{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,3]],"date-time":"2026-03-03T17:58:43Z","timestamp":1772560723355,"version":"3.50.1"},"reference-count":79,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,5,1]],"date-time":"2026-05-01T00:00:00Z","timestamp":1777593600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,5,1]],"date-time":"2026-05-01T00:00:00Z","timestamp":1777593600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,1,19]],"date-time":"2026-01-19T00:00:00Z","timestamp":1768780800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100004629","name":"Ministry for Business Innovation and Employment","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100004629","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003524","name":"Ministry of Business, Innovation and Employment","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100003524","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Journal of Information Security and Applications"],"published-print":{"date-parts":[[2026,5]]},"DOI":"10.1016\/j.jisa.2026.104379","type":"journal-article","created":{"date-parts":[[2026,1,23]],"date-time":"2026-01-23T12:56:31Z","timestamp":1769172991000},"page":"104379","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["AGentVLM: Access control policy generation and verification framework with language models"],"prefix":"10.1016","volume":"98","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-7932-5204","authenticated-orcid":false,"given":"Sakuna Harinda","family":"Jayasundara","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0059-0376","authenticated-orcid":false,"given":"Nalin Asanka Gamagedara","family":"Arachchilage","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6987-0803","authenticated-orcid":false,"given":"Giovanni","family":"Russello","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.jisa.2026.104379_bib0001","unstructured":"Page C.. Microsoft AI researchers accidentally exposed terabytes of internal sensitive data. 2023. https:\/\/techcrunch.com\/2023\/09\/18\/microsoft-ai-researchers- accidentally-exposed-terabytes-of-internal-sensitive-data\/."},{"key":"10.1016\/j.jisa.2026.104379_bib0002","series-title":"Symposium on usable security and privacy (USEC)","article-title":"Vision:\u201caccessformer\u201d: feedback-driven access control policy generation framework","author":"Jayasundara","year":"2024"},{"issue":"1","key":"10.1016\/j.jisa.2026.104379_bib0003","first-page":"151","article-title":"\u201cThose things are written by lawyers, and programmers are reading that.\u201d mapping the communication gap between software developers and privacy experts","volume":"2024","author":"Horstmann","year":"2024","journal-title":"Proc Priv Enhanc Technol"},{"key":"10.1016\/j.jisa.2026.104379_bib0004","series-title":"Proceedings of the SIGCHI conference on human factors in computing systems","first-page":"899","article-title":"Real life challenges in access-control management","author":"Bauer","year":"2009"},{"key":"10.1016\/j.jisa.2026.104379_bib0005","series-title":"IFIP annual conference on data and applications security and privacy","first-page":"82","article-title":"Identification of access control policy sentences from natural language policy documents","author":"Narouei","year":"2017"},{"issue":"3","key":"10.1016\/j.jisa.2026.104379_bib0006","first-page":"506","article-title":"Automatic extraction of access control policies from natural language documents","volume":"17","author":"Narouei","year":"2018","journal-title":"IEEE Trans Dependable Secure Comput"},{"key":"10.1016\/j.jisa.2026.104379_bib0007","series-title":"2022\u202fIEEE International conference on bioinformatics and biomedicine (BIBM)","first-page":"1289","article-title":"Automated extraction of ABAC policies from natural-language documents in healthcare systems","author":"Xia","year":"2022"},{"key":"10.1016\/j.jisa.2026.104379_bib0008","unstructured":"Jayasundara S.H., Arachchilage N.A.G., Russello G.. Sok: access control policy generation from high-level natural language requirements. 