{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:39:42Z","timestamp":1742913582462,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":26,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642390876"},{"type":"electronic","value":"9783642390883"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-39088-3_12","type":"book-chapter","created":{"date-parts":[[2013,6,4]],"date-time":"2013-06-04T01:26:20Z","timestamp":1370309180000},"page":"176-193","source":"Crossref","is-referenced-by-count":4,"title":["Automated Reviewing of Healthcare Security Policies"],"prefix":"10.1007","author":[{"given":"Nafees","family":"Qamar","sequence":"first","affiliation":[]},{"given":"Johannes","family":"Faber","sequence":"additional","affiliation":[]},{"given":"Yves","family":"Ledru","sequence":"additional","affiliation":[]},{"given":"Zhiming","family":"Liu","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"12_CR1","doi-asserted-by":"crossref","unstructured":"Ahn, G.-J., Hu, H.: Towards realizing a formal RBAC model in real systems. In: Lotz, V., Thuraisingham, B.M. (eds.) Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, SACMAT 2007, Sophia Antipolis, France, June 20-22, pp. 215\u2013224. ACM (2007)","DOI":"10.1145\/1266840.1266875"},{"issue":"4","key":"12_CR2","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1504\/IJIEM.2010.035624","volume":"6","author":"A. Appari","year":"2010","unstructured":"Appari, A., Johnson, M.E.: Information security and privacy in healthcare: current state of research. Int. J. of Internet and Enterprise Management\u00a06(4), 279\u2013314 (2010)","journal-title":"Int. J. of Internet and Enterprise Management"},{"key":"12_CR3","doi-asserted-by":"crossref","unstructured":"Abdallah, A.E., Khayat, E.J.: Formal Z specifications of several flat role-based access control models. In: 30th Annual IEEE\/NASA Software Engineering Workshop (SEW), pp. 282\u2013292. IEEE CS (2006)","DOI":"10.1109\/SEW.2006.20"},{"issue":"5","key":"12_CR4","doi-asserted-by":"publisher","first-page":"815","DOI":"10.1016\/j.infsof.2008.05.011","volume":"51","author":"D.A. Basin","year":"2009","unstructured":"Basin, D.A., Clavel, M., Doser, J., Egea, M.: Automated analysis of security-design models. Information & Software Technology\u00a051(5), 815\u2013831 (2009)","journal-title":"Information & Software Technology"},{"key":"12_CR5","doi-asserted-by":"crossref","unstructured":"Bell, D., LaPadula, L.: Secure computer system: Unified exposition and multics interpretation. Technical report, MITRE Corp, Bedford (1975)","DOI":"10.21236\/ADA023588"},{"issue":"2","key":"12_CR6","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1109\/32.345822","volume":"21","author":"A. Boswell","year":"1995","unstructured":"Boswell, A.: Specification and validation of a security policy model. IEEE Trans. Software Eng.\u00a021(2), 63\u201368 (1995)","journal-title":"IEEE Trans. Software Eng."},{"key":"12_CR7","unstructured":"Bowen, J.: Formal Specification and Documentation using Z: A Case Study Approach. Thomson Publishing (2003)"},{"key":"12_CR8","unstructured":"DOD 5200.28-STD. Trusted computer system evaluation criteria. Technical report, United States Department of Defense (1985)"},{"key":"12_CR9","unstructured":"Davies, J., Woodcock, J.: Using Z: Specification, Refinement, and Proof. Prentice Hall (1996) ISBN 0-13-948472-8"},{"issue":"3","key":"12_CR10","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1145\/501978.501980","volume":"4","author":"D.F. Ferraiolo","year":"2001","unstructured":"Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur.\u00a04(3), 224\u2013274 (2001)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"Hall, A.: Specifying and interpreting class hierarchies in Z. In: Bowen, J.P., Hall, J.A. (eds.) Z User Workshop, pp. 120\u2013138. Springer (1994)","DOI":"10.1007\/978-1-4471-3452-7_8"},{"key":"12_CR12","doi-asserted-by":"crossref","unstructured":"Hasan, R., Yurcik, W.: A statistical analysis of disclosed storage security breaches. In: Proceedings of the 2006 ACM Workshop on Storage Security and Survivability, StorageSS 2006, Alexandria, VA, USA, October 30, pp. 1\u20138. ACM (2006)","DOI":"10.1145\/1179559.1179561"},{"key":"12_CR13","unstructured":"Rubenstein, S.: Are your medical records at risk? Wall Street Journal (2009)"},{"key":"12_CR14","unstructured":"J\u00fcrjens, J.: Secure systems development with UML. Springer (2005)"},{"key":"12_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/3-540-45800-X_33","volume-title":"\u00abUML\u00bb 2002 - The Unified Modeling Language. Model Engineering, Concepts, and Tools","author":"T. Lodderstedt","year":"2002","unstructured":"Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-based modeling language for model-driven security. In: J\u00e9z\u00e9quel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol.\u00a02460, pp. 426\u2013441. Springer, Heidelberg (2002)"},{"key":"12_CR16","series-title":"LNBIP","doi-asserted-by":"publisher","first-page":"592","DOI":"10.1007\/978-3-642-22056-2_62","volume-title":"Advanced Information Systems Engineering Workshops","author":"Y. Ledru","year":"2011","unstructured":"Ledru, Y., Idani, A., Milhau, J., Qamar, N., Laleau, R., Richier, J.-L., Labiadh, M.-A.: Taking into account functional models in the validation of IS security policies. In: Salinesi, C., Pastor, O. (eds.) CAiSE Workshops 2011. LNBIP, vol.\u00a083, pp. 592\u2013606. Springer, Heidelberg (2011)"},{"key":"12_CR17","doi-asserted-by":"crossref","unstructured":"Ledru, Y., Qamar, N., Idani, A., Richier, J.-L., Labiadh, M.-A.: Validation of security policies by the animation of Z specifications. In: Breu, R., Crampton, J., Lobo, J. (eds.) Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, SACMAT 2011, Innsbruck, Austria, June 15-17, pp. 155\u2013164. ACM (2011)","DOI":"10.1145\/1998441.1998471"},{"key":"12_CR18","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1007\/s11334-011-0166-z","volume":"7","author":"J. Milhau","year":"2011","unstructured":"Milhau, J., Idani, A., Laleau, R., Labiadh, M.-A., Ledru, Y., Frappier, M.: Combining UML, ASTD and B for the formal specification of an access control filter. Innov. Syst. Softw. Eng.\u00a07, 303\u2013313 (2011)","journal-title":"Innov. Syst. Softw. Eng."},{"key":"12_CR19","doi-asserted-by":"crossref","unstructured":"Morimoto, S., Shigematsu, S., Goto, Y., Cheng, J.: Formal verification of security specifications with common criteria. In: Proceedings of the 2007 ACM Symposium on Applied Computing (SAC), Seoul, Korea, March 11-15, pp. 1506\u20131512. ACM (2007)","DOI":"10.1145\/1244002.1244325"},{"key":"12_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1007\/978-3-642-24559-6_19","volume-title":"Formal Methods and Software Engineering","author":"N. Qamar","year":"2011","unstructured":"Qamar, N., Ledru, Y., Idani, A.: Validation of security-design models using Z. In: Qin, S., Qiu, Z. (eds.) ICFEM 2011. LNCS, vol.\u00a06991, pp. 259\u2013274. Springer, Heidelberg (2011)"},{"key":"12_CR21","doi-asserted-by":"crossref","unstructured":"Schaad, A., Moffett, J.D.: A lightweight approach to specification and analysis of role-based access control extensions. In: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies, pp. 13\u201322. ACM (2002)","DOI":"10.1145\/507711.507714"},{"key":"12_CR22","unstructured":"Spivey, J.M.: The Z Notation: A Reference Manual, 2nd edn. Prentice Hall International Series in Computer Science (1992)"},{"issue":"3","key":"12_CR23","doi-asserted-by":"publisher","first-page":"193","DOI":"10.1016\/j.artmed.2005.10.006","volume":"36","author":"A. Teije","year":"2006","unstructured":"Teije, A., Marcos, M., Balser, M., et al.: Improving medical protocols by formal methods. Artif. Intell. Med.\u00a036(3), 193\u2013209 (2006)","journal-title":"Artif. Intell. Med."},{"key":"12_CR24","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1145\/1542207.1542212","volume-title":"Proceedings of the 14th ACM Symposium on Access Control Models and Technologies","author":"M. Toahchoodee","year":"2009","unstructured":"Toahchoodee, M., Ray, I., Anastasakis, K., Georg, G., Bordbar, B.: Ensuring spatio-temporal access control for real-world applications. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, pp. 13\u201322. ACM, New York (2009)"},{"key":"12_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"196","DOI":"10.1007\/11937807_16","volume-title":"Information Security and Cryptology","author":"C. Yuan","year":"2006","unstructured":"Yuan, C., He, Y., He, J., Zhou, Z.: A verifiable formal specification for RBAC model with constraints of separation of duty. In: Lipmaa, H., Yung, M., Lin, D. (eds.) Inscrypt 2006. LNCS, vol.\u00a04318, pp. 196\u2013210. Springer, Heidelberg (2006)"},{"key":"12_CR26","unstructured":"Zao, J., Wee, H., Chu, J., Jackson, D.: RBAC schema verification using lightweight formal model and constraint analysis. Technical report, MIT, Cambridge (2002)"}],"container-title":["Lecture Notes in Computer Science","Foundations of Health Information Engineering and Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-39088-3_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,28]],"date-time":"2023-01-28T02:00:29Z","timestamp":1674871229000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-642-39088-3_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642390876","9783642390883"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-39088-3_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}