{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,4]],"date-time":"2026-04-04T06:48:51Z","timestamp":1775285331055,"version":"3.50.1"},"reference-count":34,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2018,11,26]],"date-time":"2018-11-26T00:00:00Z","timestamp":1543190400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2019,8]]},"DOI":"10.1007\/s10207-018-0421-5","type":"journal-article","created":{"date-parts":[[2018,11,26]],"date-time":"2018-11-26T00:42:19Z","timestamp":1543192939000},"page":"465-479","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":18,"title":["Analyzing XACML policies using answer set programming"],"prefix":"10.1007","volume":"18","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1172-1941","authenticated-orcid":false,"given":"Mohsen","family":"Rezvani","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David","family":"Rajaratnam","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aleksandar","family":"Ignjatovic","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Maurice","family":"Pagnucco","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sanjay","family":"Jha","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,11,26]]},"reference":[{"key":"421_CR1","unstructured":"eXtensible Access Control Markup Language (XACML) Version 3.0 (2013). http:\/\/docs.oasis-open.org\/xacml\/30\/xacml-30-core-spec-os-enpdf . Accessed Sept 2018"},{"key":"421_CR2","unstructured":"AU2EU: Authentication and authorisation for entrusted unions (2015). http:\/\/www.au2eu.eu\/ . Accessed Sept 2018"},{"key":"421_CR3","unstructured":"WSO2 balana: The open source XACML 3.0 implementation (2015). http:\/\/xacmlinfo.org\/category\/balana\/ . Accessed Sept 2018"},{"key":"421_CR4","doi-asserted-by":"crossref","unstructured":"Ahn, G.J., Hu, H., Lee, J., Meng, Y.: Representing and reasoning about web access control policies. In: Proceedings of the 2010 IEEE 34th Annual Computer Software and Applications Conference, COMPSAC \u201910, pp. 137\u2013146 (2010)","DOI":"10.1109\/COMPSAC.2010.20"},{"key":"421_CR5","doi-asserted-by":"crossref","unstructured":"Al-Shaer, E.S., Hamed, H.H.: Discovery of policy anomalies in distributed firewalls. In: INFOCOM 2004. Twenty-third Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 4, pp. 2605\u20132616 (2004)","DOI":"10.1109\/INFCOM.2004.1354680"},{"issue":"4","key":"421_CR6","doi-asserted-by":"publisher","first-page":"17:1","DOI":"10.1145\/2595222","volume":"16","author":"K Arkoudas","year":"2014","unstructured":"Arkoudas, K., Chadha, R., Chiang, J.: Sophisticated access control via SMT and logical frameworks. ACM Trans. Inf. Syst. Secur. 16(4), 17:1\u201317:31 (2014)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"421_CR7","doi-asserted-by":"crossref","unstructured":"Ayed, D., Lepareux, M.N., Martins, C.: Analysis of XACML policies with ASP. In: 7th International Conference on New Technologies, Mobility and Security (NTMS) (2015)","DOI":"10.1109\/NTMS.2015.7266473"},{"key":"421_CR8","doi-asserted-by":"crossref","unstructured":"Basile, C., Cappadonia, A., Lioy, A.: Geometric interpretation of policy specification. In: Proceedings of the 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY \u201908, pp. 78\u201381 (2008)","DOI":"10.1109\/POLICY.2008.36"},{"issue":"4","key":"421_CR9","doi-asserted-by":"publisher","first-page":"985","DOI":"10.1109\/TNET.2011.2178431","volume":"20","author":"C Basile","year":"2012","unstructured":"Basile, C., Cappadonia, A., Lioy, A.: Network-level access control policy analysis and transformation. IEEE\/ACM Trans. Netw. 20(4), 985\u2013998 (2012)","journal-title":"IEEE\/ACM Trans. Netw."