{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T20:48:56Z","timestamp":1743108536656,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":23,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642545672"},{"type":"electronic","value":"9783642545689"}],"license":[{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-642-54568-9_15","type":"book-chapter","created":{"date-parts":[[2014,3,20]],"date-time":"2014-03-20T14:31:35Z","timestamp":1395325895000},"page":"235-249","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Reference Monitors for Security and Interoperability in OAuth 2.0"],"prefix":"10.1007","author":[{"given":"Ronan-Alexandre","family":"Cherrueau","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"R\u00e9mi","family":"Douence","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jean-Claude","family":"Royer","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mario","family":"S\u00fcdholt","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anderson Santana","family":"de Oliveira","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yves","family":"Roudier","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Matteo","family":"Dell\u2019Amico","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2014,3,21]]},"reference":[{"issue":"1","key":"15_CR1","first-page":"45","volume":"197","author":"I Aktug","year":"2008","unstructured":"Aktug, I., Naliuka, K.: Conspec - a formal language for policy specification. ENTCS 197(1), 45\u201358 (2008). (Proceedings of REM 2007)","journal-title":"ENTCS"},{"key":"15_CR2","unstructured":"Allam, D., Douence, R., Grall, H., Royer, J.-C., S\u00fcdholt, M.: Well-typed services cannot go wrong. Rapport de recherche RR-7899, INRIA, May 2012"},{"key":"15_CR3","unstructured":"Ascola team. An aspect framework for CXF. http:\/\/a4cloud.gforge.inria.fr\/doku.php?id=start:aspect4cxf, January 2013"},{"key":"15_CR4","doi-asserted-by":"crossref","unstructured":"Bansal, C., Bhargavan, K., Maffeis, S.: Discovering concrete attacks on website authorization by formal analysis. In: CSF 2012, Cambridge, MA, USA, pp. 247\u2013262. IEEE (2012)","DOI":"10.1109\/CSF.2012.27"},{"key":"15_CR5","series-title":"LNCS","first-page":"30","volume-title":"ICALP 2005","author":"G Castagna","year":"2005","unstructured":"Castagna, G., Frisch, A.: A gentle introduction to semantic subtyping. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 30\u201334. Springer, Heidelberg (2005)"},{"issue":"1\u20133","key":"15_CR6","doi-asserted-by":"publisher","first-page":"217","DOI":"10.1016\/j.tcs.2008.01.049","volume":"398","author":"G Castagna","year":"2008","unstructured":"Castagna, G., De Nicola, R., Varacca, D.: Semantic subtyping for the pi-calculus. Theor. Comput. Sci. 398(1\u20133), 217\u2013242 (2008)","journal-title":"Theor. Comput. Sci."},{"key":"15_CR7","series-title":"LNCS","first-page":"168","volume-title":"ECOWS 2004","author":"A Charfi","year":"2004","unstructured":"Charfi, A., Mezini, M.: Aspect-oriented web service composition with AO4BPEL. In: (LJ) Zhang, L.-J., Jeckle, M. (eds.) ECOWS 2004. LNCS, vol. 3250, pp. 168\u2013182. Springer, Heidelberg (2004)"},{"key":"15_CR8","unstructured":"Chebaro, O., Allam, D., Grall, H., et al.: Mechanisms for property preservation. Technical Report Deliverable D2.4, CESSA Project, July 2012"},{"key":"15_CR9","unstructured":"Cherrueau, R.