2023. arXiv: 231003292."},{"key":"10.1016\/j.jisa.2026.104379_bib0009","series-title":"IFIP International conference on information security theory and practice","first-page":"137","article-title":"Automatic top-down role engineering framework using natural language processing techniques","author":"Narouei","year":"2015"},{"key":"10.1016\/j.jisa.2026.104379_bib0010","series-title":"Proceedings of the 20th ACM symposium on access control models and technologies","first-page":"157","article-title":"Towards an automatic top-down role engineering approach using natural language processing techniques","author":"Narouei","year":"2015"},{"key":"10.1016\/j.jisa.2026.104379_bib0011","series-title":"Proceedings of the 30th annual computer security applications conference","first-page":"366","article-title":"Relation extraction for inferring access control rules from natural language artifacts","author":"Slankas","year":"2014"},{"key":"10.1016\/j.jisa.2026.104379_bib0012","series-title":"2013 International conference on social computing","first-page":"435","article-title":"Access control policy extraction from unconstrained natural language text","author":"Slankas","year":"2013"},{"key":"10.1016\/j.jisa.2026.104379_bib0013","series-title":"IFIP Annual conference on data and applications security and privacy","first-page":"171","article-title":"Access control policy generation from user stories using machine learning","author":"Heaps","year":"2021"},{"issue":"1","key":"10.1016\/j.jisa.2026.104379_bib0014","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/s42400-018-0019-2","article-title":"Automated extraction of attributes from natural language attribute-based access control (ABAC) policies","volume":"2","author":"Alohaly","year":"2019","journal-title":"Cybersecurity"},{"key":"10.1016\/j.jisa.2026.104379_bib0015","series-title":"Proceedings of the ACM SIGSOFT 20th international symposium on the foundations of software engineering","first-page":"1","article-title":"Automated extraction of security policies from natural-language software documents","author":"Xiao","year":"2012"},{"issue":"3","key":"10.1016\/j.jisa.2026.104379_bib0016","first-page":"145","article-title":"Access control policy identification and extraction from project documentation","volume":"2","author":"Slankas","year":"2013","journal-title":"Science"},{"key":"10.1016\/j.jisa.2026.104379_bib0017","first-page":"1","article-title":"A systematic mapping study on automated analysis of privacy policies","author":"Del Alamo","year":"2022","journal-title":"Computing"},{"key":"10.1016\/j.jisa.2026.104379_bib0018","series-title":"Proceedings of the 22nd ACM on symposium on access control models and technologies","first-page":"103","article-title":"Towards a top-down policy engineering framework for attribute-based access control","author":"Narouei","year":"2017"},{"key":"10.1016\/j.jisa.2026.104379_bib0019","series-title":"Proceedings of the 23nd ACM on symposium on access control models and technologies","first-page":"137","article-title":"A deep learning approach for extracting attributes of ABAC policies","author":"Alohaly","year":"2018"},{"issue":"1","key":"10.1016\/j.jisa.2026.104379_bib0020","doi-asserted-by":"crossref","first-page":"1418","DOI":"10.1038\/s41467-024-45563-x","article-title":"Structured information extraction from scientific text with large language models","volume":"15","author":"Dagdelen","year":"2024","journal-title":"Nat Commun"},{"key":"10.1016\/j.jisa.2026.104379_bib0021","series-title":"Proceedings of the 18th international conference on availability, reliability and security","first-page":"1","article-title":"Sok: modeling explainability in security analytics for interpretability, trustworthiness, and