{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,1]],"date-time":"2025-03-01T05:18:14Z","timestamp":1740806294524,"version":"3.38.0"},"publisher-location":"Berlin, Heidelberg","reference-count":30,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642169540"},{"type":"electronic","value":"9783642169557"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-16955-7_15","type":"book-chapter","created":{"date-parts":[[2010,11,26]],"date-time":"2010-11-26T07:40:48Z","timestamp":1290757248000},"page":"293-312","source":"Crossref","is-referenced-by-count":19,"title":["Enforcing End-to-End Application Security in the Cloud"],"prefix":"10.1007","author":[{"given":"Jean","family":"Bacon","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David","family":"Evans","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David M.","family":"Eyers","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Matteo","family":"Migliavacca","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peter","family":"Pietzuch","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Brian","family":"Shand","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"15_CR1","doi-asserted-by":"crossref","unstructured":"Dierks, T., Allen, C.: The TLS protocol version 1.0. RFC 2246 (January 1999)","DOI":"10.17487\/rfc2246"},{"key":"15_CR2","unstructured":"Smith, A.: Open source, open standards and re-use: Government action plan (2009), http:\/\/www.cabinetoffice.gov.uk\/media\/318020\/open_source.pdf"},{"key":"15_CR3","doi-asserted-by":"publisher","first-page":"152","DOI":"10.1145\/1266894.1266924","volume-title":"Proceedings of the Inaugural Conference on Distributed Event-Based Systems (DEBS 2007)","author":"P. Pietzuch","year":"2007","unstructured":"Pietzuch, P., Eyers, D., Kounev, S., Shand, B.: Towards a Common API for Publish\/Subscribe. In: Proceedings of the Inaugural Conference on Distributed Event-Based Systems (DEBS 2007), pp. 152\u2013157. ACM Press, New York (June 2007) (short paper)"},{"key":"15_CR4","unstructured":"Bell, D.E., La Padula, L.J.: Secure computer systems: Mathematical foundations and model. Technical Report M74-244, The MITRE Corp., Bedford MA (May 1973)"},{"issue":"4","key":"15_CR5","doi-asserted-by":"publisher","first-page":"410","DOI":"10.1145\/363516.363526","volume":"9","author":"A. Myers","year":"2000","unstructured":"Myers, A., Liskov, B.: Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodology\u00a09(4), 410\u2013442 (2000)","journal-title":"ACM Transactions on Software Engineering and Methodology"},{"key":"15_CR6","unstructured":"Department of Defense: Trusted computer system evaluation criteria, orange book (1983)"},{"key":"15_CR7","first-page":"321","volume-title":"SOSP 2007","author":"M. Krohn","year":"2007","unstructured":"Krohn, M., Yip, A., Brodsky, M., et al.: Information flow control for standard OS abstractions. In: SOSP 2007, pp. 321\u2013334. ACM, New York (2007)"},{"key":"15_CR8","doi-asserted-by":"crossref","unstructured":"Migliavacca, M., Papagiannis, I., Eyers, D., Shand, B., Bacon, J., Pietzuch, P.: High-performance event processing with information security. In: USENIX Annual Technical Conference, Boston, MA, USA, pp. 1\u201315 (2010)","DOI":"10.1145\/1930028.1930032"},{"key":"15_CR9","unstructured":"NHS Connecting For Health: RBAC Statement of Principles, NPfIT Access Control (Registration) Programme (July 2006)"},{"key":"15_CR10","unstructured":"American National Standard for Information Technology: Role-based access control. ANSI INCITS 359-2004 (2004)"},{"issue":"4","key":"15_CR11","doi-asserted-by":"publisher","first-page":"492","DOI":"10.1145\/581271.581276","volume":"5","author":"J. Bacon","year":"2002","unstructured":"Bacon, J., Moody, K., Yao, W.: A model of OASIS role-based access control and its support for active security. ACM Transactions on Information and System Security (TISSEC)\u00a05(4), 492\u2013540 (2002)","journal-title":"ACM Transactions on Information and System Security (TISSEC)"},{"key":"15_CR12","unstructured":"OASIS eXtensible Access Control Markup Language (XACML) Technical Committee: eXtensible Access Control Markup Language (XACML) v2.0 (2005), http:\/\/www.oasis-open.org\/committees\/tc_home.php?wg_abbrev=xacml"},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Singh, J., Vargas, L., Bacon, J.: A model for controlling data flow in distributed healthcare environments. In: Proceedings of Pervasive Health 2008: 2nd International Conference on Pervasive Computing Technologies for Healthcare, Tampere, Finland, vol.