{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T17:46:40Z","timestamp":1742924800378,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":51,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642402029"},{"type":"electronic","value":"9783642402036"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-40203-6_34","type":"book-chapter","created":{"date-parts":[[2013,8,14]],"date-time":"2013-08-14T06:48:53Z","timestamp":1376462933000},"page":"610-627","source":"Crossref","is-referenced-by-count":6,"title":["Purpose Restrictions on Information Use"],"prefix":"10.1007","author":[{"given":"Michael Carl","family":"Tschantz","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anupam","family":"Datta","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jeannette M.","family":"Wing","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"34_CR1","unstructured":"Bank of America Corp.: Bank of America privacy policy for consumers (2005)"},{"key":"34_CR2","unstructured":"Office for Civil Rights: Summary of the HIPAA privacy rule. OCR Privacy Brief, U.S. Department of Health and Human Services (2003)"},{"key":"34_CR3","unstructured":"Yahoo!: Privacy policy: Yahoo Mail (2013)"},{"key":"34_CR4","unstructured":"FairWarning: Privacy breach detection for healthcare. White Paper (2010)"},{"key":"34_CR5","unstructured":"Taylor, R.: Action and Purpose. Prentice-Hall (1966)"},{"key":"34_CR6","doi-asserted-by":"crossref","unstructured":"Tschantz, M.C., Datta, A., Wing, J.M.: Formalizing and enforcing purpose restrictions in privacy policies. In: 2012 IEEE Symp. on Security and Privacy, pp. 176\u2013190 (2012)","DOI":"10.1109\/SP.2012.21"},{"key":"34_CR7","doi-asserted-by":"crossref","unstructured":"Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symp. on Security and Privacy, pp. 11\u201320 (1982)","DOI":"10.1109\/SP.1982.10014"},{"key":"34_CR8","doi-asserted-by":"crossref","unstructured":"Tschantz, M.C., Datta, A., Wing, J.M.: Purpose restrictions on information use. Technical Report CMU-CyLab-13-005 and CMU-CS-13-116, Carnegie Mellon University (June 2013)","DOI":"10.21236\/ADA587115"},{"issue":"1","key":"34_CR9","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1109\/JSAC.2002.806121","volume":"21","author":"A. Sabelfeld","year":"2003","unstructured":"Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications\u00a021(1), 5\u201319 (2003)","journal-title":"IEEE Journal on Selected Areas in Communications"},{"key":"34_CR10","unstructured":"Vachharajani, N., Bridges, M.J., Chang, J., Rangan, R., Ottoni, G., Blome, J.A., Reis, G.A., Vachharajani, M., August, D.I.: RIFLE: An architectural framework for user-centric information-flow security. In: 37th Annual IEEE\/ACM Intl. Symp. on Microarchitecture, pp. 243\u2013254 (2004)"},{"key":"34_CR11","unstructured":"Newsome, J., Song, D.X.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In: Network and Distributed System Security Symp. The Internet Society (2005)"},{"key":"34_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"332","DOI":"10.1007\/11935308_24","volume-title":"Information and Communications Security","author":"V.N. Venkatakrishnan","year":"2006","unstructured":"Venkatakrishnan, V.N., Xu, W., DuVarney, D.C., Sekar, R.: Provably correct runtime enforcement of non-interference properties. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol.