{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:33:28Z","timestamp":1750221208987,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":24,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,11,15]],"date-time":"2018-11-15T00:00:00Z","timestamp":1542240000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,11,15]]},"DOI":"10.1145\/3277570.3277587","type":"proceedings-article","created":{"date-parts":[[2018,10,25]],"date-time":"2018-10-25T12:14:38Z","timestamp":1540469678000},"page":"1-4","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Coping with Access Control Requirements in the Context of Mutual Dependencies between Business and IT"],"prefix":"10.1145","author":[{"given":"Roman","family":"Pilipchuk","sequence":"first","affiliation":[{"name":"FZI Research Center for Information Technology, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,11,15]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1998441.1998445"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542207.1542223"},{"key":"e_1_3_2_1_3_1","unstructured":"O'Connor A. and Loomis R. 2010. NIST - Economic Analysis of Role-Based Access Control. Technical Report.  O'Connor A. and Loomis R. 2010. NIST - Economic Analysis of Role-Based Access Control. Technical Report."},{"key":"e_1_3_2_1_4_1","volume-title":"Retrieved","author":"American National Standards Institute (ANSI) and InterNational Committee for Information Technology (INCITS).","year":"2012","unstructured":"American National Standards Institute (ANSI) and InterNational Committee for Information Technology (INCITS). 2012 . INCITS 359-2012 - Information technology - Role Based Access Control Standard . Retrieved March 22, 2018 from https:\/\/www.bis.org\/publ\/bcbs189.pdf American National Standards Institute (ANSI) and InterNational Committee for Information Technology (INCITS). 2012. INCITS 359-2012 - Information technology - Role Based Access Control Standard. Retrieved March 22, 2018 from https:\/\/www.bis.org\/publ\/bcbs189.pdf"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.im.2003.06.002"},{"key":"e_1_3_2_1_6_1","volume-title":"Retrieved","author":"AXELOS.","year":"2011","unstructured":"AXELOS. 2011 . ITIL Edition 2011 . Retrieved March 22, 2018 from https:\/\/www.axelos.com\/best-practice-solutions\/itil\/what-is-itil AXELOS. 2011. ITIL Edition 2011. Retrieved March 22, 2018 from https:\/\/www.axelos.com\/best-practice-solutions\/itil\/what-is-itil"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2871148"},{"key":"e_1_3_2_1_8_1","volume-title":"et al","author":"Ferraiolo D.","year":"2007","unstructured":"F. Ferraiolo D. et al . 2007 . Role-Based Access Control. Artech House Publishers . F. Ferraiolo D. et al. 2007. Role-Based Access Control. Artech House Publishers."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"crossref","unstructured":"Achim D. Brucker Isabelle Hang Gero L\u00c3ijckemeyer and Raj Ruparel. 2012. SecureBPMN: Modeling and enforcing access control requirements in business processes. (2012).  Achim D. Brucker Isabelle Hang Gero L\u00c3ijckemeyer and Raj Ruparel. 2012. SecureBPMN: Modeling and enforcing access control requirements in business processes. (2012).","DOI":"10.1145\/2295136.2295160"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/501978.501980"},{"key":"e_1_3_2_1_11_1","volume-title":"Retrieved","author":"German Federal Office","year":"2006","unstructured":"German Federal Office for Information Security. 2006 . IT Baseline Protection . Retrieved March 22, 2018 from https:\/\/www.bgbl.de\/xaver\/bgbl\/start.xav?startbk=Bundesanzeiger_BGBl&start=\/\/*%255B@attr_id=%27bgbl115s1324.pdf%27%255D#__bgbl__%2F%2F*%5B%40attr_id%3D%27bgbl115s1324.pdf%27%5D__1521637790899 German Federal Office for Information Security. 2006. IT Baseline Protection. Retrieved March 22, 2018 from https:\/\/www.bgbl.de\/xaver\/bgbl\/start.xav?startbk=Bundesanzeiger_BGBl&start=\/\/*%255B@attr_id=%27bgbl115s1324.pdf%27%255D#__bgbl__%2F%2F*%5B%40attr_id%3D%27bgbl115s1324.pdf%27%5D__1521637790899"},{"key":"e_1_3_2_1_12_1","volume-title":"Retrieved","author":"International Organization for Standardization (ISO) and der International Electrotechnical Commission (IEC).","year":"2018","unstructured":"International Organization for Standardization (ISO) and der International Electrotechnical Commission (IEC). 2018 . ISO\/IEC 27000:2018 . Retrieved March 22, 2018 from https:\/\/www.iso.org\/standard\/73906.html International Organization for Standardization (ISO) and der International Electrotechnical Commission (IEC). 2018. ISO\/IEC 27000:2018. Retrieved March 22, 2018 from https:\/\/www.iso.org\/standard\/73906.html"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/344287.344308"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.46"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2015.08.006"},{"key":"e_1_3_2_1_16_1","volume-title":"Retrieved","author":"Federal Financial Supervisory Authority","year":"2017","unstructured":"Federal Financial Supervisory Authority (BaFin) of Germany. 