{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,10]],"date-time":"2026-06-10T16:47:47Z","timestamp":1781110067505,"version":"3.54.1"},"reference-count":22,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2018,6,30]],"date-time":"2018-06-30T00:00:00Z","timestamp":1530316800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["IIS-1636891"],"award-info":[{"award-number":["IIS-1636891"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"name":"U.S. Army Research Laboratory and the U.K. Ministry of Defence","award":["W911NF-16-3-0001"],"award-info":[{"award-number":["W911NF-16-3-0001"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["J. Data and Information Quality"],"published-print":{"date-parts":[[2018,6,30]]},"abstract":"<jats:p>Access Control policies allow one to control data sharing among multiple subjects. For high assurance data security, it is critical that such policies be fit for their purpose. In this paper we introduce the notion of \u201cpolicy quality\u201d and elaborate on its many dimensions, such as consistency, completeness, and minimality. We introduce a framework supporting the analysis of policies with respect to the introduced quality dimensions and elaborate on research challenges, including policy analysis for large-scale distributed systems, assessment of policy correctness, and analysis of policies expressed in richer policy models.<\/jats:p>","DOI":"10.1145\/3209668","type":"journal-article","created":{"date-parts":[[2018,9,7]],"date-time":"2018-09-07T12:51:06Z","timestamp":1536324666000},"page":"1-6","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":20,"title":["The Challenge of Access Control Policies Quality"],"prefix":"10.1145","volume":"10","author":[{"given":"Elisa","family":"Bertino","sequence":"first","affiliation":[{"name":"Purdue University, West Lafayette IN, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Amani Abu","family":"Jabal","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette IN, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Seraphin","family":"Calo","sequence":"additional","affiliation":[{"name":"IBM TJ Watson Research Center, NY, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Dinesh","family":"Verma","sequence":"additional","affiliation":[{"name":"IBM TJ Watson Research Center, NY, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Christopher","family":"Williams","sequence":"additional","affiliation":[{"name":"The Defence Science and Technology Laboratory, UK"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2018,9,7]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1561\/1900000014"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/501978.501979"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1210263.1210265"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1805974.1805980"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.485845"},{"key":"e_1_2_1_6_1","volume-title":"Version 2.0","author":"OASIS.","year":"2005","unstructured":"OASIS. Extensible access control markup language (XACML) , Version 2.0 ( 2005 ). https:\/\/docs.oasis-open.org\/xacml\/2.0\/access_control-xacml-2.0-core-spec-os.pdf. OASIS. Extensible access control markup language (XACML), Version 2.0 (2005). https:\/\/docs.oasis-open.org\/xacml\/2.0\/access_control-xacml-2.0-core-spec-os.pdf."},{"key":"e_1_2_1_7_1","volume-title":"Proceedings of 2017 IEEE World Congress on Services (SERVICES\u201917)","author":"Bertino E.","unstructured":"E. Bertino , A. A. Jabal , S. Calo , C. Makaya , M. Touma , D. Verma , and C. Williams . 2017. Provenance-based analytics services for access control policies . In Proceedings of 2017 IEEE World Congress on Services (SERVICES\u201917) . E. Bertino, A. A. Jabal, S. Calo, C. Makaya, M. Touma, D. Verma, and C. Williams. 2017. Provenance-based analytics services for access control policies. In Proceedings of 2017 IEEE World Congress on Services (SERVICES\u201917)."},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/103140.103144"},{"key":"e_1_2_1_9_1","unstructured":"A. A. Jabal M. Davari E. Bertino C. Makaya S. Calo D. Verma A. Russo and C. Williams. 2018. Techniques for policy analysis and validation. January 2018 submitted for publication.  A. A. Jabal M. Davari E. Bertino C. Makaya S. Calo D. Verma A. Russo and C. Williams. 2018. Techniques for policy analysis and validation. January 2018 submitted for publication."},{"key":"e_1_2_1_10_1","volume-title":"Proceedings of 37th IEEE International Conference on Distributed Computing Systems (ICDCS\u201917)","author":"Bertino E.","unstructured":"E. Bertino , S. Calo , M. Touma , D. Verma , C. Williams , and B. Rivera . 2017. A cognitive policy framework for next-generation distributed federated systems: Concepts and research directions . In Proceedings of 37th IEEE International Conference on Distributed Computing Systems (ICDCS\u201917) . E. Bertino, S. Calo, M. Touma, D. Verma, C. Williams, and B. Rivera. 2017. A cognitive policy framework for next-generation distributed federated systems: Concepts and research directions. In Proceedings of 37th IEEE International Conference on Distributed Computing Systems (ICDCS\u201917)."},{"key":"e_1_2_1_11_1","volume-title":"Proceedings of the 2016 IEEE 12th International Conference on e-Science.","author":"Abu Jabal A.","unstructured":"A. Abu Jabal and E. Bertino . 2016. SimP: Secure interoperable multi-granular provenance framework . In Proceedings of the 2016 IEEE 12th International Conference on e-Science. A. Abu Jabal and E. Bertino. 2016. SimP: Secure interoperable multi-granular provenance framework. In Proceedings of the 2016 IEEE 12th International Conference on e-Science."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.48"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1062455.1062502"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2008.11.005"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.is.2015.03.011"},{"key":"e_1_2_1_16_1","volume-title":"Proceedings of the 2007 IEEE International Conference on Web Services (ICWS\u201907)","author":"Yau S.","unstructured":"S. Yau and J. Liu . 2007. A situation-aware access control based privacy-preserving service matchmaking approach for service-oriented architecture . In Proceedings of the 2007 IEEE International Conference on Web Services (ICWS\u201907) . S. Yau and J. Liu. 2007. A situation-aware access control based privacy-preserving service matchmaking approach for service-oriented architecture. In Proceedings of the 2007 IEEE International Conference on Web Services (ICWS\u201907)."},{"key":"e_1_2_1_17_1","volume-title":"Proceedings of the IEEE International Conference on Web Services (ICWS'04)","author":"Bhatti R.","unstructured":"R. Bhatti , E. Bertino , and A. Ghafoor . 2004. A trust-based context-aware access control model for web-services . In Proceedings of the IEEE International Conference on Web Services (ICWS'04) . R. Bhatti, E. Bertino, and A. Ghafoor. 2004. A trust-based context-aware access control model for web-services. In Proceedings of the IEEE International Conference on Web Services (ICWS'04)."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-03007-9_22"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-010-0106-1"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2018.1700333"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2013.68"},{"key":"e_1_2_1_22_1","doi-asserted-by":"crossref","unstructured":"C. Batini and M. Scannapieco. 2016. Data and Information Quality -- Dimensions Principles and Techniques. Springer.   C. Batini and M. Scannapieco. 2016. Data and Information Quality -- Dimensions Principles and Techniques. Springer.","DOI":"10.1007\/978-3-319-24106-7"}],"container-title":["Journal of Data and Information Quality"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3209668","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3209668","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3209668","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:39:33Z","timestamp":1750210773000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3209668"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,6,30]]},"references-count":22,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2018,6,30]]}},"alternative-id":["10.1145\/3209668"],"URL":"https:\/\/doi.org\/10.1145\/3209668","relation":{},"ISSN":["1936-1955","1936-1963"],"issn-type":[{"value":"1936-1955","type":"print"},{"value":"1936-1963","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,6,30]]},"assertion":[{"value":"2018-01-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2018-04-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2018-09-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}