},{"issue":"1","key":"421_CR10","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1145\/1952982.1952984","volume":"14","author":"L Bauer","year":"2011","unstructured":"Bauer, L., Garriss, S., Reiter, M.K.: Detecting and resolving policy misconfigurations in access-control systems. ACM Trans. Inf. Syst. Secur. (TISSEC) 14(1), 2 (2011)","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"issue":"12","key":"421_CR11","doi-asserted-by":"publisher","first-page":"92","DOI":"10.1145\/2043174.2043195","volume":"54","author":"G Brewka","year":"2011","unstructured":"Brewka, G., Eiter, T., Truszczy\u0144ski, M.: Answer set programming at a glance. Commun. ACM 54(12), 92\u2013103 (2011)","journal-title":"Commun. ACM"},{"key":"421_CR12","doi-asserted-by":"crossref","unstructured":"Crampton, J., Morisset, C.: PTaCL: a language for attribute-based access control in open systems. In: International Conference on Principles of Security and Trust, pp. 390\u2013409. Springer (2012)","DOI":"10.1007\/978-3-642-28641-4_21"},{"key":"421_CR13","doi-asserted-by":"crossref","unstructured":"Eiter, T., Ianni, G., Krennwallner, T.: Answer set programming: a primer. In: Reasoning Web. Semantic Technologies for Information Systems, Lecture Notes in Computer Science, vol. 5689, pp. 40\u2013110 (2009)","DOI":"10.1007\/978-3-642-03754-2_2"},{"key":"421_CR14","doi-asserted-by":"crossref","unstructured":"Fisler, K., Krishnamurthi, S., Meyerovich, L.A., Tschantz, M.C.: Verification and change-impact analysis of access-control policies. In: Proceedings of the 27th International Conference on Software Engineering, ICSE \u201905, pp. 196\u2013205 (2005)","DOI":"10.1145\/1062455.1062502"},{"key":"421_CR15","volume-title":"Answer Set Solving in Practice. Synthesis Lectures on Artificial Intelligence and Machine Learning","author":"M Gebser","year":"2012","unstructured":"Gebser, M., Kaminski, R., Kaufmann, B., Schaub, T.: Answer Set Solving in Practice. Synthesis Lectures on Artificial Intelligence and Machine Learning. Morgan and Claypool Publishers, San Francisco (2012)"},{"key":"421_CR16","unstructured":"Gebser, M., Kaminski, R., Kaufmann, B., Schaub, T.: Clingo = ASP + control: Preliminary report. CoRR arXiv:1405.3694 (2014)"},{"key":"421_CR17","doi-asserted-by":"crossref","unstructured":"Griffin, L., Butler, B., de\u00a0Leastar E, Jennings, B., Botvich, D.: On the performance of access control policy evaluation. In: 2012 IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), pp. 25\u201332 (2012)","DOI":"10.1109\/POLICY.2012.15"},{"issue":"3","key":"421_CR18","doi-asserted-by":"publisher","first-page":"318","DOI":"10.1109\/TDSC.2012.20","volume":"9","author":"H Hu","year":"2012","unstructured":"Hu, H., Ahn, G.J., Kulkarni, K.: Detecting and resolving firewall policy anomalies. IEEE Trans. Dependable Secur. Comput. 9(3), 318\u2013331 (2012)","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"issue":"6","key":"421_CR19","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1109\/TDSC.2013.18","volume":"10","author":"H Hu","year":"2013","unstructured":"Hu, H., Ahn, G.J., Kulkarni, K.: Discovery and resolution of anomalies in web access control policies. IEEE Trans. Dependable Secur. Comput. 10(6), 341\u2013354 (2013)","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"issue":"6","key":"421_CR20","doi-asserted-by":"publisher","first-page":"503","DOI":"10.1007\/s10009-008-0087-9","volume":"10","author":"G Hughes","year":"2008","unstructured":"Hughes, G., Bultan, T.: Automated verification of access control policies using a SAT solver. Int. J. Softw. Tools Technol. Transf. 10(6), 503\u2013520 (2008)","journal-title":"Int. J. Softw. Tools Technol. Transf."},{"key":"421_CR21","doi-asserted-by":"crossref","unstructured":"Kolovski, V., Hendler, J., Parsia, B.: Analyzing web access control policies. In: Proceedings of the 16th International Conference on World Wide Web, WWW \u201907, pp. 677\u2013686 (2007)","DOI":"10.1145\/1242572.1242664"},{"key":"421_CR22","unstructured":"Lee, J., Wang, Y., Zhang, Y.: Automated reasoning about xacml 3.0 delegation using answer set programming. In: CEUR Workshop Proceedings, CEUR-WS, vol. 1433 (2015)"},{"key":"421_CR23","unstructured":"Lifschitz, V.: What is answer set programming? In: Proceedings of the 23rd National Conference on Artificial Intelligence, vol. 3, pp. 1594\u20131597 (2008)"},{"issue":"4","key":"421_CR24","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1007\/s10207-010-0106-1","volume":"9","author":"D Lin","year":"2010","unstructured":"Lin, D., Rao, P., Bertino, E., Li, N., Lobo, J.: EXAM: a comprehensive environment for the analysis of access control policies. Int. J. Inf. Secur. 