R. Accorsi, Automated Privacy Audits to Complement the Notion of Control for Identity Management In: Policies and Research in Identity Management, pp.39-48, 2008.

J. G. Cederquist, Audit-based compliance control, International Journal of Information Security, vol.13, issue.1, pp.133-151, 2007.
DOI : 10.3233/JCS-2005-13107

URL : http://eprints.eemcs.utwente.nl/9530/01/fulltext.pdf

E. W. Dijkstra, On the Role of Scientific Thought, pp.60-66, 1982.
DOI : 10.1007/978-1-4612-5695-3_12

. Project, Towards Trustworthy Systems with Open Standards and Trusted Computing

S. Etalle and W. H. Winsborough, A posteriori compliance control, SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologies, pp.11-20, 2007.
DOI : 10.5771/9783845238098-125

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

[. Gruschka, R. Herkenhöner, and N. Luttenberger, WS-SecurityPolicy Decision and Enforcement for Web Service Firewalls, Proceeding IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation, pp.19-25, 2006.

S. Höhn and J. Jürjens, Rubacon: automated support for model-based compliance engineering ICSE 08, Proceedings of the 30 th international conference on Software engineering, 2008.

R. Herkenhoener, M. Jensen, H. Poehls, and H. D. Meer, Towards Automated Processing of the Right of Access in Inter-organizational Web Service Compositions, 2010 6th World Congress on Services, 2010.
DOI : 10.1109/SERVICES.2010.56

A. R. Hevner, S. T. March, and J. Park, Design Science Research in Information Systems, MIS Quarterly, vol.28, issue.1, pp.75-105, 2004.
DOI : 10.1007/978-1-4419-5653-8_2

D. Scott and R. Sharp, Abstracting application-level web security, Proceedings of the eleventh international conference on World Wide Web , WWW '02, pp.396-407, 2002.
DOI : 10.1145/511446.511498

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

R. Sandhu and P. Samarati, Access control: principle and practice, IEEE Communications Magazine, vol.32, issue.9, pp.40-48, 1994.
DOI : 10.1109/35.312842

J. Park and R. Sandhu, usage control model, ACM Transactions on Information and System Security, vol.7, issue.1, pp.128-174, 2004.
DOI : 10.1145/984334.984339

D. Povey, Optimistic security, Proceedings of the 1999 workshop on New security paradigms , NSPW '99, pp.40-45, 2000.
DOI : 10.1145/335169.335188

A. Uszok, J. M. Bradshaw, R. Jeffers, A. Tate, and J. Dalton, Applying KAoS Services to Ensure Policy Compliance for Semantic Web Services Workflow Composition and Enactment, LNCS, vol.3298, pp.425-440, 2004.
DOI : 10.1007/978-3-540-30475-3_30

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

H. R. Varian, Economic Aspects of Personal Privacy, Internet Policy and Economics, vol.4, pp.101-109, 2009.
DOI : 10.1007/b104899_7

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=