\u00a030, pp. 188\u2013191 (2008)","DOI":"10.1109\/PCTHEALTH.2008.4571066"},{"key":"15_CR14","doi-asserted-by":"crossref","unstructured":"Neuman, C., Yu, T., Hartman, S., Raeburn, K.: RFC 4120: The Kerberos network authentication service (V5). Technical report, USC-ISI and MIT (2005)","DOI":"10.17487\/rfc4120"},{"issue":"11","key":"15_CR15","doi-asserted-by":"publisher","first-page":"1341","DOI":"10.1002\/cpe.1313","volume":"20","author":"D. Chadwick","year":"2008","unstructured":"Chadwick, D., Zhao, G., Otenko, S., Laborde, R., Su, L., Nguyen, T.A.: PERMIS: a modular authorization infrastructure. Concurrency and Computation: Practice and Experience\u00a020(11), 1341\u20131357 (2008)","journal-title":"Concurrency and Computation: Practice and Experience"},{"key":"15_CR16","unstructured":"OASIS Security Services TC: Security assertion markup language (SAML) V2.0 technical overview. Committee Draft 02 (March 2008)"},{"key":"15_CR17","unstructured":"OpenID Foundation: OpenID authentication 2.0 (December 2007)"},{"key":"15_CR18","doi-asserted-by":"crossref","unstructured":"Hammer-Lahav, E.: RFC 5849: The OAuth 1.0 protocol. Technical report, Internet Engineering Task Force (April 2010)","DOI":"10.17487\/rfc5849"},{"key":"15_CR19","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1145\/1463342.1463349","volume-title":"MidSec 2008: Proceedings of the 2008 Workshop on Middleware Security","author":"J. Singh","year":"2008","unstructured":"Singh, J., Eyers, D.M., Bacon, J.: Controlling historical information dissemination in publish\/subscribe. In: MidSec 2008: Proceedings of the 2008 Workshop on Middleware Security, pp. 34\u201339. ACM, New York (2008)"},{"key":"15_CR20","unstructured":"Amazon: Amazon Simple Storage Service developer guide (API version 2006-03-01), http:\/\/docs.amazonwebservices.com\/AmazonS3\/latest\/dev\/ (retrieved August 25, 2010)"},{"key":"15_CR21","unstructured":"Google: App Engine Java overview, http:\/\/code.google.com\/appengine\/docs\/java\/overview.html (retrieved August 25, 2010)"},{"key":"15_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"334","DOI":"10.1007\/978-3-642-16955-7_17","volume-title":"Middleware 2010","author":"M. Migliavacca","year":"2010","unstructured":"Migliavacca, M., Papagiannis, I., Eyers, D.M., Shand, B., Bacon, J., Pietzuch, P.: Distributed middleware enforcement of event flow security policy. In: Gupta, J., Mascolo, C. (eds.) Middleware 2010. LNCS, vol.\u00a06452, pp. 334\u2013354. Springer, Heidelberg (2010)"},{"issue":"5","key":"15_CR23","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1524\/itit.2009.0552","volume":"51","author":"J. Bacon","year":"2009","unstructured":"Bacon, J., Eyers, D.M., Singh, J., Shand, B., Migliavacca, M., Pietzuch, P.: Security in multi-domain event-based systems. it - Information Technology\u00a051(5), 277\u2013284 (2009), doi:10.1524\/itit.2009.0552","journal-title":"it - Information Technology"},{"key":"15_CR24","unstructured":"Duhigg, C.: Stock traders find speed pays, in milliseconds. The New York Times (2009)"},{"key":"15_CR25","unstructured":"London Stock Exchange: Exchange hosting, http:\/\/www.londonstockexchange.com\/traders-and-brokers\/products-services\/connectivity\/hosting\/hosting.htm (retrieved May 23, 2010)"},{"key":"15_CR26","unstructured":"Papagiannis, I., Migliavacca, M., Eyers, D.M., Shand, B., Bacon, J., Pietzuch, P.: Enforcing user privacy in web applications using Erlang. In: Web 2.0 Security and Privacy (W2SP), Oakland, CA, USA (May 2010)"},{"key":"15_CR27","doi-asserted-by":"crossref","unstructured":"Evans, D., Eyers, D.M.: Efficient policy checking across administrative domains. In: Proceedings of the IEEE International Symposium on Policies for Distributed Systems and Networks, Fairfax, VA, USA (July 2010)","DOI":"10.1109\/POLICY.2010.36"},{"key":"15_CR28","doi-asserted-by":"crossref","unstructured":"Evans, D., Eyers, D.M., Bacon, J.: Linking policies to the spatial environment. In: Proceedings of the IEEE International Symposium on Policies for Distributed Systems and Networks, Fairfax, VA, USA (July 2010)","DOI":"10.1109\/POLICY.2010.31"},{"key":"15_CR29","volume-title":"Deontic Logic in Computer Science","author":"J.J. Meyer","year":"1993","unstructured":"Meyer, J.J., Wieringa, R.J.: Deontic Logic in Computer Science. John Wiley & Sons Ltd., Chichester (1993)"},{"key":"15_CR30","first-page":"19","volume-title":"MPAC 2008: Proceedings of the 6th international workshop on middleware for pervasive and ad-hoc computing","author":"D. Evans","year":"2008","unstructured":"Evans, D., Eyers, D.M.: Deontic logic for modelling data flow and use compliance. In: MPAC 2008: Proceedings of the 6th international workshop on middleware for pervasive and ad-hoc computing, pp. 19\u201324. ACM, New York (2008)"}],"container-title":["Lecture Notes in Computer Science","Middleware 2010"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-16955-7_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,28]],"date-time":"2025-02-28T06:41:51Z","timestamp":1740724911000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-16955-7_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642169540","9783642169557"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-16955-7_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}