usability","author":"Bhusal","year":"2023"},{"key":"10.1016\/j.jisa.2026.104379_bib0022","series-title":"2012\u202fIEEE International symposium on policies for distributed systems and networks","first-page":"33","article-title":"Classifying natural language sentences for policy","author":"Slankas","year":"2012"},{"key":"10.1016\/j.jisa.2026.104379_bib0023","series-title":"IFIP International conference on ICT systems security and privacy protection","first-page":"105","article-title":"Towards an automated extraction of abac constraints from natural language policies","author":"Alohaly","year":"2019"},{"key":"10.1016\/j.jisa.2026.104379_bib0024","unstructured":"Devlin J., Chang M.-W., Lee K., Toutanova K.. Bert: pre-training of deep bidirectional transformers for language understanding. 2018. arXiv: 181004805."},{"key":"10.1016\/j.jisa.2026.104379_bib0025","series-title":"Requirements engineering: foundation for software quality: 24th international working conference, REFSQ 2018, Utrecht, The Netherlands, March 19\u201322, 2018, proceedings 24","first-page":"119","article-title":"Pinpointing ambiguity and incompleteness in requirements engineering via information visualization and NLP","author":"Dalpiaz","year":"2018"},{"key":"10.1016\/j.jisa.2026.104379_bib0026","unstructured":"Shi P., Lin J.. Simple bert models for relation extraction and semantic role labeling. 2019. arXiv: 190405255."},{"key":"10.1016\/j.jisa.2026.104379_bib0027","series-title":"Proceedings of the 25th international conference on machine learning","first-page":"160","article-title":"A unified architecture for natural language processing: deep neural networks with multitask learning","author":"Collobert","year":"2008"},{"key":"10.1016\/j.jisa.2026.104379_bib0028","series-title":"Proceedings of the 2017\u202fCHI conference on human factors in computing systems","first-page":"348","article-title":"How do system administrators resolve access-denied issues in the real world?","author":"Xu","year":"2017"},{"key":"10.1016\/j.jisa.2026.104379_bib0029","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1016\/j.compind.2018.08.007","article-title":"A systematic review of augmented reality content-related techniques for knowledge transfer in maintenance applications","volume":"103","author":"del Amo","year":"2018","journal-title":"Comput Ind"},{"key":"10.1016\/j.jisa.2026.104379_bib0030","series-title":"International conference on machine learning","first-page":"26106","article-title":"Lever: learning to verify language-to-code generation with execution","author":"Ni","year":"2023"},{"key":"10.1016\/j.jisa.2026.104379_bib0031","doi-asserted-by":"crossref","unstructured":"Shen J., Yin Y., Li L., Shang L., Jiang X., Zhang M., et al. Generate & rank: a multi-task framework for math word problems. 2021. arXiv: 210903034.","DOI":"10.18653\/v1\/2021.findings-emnlp.195"},{"key":"10.1016\/j.jisa.2026.104379_bib0032","unstructured":"Liu Y., Ott M., Goyal N., Du J., Joshi M., Chen D., et al. RoBERTa: a robustly optimized BERT pretraining approach. 2019. 1907.11692."},{"key":"10.1016\/j.jisa.2026.104379_bib0033","doi-asserted-by":"crossref","unstructured":"Wang A., Singh A., Michael J., Hill F., Levy O., Bowman S.R.. Glue: a multi-task benchmark and analysis platform for natural language understanding. 2018. arXiv: 180407461.","DOI":"10.18653\/v1\/W18-5446"},{"key":"10.1016\/j.jisa.2026.104379_bib0034","unstructured":"WSO2. Wso2 identity server documentation. 2025. https:\/\/is.docs.wso2.com\/en\/5.9.0\/."},{"key":"10.1016\/j.jisa.2026.104379_bib0035","unstructured":"Roziere B., Gehring J., Gloeckle F., Sootla S., Gat I., Tan X.E., et al. Code llama: open foundation models for code. 2023. arXiv: 230812950."