\u00a04307, pp. 332\u2013351. Springer, Heidelberg (2006)"},{"key":"34_CR13","doi-asserted-by":"crossref","unstructured":"McCamant, S., Ernst, M.D.: A simulation-based proof technique for dynamic information flow. In: 2007 Wksp. on Programming Languages and Analysis for Security, pp. 41\u201346. ACM (2007)","DOI":"10.1145\/1255329.1255336"},{"key":"34_CR14","unstructured":"Yumerefendi, A.R., Mickle, B., Cox, L.P.: Tightlip: keeping applications from spilling the beans. In: 4th USENIX Conf. on Networked Systems Design and Implementation, p. 12 (2007)"},{"key":"34_CR15","doi-asserted-by":"crossref","unstructured":"Capizzi, R., Longo, A., Venkatakrishnan, V.N., Sistla, A.P.: Preventing information leaks through shadow executions. In: 2008 Annual Computer Security Applications Conf., pp. 322\u2013331. IEEE Computer Society (2008)","DOI":"10.1109\/ACSAC.2008.50"},{"key":"34_CR16","doi-asserted-by":"crossref","unstructured":"Devriese, D., Piessens, F.: Noninterference through secure multi-execution. In: 2010 IEEE Symp. on Security and Privacy, pp. 109\u2013124 (2010)","DOI":"10.1109\/SP.2010.15"},{"key":"34_CR17","doi-asserted-by":"crossref","unstructured":"Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: VLDB 2002: 28th Intl. Conf. on Very Large Data Bases, pp. 143\u2013154. VLDB Endowment (2002)","DOI":"10.1016\/B978-155860869-6\/50021-4"},{"key":"34_CR18","doi-asserted-by":"crossref","unstructured":"Byun, J.W., Bertino, E., Li, N.: Purpose based access control of complex data for privacy protection. In: SACMAT 2005: Tenth ACM Symp. on Access Control Models and Technologies, pp. 102\u2013110 (2005)","DOI":"10.1145\/1063979.1063998"},{"key":"34_CR19","unstructured":"Al-Fedaghi, S.S.: Beyond purpose-based privacy access control. In: Eighteenth Australasian Database Conf., pp. 23\u201332. Australian Computer Society, Inc. (2007)"},{"issue":"4","key":"34_CR20","doi-asserted-by":"publisher","first-page":"603","DOI":"10.1007\/s00778-006-0023-0","volume":"17","author":"J.W. Byun","year":"2008","unstructured":"Byun, J.W., Li, N.: Purpose based access control for privacy protection in relational database systems. The VLDB Journal\u00a017(4), 603\u2013619 (2008)","journal-title":"The VLDB Journal"},{"key":"34_CR21","doi-asserted-by":"crossref","unstructured":"Peng, H., Gu, J., Ye, X.: Dynamic purpose-based access control. In: Intl. Symp. on Parallel and Distributed Processing with Applications, pp. 695\u2013700. IEEE Computer Society (2008)","DOI":"10.1109\/ISPA.2008.80"},{"key":"34_CR22","doi-asserted-by":"crossref","unstructured":"Jafari, M., Safavi-Naini, R., Sheppard, N.P.: Enforcing purpose of use via workflows. In: WPES 2009: 8th ACM Wksp. on Privacy in the Electronic Society, pp. 113\u2013116 (2009)","DOI":"10.1145\/1655188.1655206"},{"key":"34_CR23","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1805974.1805980","volume":"13","author":"Q. Ni","year":"2010","unstructured":"Ni, Q., Bertino, E., Lobo, J., Brodie, C., Karat, C.M., Karat, J., Trombetta, A.: Privacy-aware role-based access control. ACM Trans. Inf. Syst. Secur. 13, 24:1\u201324:31 (2010)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"34_CR24","doi-asserted-by":"publisher","first-page":"1482","DOI":"10.1016\/j.eswa.2010.07.057","volume":"38","author":"M. Enamul Kabir","year":"2011","unstructured":"Enamul Kabir, M., Wang, H., Bertino, E.: A conditional purpose-based access control model with dynamic roles. Expert Syst. Appl.\u00a038, 1482\u20131489 (2011)","journal-title":"Expert Syst. Appl."},{"key":"34_CR25","doi-asserted-by":"crossref","unstructured":"Jafari, M., Fong, P.W., Safavi-Naini, R., Barker, K., Sheppard, N.P.: Towards defining semantic foundations for purpose-based privacy policies. In: First ACM Conf. on Data and Application Security and Privacy, pp. 213\u2013224 (2011)","DOI":"10.1145\/1943513.1943541"},{"key":"34_CR26","doi-asserted-by":"crossref","unstructured":"Martinelli, F., Morisset, C.: Quantitative access control with partially-observable markov decision processes. In: Second ACM Conf. on Data and Application Security and Privacy, pp. 169\u2013180 (2012)","DOI":"10.1145\/2133601.2133623"},{"key":"34_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"302","DOI":"10.1007\/11423409_19","volume-title":"Privacy Enhancing Technologies","author":"K. Hayati","year":"2005","unstructured":"Hayati, K., Abadi, M.: Language-based enforcement of privacy policies. