{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T21:27:49Z","timestamp":1772227669146,"version":"3.50.1"},"reference-count":42,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"funder":[{"DOI":"10.13039\/501100004035","name":"Norwegian University of Science and Technology","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100004035","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2026]]},"DOI":"10.1109\/access.2026.3665991","type":"journal-article","created":{"date-parts":[[2026,2,18]],"date-time":"2026-02-18T21:21:23Z","timestamp":1771449683000},"page":"28258-28281","source":"Crossref","is-referenced-by-count":0,"title":["Compliance-as-Code for AI-Driven Identity Systems: Clause-to-Control Traceability and Machine-Readable Evidence"],"prefix":"10.1109","volume":"14","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4888-6851","authenticated-orcid":false,"given":"Livinus Obiora","family":"Nweke","sequence":"first","affiliation":[{"name":"Norwegian University of Science and Technology (NTNU), Gjøvik, Norway"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2553-5936","authenticated-orcid":false,"given":"Prosper Kandabongee","family":"Yeng","sequence":"additional","affiliation":[{"name":"Abu Dhabi University, Abu Dhabi, United Arab Emirates"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.5772\/intechopen.1012880"},{"key":"ref2","first-page":"1","volume-title":"Introductory Chapter: Rethinking Online Identity at the Human-AI-Edge Nexus","author":"Nweke","year":"2026"},{"key":"ref3","volume-title":"Regulation (EU) 2024\/1689 of the European Parliament and of the Council on Harmonised Rules on Artificial Intelligence (Artificial Intelligence Act)","year":"2024"},{"issue":"910\/2014","key":"ref4","article-title":"1183 Amending Regulation (EU)","author":"EU","year":"2024","journal-title":"as Regards Establishing the European Digital Identity Framework (eIDAS 2.0)"},{"key":"ref5","volume-title":"679 of the European Parliament and of the Council of 27 April 2016 on the Protection of Natural Persons With Regard to the Processing of Personal Data and on the Free Movement of Such Data, and Repealing Directive 95\/46\/EC (General Data Protection Regulation)","author":"EU","year":"2016"},{"key":"ref6","volume-title":"Directive (EU) 2022\/2555 on Measures for a High Common Level of Cybersecurity Across the Union (NIS2)","year":"2022"},{"key":"ref7","first-page":"511","article-title":"Continuous compliance","volume-title":"Proc. 35th IEEE\/ACM Int. Conf. Automated Softw. Eng. (ASE)","author":"Kellogg"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/CLOUD55607.2022.00066"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/3674805.3690748"},{"key":"ref10","first-page":"1","article-title":"Evidence-based compliance engineering","volume-title":"Proc. VMBO (CEUR Workshop)","volume":"3821","author":"Hulstijn"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.54254\/2755-2721\/2025.22189"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.63282\/3050-9416.IJAIBDCMS-V6I4P109"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2025.3647479"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/ESEM64174.2025.00064"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.30574\/wjaets.2023.10.1.0265"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.63282\/3050-9246.ijetcsit-v6i1p111"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-87778-0_32"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-032-05727-3_39"},{"key":"ref19","article-title":"MIDV-500: A dataset for identity documents analysis and recognition on mobile devices in video stream","author":"Arlazarov","year":"2018","journal-title":"arXiv:1807.05786"},{"key":"ref20","volume-title":"OpenID for Verifiable Presentations 1.0","year":"2025"},{"key":"ref21","volume-title":"Verifiable Credentials Data Model V2.0","year":"2025"},{"key":"ref22","author":"Nweke","year":"2026","journal-title":"Compliance-as-Code for AI-Driven Identity Systems: Supplementary Materials"},{"key":"ref23","doi-asserted-by":"crossref","DOI":"10.6028\/NIST.SP.800-137","article-title":"Information security continuous monitoring (ISCM) for federal information systems and organizations","author":"Dempsey","year":"2011"},{"key":"ref24","article-title":"Secure hash standard (SHS)","year":"2015"},{"key":"ref25","volume-title":"Conftest: Tests for Structured Configuration Data","author":"Project","year":"2025"},{"key":"ref26","volume-title":"Policy Testing","year":"2025"},{"key":"ref27","volume-title":"Bundles","year":"2025"},{"key":"ref28","volume-title":"Open Policy Agent Documentation","year":"2025"},{"key":"ref29","volume-title":"Decision Logs","year":"2025"},{"key":"ref30","volume-title":"OSCAL Component Definition Model V1.1.2: JSON Format Reference","author":"National Institute of Standards","year":"2023"},{"key":"ref31","volume-title":"OSCAL System Security Plan (SSP) Model V1.1.2 Reference","author":"National Institute of Standards","year":"2023"},{"key":"ref32","volume-title":"OSCAL Assessment Results Model V1.1.2: JSON Format Reference","author":"National Institute of Standards","year":"2023"},{"key":"ref33","volume-title":"OSCAL Plan of Action and Milestones (POA&M) Model V1.1.2: JSON Format Reference","author":"National Institute of Standards","year":"2023"},{"key":"ref34","volume-title":"ToTo: A Framework to Secure the Integrity of Software Supply Chains","year":"2025"},{"key":"ref35","volume-title":"Cosign: Verifying Attestations","author":"Project","year":"2025"},{"key":"ref36","article-title":"SLSA: Supply-Chain Levels for Software Artifacts","volume-title":"SLSA Project.","year":"2024"},{"key":"ref37","article-title":"Usnistgov\/Oscal Github Releases (Oscal 1.2.0 and Control Mapping Model Note)","year":"2025","journal-title":"National Institute of Standards and Technology."},{"key":"ref38","article-title":"Chef InSpec: Compliance Automation Software Tools","author":"Software","year":"2025"},{"key":"ref39","article-title":"Compliance-Trestle","volume-title":"OSCAL Compass Project.","year":"2025"},{"key":"ref40","article-title":"OSCAL Compass Community Repository","volume-title":"OSCAL Compass Project.","year":"2025"},{"key":"ref41","volume-title":"New Open Source Tool Automates Compliance","year":"2021"},{"key":"ref42","article-title":"EUROSCAL: Leveraging OSCAL for Continuous Monitoring in EUCS (Whitepaper)","volume-title":"MEDINA Project Consortium.","year":"2023"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/6287639\/11323511\/11398064.pdf?arnumber=11398064","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T20:50:35Z","timestamp":1772225435000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11398064\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"references-count":42,"URL":"https:\/\/doi.org\/10.1109\/access.2026.3665991","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]}}}