},{"key":"10.1016\/j.jisa.2026.104379_bib0036","article-title":"A survey on large language model (llm) security and privacy: the good, the bad, and the ugly","volume":"4","author":"Yao","year":"2024","journal-title":"High-Conf Comput"},{"key":"10.1016\/j.jisa.2026.104379_bib0037","series-title":"Proceedings of the 61st annual meeting of the association for computational linguistics (volume 1: long papers)","first-page":"7443","article-title":"Large language models meet NL2code: a survey","author":"Zan","year":"2023"},{"key":"10.1016\/j.jisa.2026.104379_bib0038","unstructured":"Meta A.I.. Introducing meta llama 3: the most capable openly available LLM to date. 2024. https:\/\/ai.meta.com\/blog\/meta-llama-3."},{"key":"10.1016\/j.jisa.2026.104379_bib0039","unstructured":"Dubey A., Jauhri A., Pandey A., Kadian A., Al-Dahle A., Letman A., et al. The llama 3 herd of models. 2024. arXiv: 240721783."},{"key":"10.1016\/j.jisa.2026.104379_bib0040","unstructured":"Hendrycks D., Burns C., Basart S., Zou A., Mazeika M., Song D., et al. Measuring massive multitask language understanding. 2020. arXiv: 200903300."},{"key":"10.1016\/j.jisa.2026.104379_bib0041","unstructured":"Chen M., Tworek J., Jun H., Yuan Q., de Oliveira P.H.P., Kaplan J., et al. Evaluating large language models trained on code. 2021. arXiv: 210703374."},{"key":"10.1016\/j.jisa.2026.104379_bib0042","doi-asserted-by":"crossref","unstructured":"Ainslie J., Lee-Thorp J., de Jong M., Zemlyanskiy Y., Lebr\u00f3n F., Sanghai S.. Gqa: training generalized multi-query transformer models from multi-head checkpoints. 2023. arXiv: 230513245.","DOI":"10.18653\/v1\/2023.emnlp-main.298"},{"key":"10.1016\/j.jisa.2026.104379_bib0043","unstructured":"Firstpost. Ai companies are finally looking at small language models, and expect to make big bucks. 2024. https:\/\/www.firstpost.com\/tech\/ai-companies-are-finally-looking-at-small-language-models-and-expect-to-make-big-bucks-13772823.html."},{"key":"10.1016\/j.jisa.2026.104379_bib0044","first-page":"102","article-title":"Unveiling security, privacy, and ethical concerns of chatgpt","volume":"2","author":"Wu","year":"2023","journal-title":"J Inf Intell"},{"key":"10.1016\/j.jisa.2026.104379_bib0045","unstructured":"Mireshghallah N., Kim H., Zhou X., Tsvetkov Y., Sap M., Shokri R., et al. Can llms keep a secret? testing privacy implications of language models via contextual integrity theory. 2023. arXiv: 231017884."},{"key":"10.1016\/j.jisa.2026.104379_bib0046","unstructured":"Hu E.J., Shen Y., Wallis P., Allen-Zhu Z., Li Y., Wang S., et al. Lora: low-rank adaptation of large language models. 2021. arXiv: 210609685."},{"key":"10.1016\/j.jisa.2026.104379_bib0047","unstructured":"Skreta M., Yoshikawa N., Arellano-Rubach S., Ji Z., Kristensen L.B., Darvish K., et al. Errors are useful prompts: instruction guided task programming with verifier-assisted iterative prompting. 2023. arXiv: 230314100."},{"key":"10.1016\/j.jisa.2026.104379_bib0048","unstructured":"Cobbe K., Kosaraju V., Bavarian M., Chen M., Jun H., Kaiser L., et al. Training verifiers to solve math word problems. 2021. arXiv: 211014168."},{"key":"10.1016\/j.jisa.2026.104379_bib0049","doi-asserted-by":"crossref","unstructured":"Lewis M., Liu Y., Goyal N., Ghazvininejad M., Mohamed A., Levy O., et al. Bart: denoising sequence-to-sequence pre-training for natural language generation, translation, and comprehension. 2019. arXiv: 191013461.","DOI":"10.18653\/v1\/2020.acl-main.703"},{"key":"10.1016\/j.jisa.2026.104379_bib0050","unstructured":"Williams A., Nangia N., Bowman S.R.. A broad-coverage challenge corpus for sentence understanding through inference. 2017. arXiv: 170405426."},{"key":"10.1016\/j.jisa.2026.104379_bib0051","unstructured":"Li Y., Lin Z., Zhang S., Fu Q., Chen B., Lou J.-G., et al. Making large language models better reasoners with step-aware verifier. 2022. arXiv: 220602336."