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol.\u00a03424, pp. 302\u2013313. Springer, Heidelberg (2005)"},{"issue":"4","key":"34_CR28","doi-asserted-by":"publisher","first-page":"370","DOI":"10.1007\/s00778-006-0009-y","volume":"15","author":"F. Massacci","year":"2006","unstructured":"Massacci, F., Mylopoulos, J., Zannone, N.: Hierarchical Hippocratic databases with minimal disclosure for virtual organizations. The VLDB Journal\u00a015(4), 370\u2013387 (2006)","journal-title":"The VLDB Journal"},{"key":"34_CR29","doi-asserted-by":"crossref","unstructured":"Barth, A., Mitchell, J., Datta, A., Sundaram, S.: Privacy and utility in business processes. In: CSF 2007: 20th IEEE Computer Security Foundations Symp., pp. 279\u2013294 (2007)","DOI":"10.1109\/CSF.2007.26"},{"issue":"1-2","key":"34_CR30","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1016\/0004-3702(78)90012-7","volume":"11","author":"C. Schmidt","year":"1978","unstructured":"Schmidt, C., Sridharan, N., Goodson, J.: The plan recognition problem: An intersection of psychology and artificial intelligence. Artificial Intelligence\u00a011(1-2), 45\u201383 (1978)","journal-title":"Artificial Intelligence"},{"key":"34_CR31","unstructured":"Baker, C.L., Tenenbaum, J.B., Saxe, R.R.: Bayesian models of human action understanding. In: Advances in Neural Information Processing Systems 18, pp. 99\u2013106. MIT Press (2006)"},{"issue":"3","key":"34_CR32","doi-asserted-by":"publisher","first-page":"329","DOI":"10.1016\/j.cognition.2009.07.005","volume":"113","author":"C.L. Baker","year":"2009","unstructured":"Baker, C.L., Saxe, R., Tenenbaum, J.B.: Action understanding as inverse planning. Cognition\u00a0113(3), 329\u2013349 (2009)","journal-title":"Cognition"},{"key":"34_CR33","unstructured":"Ram\u00edrez, M., Geffner, H.: Plan recognition as planning. In: 21st International Joint Conf. on Artificial Intelligence, pp. 1778\u20131783 (2009)"},{"key":"34_CR34","unstructured":"Ram\u00edrez, M., Geffner, H.: Goal recognition over POMDPs: Inferring the intention of a POMDP agent. In: 22nd International Joint Conf. on Artificial Intelligence, pp. 2009\u20132014. IJCAI\/AAAI (2011)"},{"key":"34_CR35","doi-asserted-by":"publisher","first-page":"716","DOI":"10.1073\/pnas.38.8.716","volume":"38","author":"R. Bellman","year":"1952","unstructured":"Bellman, R.: On the theory of dynamic programming. National Academy of Sciences\u00a038, 716\u2013719 (1952)","journal-title":"National Academy of Sciences"},{"key":"34_CR36","unstructured":"Sondik, E.J.: The optimal control of partially observable Markov processes. PhD thesis, Stanford University (1971)"},{"issue":"1","key":"34_CR37","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1287\/mnsc.28.1.1","volume":"28","author":"G.E. Monahan","year":"1982","unstructured":"Monahan, G.E.: A survey of partially observable Markov decision processes: Theory, models, and algorithms. Management Science\u00a028(1), 1\u201316 (1982)","journal-title":"Management Science"},{"key":"34_CR38","doi-asserted-by":"publisher","first-page":"441","DOI":"10.1287\/moor.12.3.441","volume":"12","author":"C. Papadimitriou","year":"1987","unstructured":"Papadimitriou, C., Tsitsiklis, J.N.: The complexity of Markov decision processes. Math. Oper. Res.\u00a012, 441\u2013450 (1987)","journal-title":"Math. Oper. Res."