{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,31]],"date-time":"2025-10-31T07:11:04Z","timestamp":1761894664824,"version":"3.41.0"},"reference-count":28,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2008,2,1]],"date-time":"2008-02-01T00:00:00Z","timestamp":1201824000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2008,2]]},"abstract":"<jats:p>XACML is the OASIS standard language specifically aimed at the specification of authorization policies. While XACML fits well with the security requirements of a single enterprise (even if large and composed by multiple departments), it does not address the requirements of virtual enterprises in which several autonomous subjects collaborate by sharing their resources to provide better services to customers. In this article we highlight such limitation, and we propose an XACML extension, the policy integration algorithms, to address them. In the article we also present the implementation of a system that makes use of the policy integration algorithms to securely replicate information in a P2P-like environment. In our solution, the data replication process considers the policies specified by both the owners of the data shared and the peers sharing data storage.<\/jats:p>","DOI":"10.1145\/1330295.1330299","type":"journal-article","created":{"date-parts":[[2008,2,8]],"date-time":"2008-02-08T15:32:16Z","timestamp":1202484736000},"page":"1-29","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":55,"title":["XACML Policy Integration Algorithms"],"prefix":"10.1145","volume":"11","author":[{"given":"Pietro","family":"Mazzoleni","sequence":"first","affiliation":[{"name":"University of Milan"}]},{"given":"Bruno","family":"Crispo","sequence":"additional","affiliation":[{"name":"Vrije Universiteit, Amsterdam and University of Trento"}]},{"given":"Swaminathan","family":"Sivasubramanian","sequence":"additional","affiliation":[{"name":"Vrije Universiteit, Amsterdam"}]},{"given":"Elisa","family":"Bertino","sequence":"additional","affiliation":[{"name":"Purdue University"}]}],"member":"320","published-online":{"date-parts":[[2008,2,5]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.5555\/998684.1006926"},{"volume-title":"A Comparison of Two Privacy Policy Languages: EPAL and XACML. Sun Microsystems","author":"Anderson A.","key":"e_1_2_1_2_1","unstructured":"Anderson , A. 2005a. A Comparison of Two Privacy Policy Languages: EPAL and XACML. Sun Microsystems , Inc . Anderson, A. 2005a. A Comparison of Two Privacy Policy Languages: EPAL and XACML. Sun Microsystems, Inc."},{"key":"e_1_2_1_3_1","volume-title":"Ws-policyconstraints: A domain-independent Web services policy assertion language. Sun Microsystems","author":"Anderson A.","year":"2005","unstructured":"Anderson , A. 2005 b. Ws-policyconstraints: A domain-independent Web services policy assertion language. Sun Microsystems , Inc . Anderson, A. 2005b. Ws-policyconstraints: A domain-independent Web services policy assertion language. Sun Microsystems, Inc."},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/967900.967983"},{"key":"e_1_2_1_5_1","unstructured":"Baker M. Kimberly K. and Sean M. 2005. Why traditional storage systems do not help us save stuff forever. Tech. rep. HPL-2005-120. HP Labs.  Baker M. Kimberly K. and Sean M. 2005. Why traditional storage systems do not help us save stuff forever. Tech. rep. HPL-2005-120. HP Labs."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029179.1029195"},{"key":"e_1_2_1_7_1","unstructured":"EU. 1995. Eu directive on data privacy 95\/46\/ec.  EU. 1995. Eu directive on data privacy 95\/46\/ec."},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1062455.1062502"},{"key":"e_1_2_1_9_1","unstructured":"HIPAA. 1996. U.S. government department of health and human services health. Insurance Portability and Accountability Act.  HIPAA. 1996. U.S. government department of health and human services health. Insurance Portability and Accountability Act."},{"key":"e_1_2_1_10_1","unstructured":"HP. 2005. Virtualized infrastructure solutions for mysap business suite. http:\/\/h71028.www.hp.com\/enterprise\/downloads\/HP-virtualSAP_Solution-Brief.pdf.  HP. 2005. Virtualized infrastructure solutions for mysap business suite. http:\/\/h71028.www.hp.com\/enterprise\/downloads\/HP-virtualSAP_Solution-Brief.pdf."},{"key":"e_1_2_1_11_1","volume-title":"4th Semantic Web and Policy Workshop.","author":"Huang D.","year":"2005","unstructured":"Huang , D. 2005 . Semantic policy-based security framework for business processes . 4th Semantic Web and Policy Workshop. Huang, D. 2005. Semantic policy-based security framework for business processes. 