},{"key":"10.1016\/j.jisa.2026.104379_bib0052","series-title":"International conference on machine learning","first-page":"3319","article-title":"Axiomatic attribution for deep networks","author":"Sundararajan","year":"2017"},{"key":"10.1016\/j.jisa.2026.104379_bib0053","series-title":"Proceedings of the 2023\u202fACM SIGSAC conference on computer and communications security","first-page":"416","article-title":"Finer: enhancing state-of-the-art classifiers with feature attribution to facilitate security analysis","author":"He","year":"2023"},{"key":"10.1016\/j.jisa.2026.104379_bib0054","doi-asserted-by":"crossref","unstructured":"Miglani V., Yang A., Markosyan A.H., Garcia-Olano D., Kokhlikyan N.. Using captum to explain generative language models. 2023. arXiv: 231205491.","DOI":"10.18653\/v1\/2023.nlposs-1.19"},{"key":"10.1016\/j.jisa.2026.104379_bib0055","series-title":"Proceedings of the second symposium on usable privacy and security","first-page":"8","article-title":"An empirical study of natural language parsing of privacy policy rules using the SPARCLE policy workbench","author":"Brodie","year":"2006"},{"key":"10.1016\/j.jisa.2026.104379_bib0056","article-title":"Purext: automated extraction of the purpose-aware rule from the natural language privacy policy in iot","volume":"2021","author":"Yang","year":"2021","journal-title":"Secur Commun Netw"},{"key":"10.1016\/j.jisa.2026.104379_bib0057","series-title":"Proceeding of WMT","article-title":"Facebook FAIR\u2019s WMT19 news translation task submission","author":"Ng","year":"2020"},{"issue":"3","key":"10.1016\/j.jisa.2026.104379_bib0058","doi-asserted-by":"crossref","first-page":"276","DOI":"10.11613\/BM.2012.031","article-title":"Interrater reliability: the kappa statistic","volume":"22","author":"McHugh","year":"2012","journal-title":"Biochem Med"},{"key":"10.1016\/j.jisa.2026.104379_bib0059","series-title":"Machine learning and knowledge discovery in databases: European conference, ECML PKDD 2014, Nancy, France, September 15\u201319, 2014. proceedings, part II 14","first-page":"225","article-title":"Optimal thresholding of classifiers to maximize f1 measure","author":"Lipton","year":"2014"},{"key":"10.1016\/j.jisa.2026.104379_bib0060","unstructured":"Tice C., Kreer P.A., Helm-Burger N., Shahani P.S., Ryzhenkov F., Haimes J., et al. Noise injection reveals hidden capabilities of sandbagging language models. 2024. arXiv: 241201784."},{"key":"10.1016\/j.jisa.2026.104379_bib0061","series-title":"Proceedings of the 2025 conference on empirical methods in natural language processing","first-page":"31092","article-title":"Llm-guided co-training for text classification","author":"Rahman","year":"2025"},{"key":"10.1016\/j.jisa.2026.104379_bib0062","unstructured":"Yu H., Liu J., Zhang X., Wu J., Cui P.. A survey on evaluation of out-of-distribution generalization. 2024. arXiv: 240301874."},{"issue":"2","key":"10.1016\/j.jisa.2026.104379_bib0063","doi-asserted-by":"crossref","first-page":"83","DOI":"10.3390\/info13020083","article-title":"A survey on text classification algorithms: from text to predictions","volume":"13","author":"Gasparetto","year":"2022","journal-title":"Information"},{"key":"10.1016\/j.jisa.2026.104379_bib0064","unstructured":"Keough P.. What is purpose-based access control (PBAC)?2024. https:\/\/www.immuta.com\/blog\/purpose-based-access-control\/."},{"key":"10.1016\/j.jisa.2026.104379_bib0065","series-title":"International conference on advanced information systems engineering","first-page":"75","article-title":"LitroACP: a lightweight and robust framework for extracting access control policies from specifications","author":"Zhang","year":"2025"},{"key":"10.1016\/j.jisa.2026.104379_bib0066","first-page":"9459","article-title":"Retrieval-augmented generation for knowledge-intensive nlp tasks","volume":"33","author":"Lewis","year":"2020","journal-title":"Adv Neural Inf Process Syst"},{"issue":"2","key":"10.1016\/j.jisa.2026.104379_bib0067","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3209668","article-title":"The challenge of access control policies quality","volume":"10","author":"Bertino","year":"2018","journal-title":"J Data Inf Qual (JDIQ)"},{"issue":"6","key":"10.1016\/j.jisa.2026.104379_bib0068","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3295749","article-title":"Methods and tools for policy analysis","volume":"51","author":"Jabal","year":"2019","journal-title":"ACM Comput Surv (CSUR)"},{"key":"10.1016\/j.jisa.2026.104379_bib0069","unstructured":"Heiligenstein M.X.. Facebook data breaches: Full timeline through 2023. 