},{"key":"34_CR39","unstructured":"Zhou, R., Hansen, E.A.: An improved grid-based approximation algorithm for POMDPs. In: 17th International Joint Conf. on Artificial Intelligence, vol.\u00a01, pp. 707\u2013714. Morgan Kaufmann (2001)"},{"key":"34_CR40","unstructured":"Smith, T., Simmons, R.: Point-based POMDP algorithms: Improved analysis and implementation. In: Conf. on Uncertainty in Artificial Intelligence (July 2005)"},{"key":"34_CR41","doi-asserted-by":"crossref","unstructured":"Kurniawati, H., Hsu, D., Lee, W.S.: SARSOP: Efficient point-based POMDP planning by approximating optimally reachable belief spaces. In: Proc. Robotics: Science and Systems (2008)","DOI":"10.15607\/RSS.2008.IV.009"},{"key":"34_CR42","doi-asserted-by":"crossref","unstructured":"Poupart, P., Kim, K.E., Kim, D.: Closing the gap: Improved bounds on optimal POMDP solutions. In: Intl. Conf. on Automated Planning and Scheduling. AAAI (2011)","DOI":"10.1609\/icaps.v21i1.13467"},{"key":"34_CR43","unstructured":"Madani, O.: Complexity Results for Infinite-Horizon Markov Decision Processes. PhD thesis, University of Washington (2000)"},{"key":"34_CR44","unstructured":"Rummery, G.A., Niranjan, M.: On-line Q-learning using connectionist systems. Technical Report CUEF\/F-INFENG\/TR 166, Cambridge University Engineering Department (1994)"},{"key":"34_CR45","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1016\/S0004-3702(98)00023-X","volume":"101","author":"L.P. Kaelbling","year":"1998","unstructured":"Kaelbling, L.P., Littman, M.L., Cassandra, A.R.: Planning and acting in partially observable stochastic domains. Artif. Intell.\u00a0101, 99\u2013134 (1998)","journal-title":"Artif. Intell."},{"key":"34_CR46","unstructured":"McCullough, D.: Noninterference and the composability of security properties. In: IEEE Symp. on Security and Privacy, pp. 177\u2013186 (1988)"},{"key":"34_CR47","doi-asserted-by":"crossref","unstructured":"Wittbold, J.T., Johnson, D.M.: Information flow in nondeterministic systems. In: IEEE Symp. on Security and Privacy, pp. 144\u2013161 (1990)","DOI":"10.1109\/RISP.1990.63846"},{"key":"34_CR48","unstructured":"McLean, J.: A general theory of composition for trace sets closed under selective interleaving functions. In: 1994 IEEE Symp. on Security and Privacy, p. 79 (1994)"},{"key":"34_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1007\/978-3-642-01465-9_4","volume-title":"Formal Aspects in Security and Trust","author":"D. Clark","year":"2009","unstructured":"Clark, D., Hunt, S.: Non-interference for deterministic interactive programs. In: Degano, P., Guttman, J., Martinelli, F. (eds.) FAST 2008. LNCS, vol.\u00a05491, pp. 50\u201366. Springer, Heidelberg (2009)"},{"key":"34_CR50","doi-asserted-by":"crossref","unstructured":"Tschantz, M.C., Wing, J.M.: Extracting conditional confidentiality policies. In: Sixth IEEE Intl. Conferences on Software Engineering and Formal Methods (2008)","DOI":"10.1109\/SEFM.2008.46"},{"key":"34_CR51","doi-asserted-by":"crossref","unstructured":"Mayer, J.R., Mitchell, J.C.: Third-party web tracking: Policy and technology. In: IEEE Symp. on Security and Privacy, pp. 413\u2013427 (2012)","DOI":"10.1109\/SP.2012.47"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2013"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-40203-6_34","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,3]],"date-time":"2023-07-03T21:13:51Z","timestamp":1688418831000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-40203-6_34"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642402029","9783642402036"],"references-count":51,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-40203-6_34","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}