: Luck, M., Padgham, L. (eds.) Agent-Oriented Software Engineering VIII. LNCS, vol.\u00a04951, pp. 182\u2013196. Springer, Heidelberg (2008)"},{"key":"13_CR14","unstructured":"Provos, N.: Improving host security with system call policies. In: USENIX Security Symposium (2003)"},{"key":"13_CR15","unstructured":"Ren, J.: A connector-centric approach to architectural access control. PhD thesis, University of California Irvine (2006)"},{"issue":"9","key":"13_CR16","doi-asserted-by":"publisher","first-page":"1278","DOI":"10.1109\/PROC.1975.9939","volume":"63","author":"J.H. Saltzer","year":"1975","unstructured":"Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proceedings of the IEEE\u00a063(9), 1278\u20131308 (1975)","journal-title":"Proceedings of the IEEE"},{"issue":"2","key":"13_CR17","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"R.S. Sandhu","year":"1996","unstructured":"Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: The protection of information in computer systems. IEEE Computer\u00a029(2), 38\u201347 (1996)","journal-title":"IEEE Computer"},{"issue":"1","key":"13_CR18","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1145\/353323.353382","volume":"3","author":"F.B. Schneider","year":"2000","unstructured":"Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security\u00a03(1), 30\u201350 (2000)","journal-title":"ACM Transactions on Information and System Security"},{"key":"13_CR19","volume-title":"Building Secure Software","author":"J. Viega","year":"2002","unstructured":"Viega, J., McGraw, G.: Building Secure Software. Addison-Wesley, Reading (2002)"},{"key":"13_CR20","unstructured":"White, S.A.: Business process modeling notation. BPMI.org (2004)"},{"issue":"6","key":"13_CR21","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1109\/MSECP.2003.1253571","volume":"1","author":"J. Wing","year":"2003","unstructured":"Wing, J.: A call to action: Look beyond the horizon. IEEE Security & Privacy\u00a01(6), 62\u201367 (2003)","journal-title":"IEEE Security & Privacy"}],"container-title":["Lecture Notes in Computer Science","Software Architecture"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-15114-9_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,2]],"date-time":"2019-06-02T05:52:23Z","timestamp":1559454743000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-15114-9_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642151132","9783642151149"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-15114-9_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}