2023. https:\/\/firewalltimes.com\/facebook-data-breach-timeline."},{"key":"10.1016\/j.jisa.2026.104379_bib0070","series-title":"Proceedings of the 3rd symposium on usable privacy and security","first-page":"100","article-title":"Towards understanding IT security professionals and their tools","author":"Botta","year":"2007"},{"key":"10.1016\/j.jisa.2026.104379_bib0071","series-title":"2020\u202fIEEE European symposium on security and privacy workshops (EuroS&PW)","first-page":"293","article-title":"Explainable security","author":"Vigano","year":"2020"},{"key":"10.1016\/j.jisa.2026.104379_bib0072","unstructured":"Ouyang L., Wu J., Jiang X., Almeida D., Wainwright C.L., Mishkin P., et al. Training language models to follow instructions with human feedback. 2022. arXiv: 220302155."},{"key":"10.1016\/j.jisa.2026.104379_bib0073","article-title":"Direct preference optimization: your language model is secretly a reward model","volume":"36","author":"Rafailov","year":"2024","journal-title":"Adv Neural Inf Process Syst"},{"key":"10.1016\/j.jisa.2026.104379_bib0074","series-title":"Proceedings of the ACM on web conference 2024","first-page":"3367","article-title":"Learning to rewrite prompts for personalized text generation","author":"Li","year":"2024"},{"key":"10.1016\/j.jisa.2026.104379_bib0075","series-title":"Proceedings of the SIGCHI conference on human factors in computing systems","first-page":"1473","article-title":"Expandable grids for visualizing and authoring computer security policies","author":"Reeder","year":"2008"},{"key":"10.1016\/j.jisa.2026.104379_bib0076","series-title":"Usability engineering","author":"Nielsen","year":"1994"},{"key":"10.1016\/j.jisa.2026.104379_bib0077","series-title":"Contextual design: defining customer-centered systems","author":"Holtzblatt","year":"1997"},{"key":"10.1016\/j.jisa.2026.104379_bib0078","series-title":"Proceedings of the SIGCHI conference on human factors in computing systems","first-page":"2065","article-title":"More than skin deep: measuring effects of the underlying model on access-control system usability","author":"Reeder","year":"2011"},{"issue":"3","key":"10.1016\/j.jisa.2026.104379_bib0079","first-page":"189","article-title":"Sus: a \u201cquick and dirty\u2019usability","volume":"189","author":"Brooke","year":"1996","journal-title":"Usabil Eval Indus"}],"container-title":["Journal of Information Security and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S2214212626000098?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S2214212626000098?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,3,3]],"date-time":"2026-03-03T17:04:27Z","timestamp":1772557467000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S2214212626000098"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,5]]},"references-count":79,"alternative-id":["S2214212626000098"],"URL":"https:\/\/doi.org\/10.1016\/j.jisa.2026.104379","relation":{},"ISSN":["2214-2126"],"issn-type":[{"value":"2214-2126","type":"print"}],"subject":[],"published":{"date-parts":[[2026,5]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"AGentVLM: Access control policy generation and verification framework with language models","name":"articletitle","label":"Article Title"},{"value":"Journal of Information Security and Applications","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.jisa.2026.104379","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 The Author(s). Published by Elsevier Ltd.","name":"copyright","label":"Copyright"}],"article-number":"104379"}}