-A., Chebaro, O., S\u00fcdholt, M.: Flexible and expressive aspect-based control over service compositions in the cloud. In: 4th International Workshop on Variability & Composition (VariComp). ACM DL, March 2013"},{"key":"15_CR10","doi-asserted-by":"crossref","unstructured":"Dell\u2019Amico, M., Serme, G., Idrees, M.S., de Oliveira, A.S., Roudier, Y.: Hipolds: a hierarchical security policy language for distributed systems. Information Security Technical Report (2012)","DOI":"10.1007\/978-3-642-30955-7_10"},{"key":"15_CR11","unstructured":"OASIS. eXtensible Access Control Markup Language (XACML) Version 3.0. Technical report, OASIS, January 2013"},{"key":"15_CR12","doi-asserted-by":"crossref","unstructured":"Pai, S., Sharma, Y., Kumar, S., Pai, R.M., Singh, S.: Formal verification of oauth 2.0 using alloy framework. In: CSNT \u201911, pp. 655\u2013659. IEEE Computer Society, Washington DC (2011)","DOI":"10.1109\/CSNT.2011.141"},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Pu, K.Q.: Service description and analysis from a type theoretic approach. In: ICDE Workshops, pp. 379\u2013386 (2007)","DOI":"10.1109\/ICDEW.2007.4401019"},{"issue":"3","key":"15_CR14","first-page":"299","volume":"5","author":"C Ribeiro","year":"2007","unstructured":"Ribeiro, C., Ferreira, P.: A policy-oriented language for expressing security specifications. Int. J. Netw. Secur. 5(3), 299\u2013316 (2007)","journal-title":"Int. J. Netw. Secur."},{"issue":"3\u20134","key":"15_CR15","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1023\/B:JARS.0000021016.61054.3b","volume":"31","author":"J Riely","year":"2003","unstructured":"Riely, J., Hennessy, M.: Trust and partial typing in open systems of mobile agents. J. Autom. Reasoning 31(3\u20134), 335\u2013370 (2003)","journal-title":"J. Autom. Reasoning"},{"key":"15_CR16","unstructured":"Paul, R.: Compromising twitter\u2019s oauth security system. Technical report, Ars Technica (2010)"},{"key":"15_CR17","unstructured":"Sans, T., Cervesato, I.: QWeSST for type-safe web programming. In: 3rd International Workshop on Logics, Agents, and Mobility (2010)"},{"issue":"1","key":"15_CR18","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1145\/353323.353382","volume":"3","author":"FB Schneider","year":"2000","unstructured":"Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. 3(1), 30\u201350 (2000)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"15_CR19","series-title":"LNCS","first-page":"108","volume-title":"ECOOP 2000","author":"J Costa Seco","year":"2000","unstructured":"Costa Seco, J., Caires, L.: A basic model of typed components. In: Bertino, E. (ed.) ECOOP 2000. LNCS, vol. 1850, pp. 108\u2013128. Springer, Heidelberg (2000)"},{"key":"15_CR20","doi-asserted-by":"crossref","unstructured":"Serban, C., Zhang, W., Minsky, N.: A decentralized mechanism for application level monitoring of distributed systems. In: Proceedings of CollaborateCom 2009, pp. 1\u201310. IEEE (2009)","DOI":"10.4108\/ICST.COLLABORATECOM2009.8336"},{"key":"15_CR21","unstructured":"IETF Web Authorization (OAuth) Working Group. SAML 2.0 profile for OAuth 2.0 client authentication and authorization grants. Technical Report V 17, Internet Engineering Task Force (IETF)"},{"key":"15_CR22","unstructured":"IETF Web Authorization (OAuth) Working Group. The OAuth 2.0 authorization framework. Technical Report RFC 6749, Internet Engineering Task Force (IETF), October 2012"},{"key":"15_CR23","unstructured":"IETF Web Authorization (OAuth) Working Group. The OAuth 2.0 authorization framework: bearer token usage. Technical Report RFC 6750, Internet Engineering Task Force (IETF), October 2012"}],"container-title":["Lecture Notes in Computer Science","Data Privacy Management and Autonomous Spontaneous Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-54568-9_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,19]],"date-time":"2023-02-19T22:55:09Z","timestamp":1676847309000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-642-54568-9_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783642545672","9783642545689"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-54568-9_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2014]]},"assertion":[{"value":"21 March 2014","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}