4th Semantic Web and Policy Workshop."},{"key":"e_1_2_1_12_1","unstructured":"IBM. 2004. Automate and integrate within and across it processes to support the continually changing needs of business processes. IBM White paper.  IBM. 2004. Automate and integrate within and across it processes to support the continually changing needs of business processes. IBM White paper."},{"key":"e_1_2_1_13_1","unstructured":"Kusnetzky D. and Olofson C. W. 2004. Oracle 10g: Putting grids to work. http:\/\/www.oracle.com\/technology\/tech\/grid\/collateral\/idc_oracle10g.pdf.  Kusnetzky D. and Olofson C. W. 2004. Oracle 10g: Putting grids to work. http:\/\/www.oracle.com\/technology\/tech\/grid\/collateral\/idc_oracle10g.pdf."},{"key":"e_1_2_1_14_1","unstructured":"Lionshare Project. http:\/\/lionshare.its.psu.edu\/main\/.  Lionshare Project. http:\/\/lionshare.its.psu.edu\/main\/."},{"key":"e_1_2_1_15_1","unstructured":"Lockss Project. http:\/\/lockss.stanford.edu\/.  Lockss Project. http:\/\/lockss.stanford.edu\/."},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/968559.968563"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/SCC.2005.49"},{"key":"e_1_2_1_18_1","first-page":"2","volume-title":"Lionshare: A federated","author":"Morr D.","year":"2004","unstructured":"Morr , D. 2004 a. Lionshare: A federated p 2 p app. In Internet2 Members Meeting . Morr, D. 2004a. Lionshare: A federated p2p app. In Internet2 Members Meeting."},{"key":"e_1_2_1_19_1","unstructured":"Morr D. 2004b. Wspl: an xacml-based Web services policy language. In Internet2 Members Meeting.  Morr D. 2004b. Wspl: an xacml-based Web services policy language. In Internet2 Members Meeting."},{"key":"e_1_2_1_20_1","unstructured":"OASIS. 2002. ebxml collaboration protocol profile and agreement technical committee. Collaboration-Protocol Profile and Agreement Specification Version 2.0.  OASIS. 2002. ebxml collaboration protocol profile and agreement technical committee. Collaboration-Protocol Profile and Agreement Specification Version 2.0."},{"key":"e_1_2_1_21_1","unstructured":"OASIS. 2005. Security services technical committee. e{X}tendible {A}ccess {C}ontrol {M}arkup {L}anguage Committee Specification 2.0.  OASIS. 2005. Security services technical committee. e{X}tendible {A}ccess {C}ontrol {M}arkup {L}anguage Committee Specification 2.0."},{"key":"e_1_2_1_22_1","unstructured":"OASIS. 2006. http:\/\/docs.oasis-open.org\/xacml\/xacmlrefs.html.  OASIS. 2006. http:\/\/docs.oasis-open.org\/xacml\/xacmlrefs.html."},{"volume-title":"Response to the uml 2.0 ocl rfp (ad\/2000-09-03), revised submission, version 1.6","year":"2003","key":"e_1_2_1_23_1","unstructured":"OMG, O. M. G. 2003. Response to the uml 2.0 ocl rfp (ad\/2000-09-03), revised submission, version 1.6 , 6 January 2003 . OMG Document ad\/2003-01-07. OMG, O. M. G. 2003. Response to the uml 2.0 ocl rfp (ad\/2000-09-03), revised submission, version 1.6, 6 January 2003. OMG Document ad\/2003-01-07."},{"key":"e_1_2_1_24_1","unstructured":"Sun. Xacml implementation. http:\/\/sunxacml.sourceforge.net\/.  Sun. Xacml implementation. http:\/\/sunxacml.sourceforge.net\/."},{"key":"e_1_2_1_25_1","unstructured":"W3C. 2003. Enterprise privacy authorization language (epal).  W3C. 2003. Enterprise privacy authorization language (epal)."},{"key":"e_1_2_1_26_1","unstructured":"W3C. 2004a. Owl Web ontology language.  W3C. 2004a. Owl Web ontology language."},{"key":"e_1_2_1_27_1","unstructured":"W3C. 2004b. W3C Workshop on Constraints and Capabilities for Web Services.  W3C. 2004b. W3C Workshop on Constraints and Capabilities for Web Services."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029133.1029141"}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1330295.1330299","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1330295.1330299","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T14:47:31Z","timestamp":1750258051000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1330295.1330299"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,2]]},"references-count":28,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2008,2]]}},"alternative-id":["10.1145\/1330295.1330299"],"URL":"https:\/\/doi.org\/10.1145\/1330295.1330299","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"type":"print","value":"1094-9224"},{"type":"electronic","value":"1557-7406"}],"subject":[],"published":{"date-parts":[[2008,2]]},"assertion":[{"value":"2006-11-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2007-06-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2008-02-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}