2017 . Minimum Requirements for Risk Management . Retrieved March 22, 2018 from https:\/\/www.bundesbank.de\/Redaktion\/EN\/Downloads\/Tasks\/Banking_supervision\/PDF\/minimum_requirements_for_risk_management_mindestanforderungen_an_das_risikomanagement_marisk.pdf?__blob=publicationFile Federal Financial Supervisory Authority (BaFin) of Germany. 2017. Minimum Requirements for Risk Management. Retrieved March 22, 2018 from https:\/\/www.bundesbank.de\/Redaktion\/EN\/Downloads\/Tasks\/Banking_supervision\/PDF\/minimum_requirements_for_risk_management_mindestanforderungen_an_das_risikomanagement_marisk.pdf?__blob=publicationFile"},{"key":"e_1_3_2_1_17_1","volume-title":"Retrieved","author":"Federal Republic","year":"2015","unstructured":"Federal Republic of Germany. 2015 . IT Security Act . Retrieved March 22, 2018 from https:\/\/www.bgbl.de\/xaver\/bgbl\/start.xav?startbk=Bundesanzeiger_BGBl&start=\/\/*%255B@attr_id=%27bgbl115s1324.pdf%27%255D#__bgbl__%2F%2F*%5B%40attr_id%3D%27bgbl115s1324.pdf%27%5D__1521538190954 Federal Republic of Germany. 2015. IT Security Act. Retrieved March 22, 2018 from https:\/\/www.bgbl.de\/xaver\/bgbl\/start.xav?startbk=Bundesanzeiger_BGBl&start=\/\/*%255B@attr_id=%27bgbl115s1324.pdf%27%255D#__bgbl__%2F%2F*%5B%40attr_id%3D%27bgbl115s1324.pdf%27%5D__1521538190954"},{"key":"e_1_3_2_1_18_1","volume-title":"Retrieved","author":"Object Management Group (OMG).","year":"2011","unstructured":"Object Management Group (OMG). 2011 . Business Process Model and Notation (BPMN) v2.0.2 . Retrieved March 22, 2018 from http:\/\/www.omg.org\/spec\/BPMN Object Management Group (OMG). 2011. Business Process Model and Notation (BPMN) v2.0.2. Retrieved March 22, 2018 from http:\/\/www.omg.org\/spec\/BPMN"},{"key":"e_1_3_2_1_19_1","volume-title":"Retrieved","author":"Basel Committee on Banking Supervision (BCBS).","year":"2011","unstructured":"Basel Committee on Banking Supervision (BCBS). 2011 . Third Basel Accord . Retrieved March 22, 2018 from https:\/\/www.bis.org\/publ\/bcbs189.pdf Basel Committee on Banking Supervision (BCBS). 2011. Third Basel Accord. Retrieved March 22, 2018 from https:\/\/www.bis.org\/publ\/bcbs189.pdf"},{"key":"e_1_3_2_1_20_1","volume-title":"EMLS'17 (Softwaretechnik Trends)","volume":"37","author":"Pilipchuk","year":"2017","unstructured":"R. Pilipchuk et al. 2017 . Defining a Security-Oriented Evolution Scenario for the CoCoME Case Study . In EMLS'17 (Softwaretechnik Trends) , Vol. 37 . 60--77. R. Pilipchuk et al. 2017. Defining a Security-Oriented Evolution Scenario for the CoCoME Case Study. In EMLS'17 (Softwaretechnik Trends), Vol. 37. 60--77."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0950-5849(03)00097-1"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"Wieringa R. Blanken H. Fokkinga M. and P. Grefen. 2003. Aligning application architecture to the business context. In Advanced Information Systems Engineering. 209--225.   Wieringa R. Blanken H. Fokkinga M. and P. Grefen. 2003. Aligning application architecture to the business context. In Advanced Information Systems Engineering. 209--225.","DOI":"10.1007\/3-540-45017-3_16"},{"key":"e_1_3_2_1_23_1","volume-title":"Proceedings of the 4th International Conference on Information Systems Security and Privacy -","volume":"82","author":"Alpers S.","unstructured":"Alpers S. , Pilipchuk R. , Oberweis A. , and Reussner R . 2018. Identifying Needs for a Holistic Modelling Approach to Privacy Aspects in Enterprise Software Systems . In Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP. 74-- 82 . Alpers S., Pilipchuk R., Oberweis A., and Reussner R. 2018. Identifying Needs for a Holistic Modelling Approach to Privacy Aspects in Enterprise Software Systems. In Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP. 74--82."},{"key":"e_1_3_2_1_24_1","volume-title":"Retrieved","author":"European Union","year":"2016","unstructured":"European Union . 2016 . General Data Protection Regulation (GDPR) . Retrieved March 22, 2018 from http:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32016R0679&from=EN European Union. 2016. General Data Protection Regulation (GDPR). Retrieved March 22, 2018 from http:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32016R0679&from=EN"}],"event":{"name":"CECC 2018: Central European Cybersecurity Conference 2018","sponsor":["University of Maribor"],"location":"Ljubljana Slovenia","acronym":"CECC 2018"},"container-title":["Proceedings of the Central European Cybersecurity Conference 2018"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3277570.3277587","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3277570.3277587","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:39:38Z","timestamp":1750210778000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3277570.3277587"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,11,15]]},"references-count":24,"alternative-id":["10.1145\/3277570.3277587","10.1145\/3277570"],"URL":"https:\/\/doi.org\/10.1145\/3277570.3277587","relation":{},"subject":[],"published":{"date-parts":[[2018,11,15]]},"assertion":[{"value":"2018-11-15","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}