{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T05:02:12Z","timestamp":1766466132079},"reference-count":22,"publisher":"Elsevier BV","issue":"3","license":[{"start":{"date-parts":[[2004,7,1]],"date-time":"2004-07-01T00:00:00Z","timestamp":1088640000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Information Security Technical Report"],"published-print":{"date-parts":[[2004,7]]},"DOI":"10.1016\/s1363-4127(04)00030-5","type":"journal-article","created":{"date-parts":[[2004,11,5]],"date-time":"2004-11-05T18:00:22Z","timestamp":1099677622000},"page":"35-46","source":"Crossref","is-referenced-by-count":12,"title":["XML-based access control languages"],"prefix":"10.1016","volume":"9","author":[{"given":"C.A.","family":"Ardagna","sequence":"first","affiliation":[]},{"given":"E.","family":"Damiani","sequence":"additional","affiliation":[]},{"given":"S.","family":"De Capitani di Vimercati","sequence":"additional","affiliation":[]},{"given":"P.","family":"Samarati","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/S1363-4127(04)00030-5_bib1","author":"Agrawal","year":"2003","journal-title":"An XPath-based preference language for P3P. In Proc. of the World Wide Web Conference, Budapest, Hungary"},{"key":"10.1016\/S1363-4127(04)00030-5_bib2","author":"Ardagna","year":"2004","journal-title":"A comparison of modeling strategies in defining xml-based access control languages. CSSE"},{"key":"10.1016\/S1363-4127(04)00030-5_bib4","unstructured":"B. Atkinson and G. Della-Libera et al. Web services security (WS-Security). http:\/\/msdn.microsoft.com\/library\/en-us\/dnglobspec\/html\/ws-security.asp%, April 2002."},{"issue":"3","key":"10.1016\/S1363-4127(04)00030-5_bib5","first-page":"241","volume":"10","author":"Bonatti","year":"2002","journal-title":"A unified framework for regulating access and information release on the web. Journal of Computer Security"},{"key":"10.1016\/S1363-4127(04)00030-5_bib6","unstructured":"D. Box et al. Web services policy assertions language (WS-PolicyAssertions) version 1.1. http:\/\/msdn.microsoft.com\/library\/en-us\/dnglobspec\/html\/ws-policyassert%ions.asp, May 2003."},{"key":"10.1016\/S1363-4127(04)00030-5_bib7","unstructured":"D. Box et al. Web Services Policy Attachment (WS-PolicyAttachment) version 1.1. http:\/\/msdn.microsoft.com\/library\/en-us\/dnglobspec\/html\/ws-policyattach%ment.asp, May 2003."},{"key":"10.1016\/S1363-4127(04)00030-5_bib8","unstructured":"D. Box et al. Web services policy framework (WS-Policy) version 1.1. http:\/\/msdn.microsoft.com\/library\/en-us\/dnglobspec\/html\/ws-policy.asp, May 2003."},{"key":"10.1016\/S1363-4127(04)00030-5_bib10","author":"Damiani","year":"2002","journal-title":"Towards security XML web services. In Proc. of the 2002 ACM Workshop on XML Security, Washington, DC, USA"},{"issue":"5","key":"10.1016\/S1363-4127(04)00030-5_bib11","doi-asserted-by":"crossref","first-page":"397","DOI":"10.1002\/spe.513","volume":"33","author":"De Capitani di Vimercati","year":"2003","journal-title":"Access control: Principles and solutions. Software \u2013 Practice and \u2013\u00bf\u2013 Experience"},{"key":"10.1016\/S1363-4127(04)00030-5_bib13","author":"Galbraith","year":"2002","journal-title":"Professional Web Services Security. Wrox Press Ltd."},{"issue":"2","key":"10.1016\/S1363-4127(04)00030-5_bib15","first-page":"18","volume":"26","author":"Jajodia","year":"2001","journal-title":"Flexible support for multiple access control policies. ACM Transactions on Database Systems"},{"key":"10.1016\/S1363-4127(04)00030-5_bib17","unstructured":"OASIS eXtensible Access Control Markup Language (XACML) version 1.1. http:\/\/www.oasis-open.org\/committees\/xacml\/repository\/cs-xacml-specific%ation-1.1.pdf."},{"key":"10.1016\/S1363-4127(04)00030-5_bib18","author":"Samarati","year":"2001","journal-title":"Access control: Policies, models, and mechanisms. In R. Focardi and R. Gorrieri, editors, Foundations of Security Analysis and Design, LNCS 2171. Springer-Verlag"},{"issue":"2","key":"10.1016\/S1363-4127(04)00030-5_bib19","first-page":"38","volume":"29","author":"Sandhu","year":"1996","journal-title":"Role-based access control models. IEEE Computer"},{"key":"10.1016\/S1363-4127(04)00030-5_bib20","unstructured":"Security assertion markup language (SAML) v1.0. http:\/\/www.oasisopen.org\/committees\/download.php\/3400\/oasis-sstc-saml-1.1-pdf-xsd.zip."},{"key":"10.1016\/S1363-4127(04)00030-5_bib21","unstructured":"SUN. Introduction to XACML, June 2003. http:\/\/sunxacml.sourceforge.net."},{"key":"10.1016\/S1363-4127(04)00030-5_bib22","unstructured":"Web services security policy (WS-SecurityPolicy), December 2002. http:\/\/www-106.ibm.com\/developerworks\/library\/ws-secpol\/."},{"key":"10.1016\/S1363-4127(04)00030-5_bib3","unstructured":"P. Ashley, S. Hada, G. Karjoth, C. Powers, and M. Schunter. Enterprise privacy authorization language (epal 1.1). IBM Research Report. http:\/\/www.zurich.ibm.com\/security\/enterpriseprivacy\/epal."},{"issue":"2","key":"10.1016\/S1363-4127(04)00030-5_bib9","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1007\/s102070100009","volume":"1","author":"Damiani","year":"2002","journal-title":"Securing SOAP E-services. International Journal of Information Security (IJIS)"},{"issue":"3","key":"10.1016\/S1363-4127(04)00030-5_bib12","doi-asserted-by":"crossref","first-page":"82","DOI":"10.1109\/MIC.2000.845395","volume":"4","author":"Feldman","year":"2000","journal-title":"The Changing Face of E-Commerce. IEEE Internet Computing"},{"key":"10.1016\/S1363-4127(04)00030-5_bib14","author":"Hine","year":"2000","journal-title":"An architecture for distributed OASIS services. In Proc. of the IFIP\/ACM International Conference on Distributed Systems Platforms nd Open Distributed Processing, Hudson River Valley, New York, USA"},{"key":"10.1016\/S1363-4127(04)00030-5_bib16","author":"Koshutanski","year":"2003","journal-title":"An access control framework for business processes for web services. In Proc. of the 2003 ACM Workshop on XML security, Fairfax, Virginia"}],"container-title":["Information Security Technical Report"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1363412704000305?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1363412704000305?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2019,2,2]],"date-time":"2019-02-02T10:22:49Z","timestamp":1549102969000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S1363412704000305"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004,7]]},"references-count":22,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2004,7]]}},"alternative-id":["S1363412704000305"],"URL":"https:\/\/doi.org\/10.1016\/s1363-4127(04)00030-5","relation":{},"ISSN":["1363-4127"],"issn-type":[{"value":"1363-4127","type":"print"}],"subject":[],"published":{"date-parts":[[2004,7]]}}}