9(4), 253\u2013273 (2010)","journal-title":"Int. J. Inf. Secur."},{"key":"421_CR25","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1145\/1384529.1375488","volume":"\u201908","author":"AX Liu","year":"2008","unstructured":"Liu, A.X., Chen, F., Hwang, J., Xie, T.: XEngine: a fast and scalable XACML policy evaluation engine. SIGMETRICS \u201908, 265\u2013276 (2008)","journal-title":"SIGMETRICS"},{"key":"421_CR26","first-page":"1","volume":"99","author":"A Margheri","year":"2017","unstructured":"Margheri, A., Masi, M., Pugliese, R., Tiezzi, F.: A rigorous framework for specification, analysis and enforcement of access control policies. IEEE Trans. Softw. Eng. 99, 1\u20131 (2017)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"421_CR27","first-page":"1","volume":"49","author":"M Mejri","year":"2017","unstructured":"Mejri, M., Yahyaoui, H.: Formal specification and integration of distributed security policies. Comput. Lang. Syst. Struct. 49, 1\u201335 (2017)","journal-title":"Comput. Lang. Syst. Struct."},{"key":"421_CR28","unstructured":"Ramli, C.D.P.K.: Detecting incompleteness, conflicting and unreachability XACML policies using answer set programming. CoRR, arXiv:1503.02732 (2015)"},{"key":"421_CR29","unstructured":"Ramli, C.D.P.K., Nielson, H., Nielson, F.: XACML 3.0 in answer set programming. In: Logic-Based Program Synthesis and Transformation, Lecture Notes in Computer Science, vol. 7844, pp. 89\u2013105 (2013)"},{"key":"421_CR30","doi-asserted-by":"crossref","unstructured":"Rezvani, M., Aryan, R.: Analyzing and resolving anomalies in firewall security policies based on propositional logic. In: IEEE 13th International Multi Topic Conference, INMIC (2009)","DOI":"10.1109\/INMIC.2009.5383125"},{"key":"421_CR31","doi-asserted-by":"crossref","unstructured":"Rezvani, M., Ignjatovic, A., Pagnucco, M., Jha, S.: Anomaly-free policy composition in software-defined networks. In: IFIP Networking 2016 Conference (Networking 2016), Vienna, Austria (2016)","DOI":"10.1109\/IFIPNetworking.2016.7497226"},{"key":"421_CR32","doi-asserted-by":"crossref","unstructured":"Tschantz, M.C., Krishnamurthi, S.: Towards reasonability properties for access-control policy languages. In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, SACMAT \u201906, pp. 160\u2013169 (2006)","DOI":"10.1145\/1133058.1133081"},{"issue":"Supplement C","key":"421_CR33","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1016\/j.cose.2017.01.009","volume":"66","author":"F Turkmen","year":"2017","unstructured":"Turkmen, F., den Hartog, J., Ranise, S., Zannone, N.: Formal analysis of XACML policies using SMT. Comput. Secur. 66(Supplement C), 185\u2013203 (2017)","journal-title":"Comput. Secur."},{"key":"421_CR34","unstructured":"Yuan, L., Mai, J., Su, Z., Chen, H., Chuah, C.N., Mohapatra, P.: FIREMAN: a toolkit for firewall modeling and analysis. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy, pp. 199\u2013213 (2006)"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-018-0421-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10207-018-0421-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-018-0421-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,4]],"date-time":"2026-04-04T05:50:07Z","timestamp":1775281807000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10207-018-0421-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,11,26]]},"references-count":34,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2019,8]]}},"alternative-id":["421"],"URL":"https:\/\/doi.org\/10.1007\/s10207-018-0421-5","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,11,26]]},"assertion":[{"value":"26 November 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Compliance with ethical standards"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}]}}