[1]沈昌祥,张焕国,冯登国,等.信息安全综述[J].中国科学E辑:信息科学,2007,2(1):129-150.[2]SALTZER J H, SCHROEDER M D. The protection of information in computer systems [J]. Proceedings of IEEE, 1975, 63(9): 1278-1308.[3]BUYENS K, de WIN B, JOOSEN W. Resolving least privilege violations in software architectures [C]// Proceedings of the 5th Inter-national Workshop on Software Engineering for Secure Systems. Washington, DC: IEEE Computer Society, 2009: 9-16.[4]LEVIN T E, IRVINE C E, NGUYEN T D. A least privilege model for static separation kernels, NPS-CS-05-003 [R]. Monterey: Naval Postgraduate School, Center of Information Systems Security Studies and Research, 2004.[5]梁彬.可信进程机制及相关问题研究[D].北京:中国科学院软件研究所,2004.[6]CHEN S, DUNAGAN J, VERBOWSKI C, et al. A black-box tracing technique to identify causes of least-privilege incompatibilities [EB/OL]. [2012-06-10]. http://www.isoc.org/isoc/conferences/ndss/05/proceedings/papers/chen-ndss05.pdf.[7]朱鲁华.安全操作系统模型和实现结构研究[D].郑州:信息工程大学,2002.[8]FERRAIOLO D F, KUHN D R. Role-based access control [C]// Proceedings of the 15th NIST-NSA National Computer Security Conference. Baltimore, MD: [s.n.], 1992: 554-563.[9]SANDHU R S, COYNE E J, FEINSTEIN H L, et al. Role-based access control models [J]. Computer, 1996, 29(2): 38-47.[10]FERRAIOLO D F, CUGINI J, KUHN D R. Role-Based Access Control (RBAC): features and motivations [C]// Proceedings of the 11th Annual Computer Security Applications Conference. Washington, DC: IEEE Computer Society, 1995: 241-248.[11]KUHN D R. Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems [C]// Proceedings of the 2nd ACM Workshop on Role-based Access Control. New York: ACM Press, 1997: 23-30.[12]CHEN H, LI N H. Constraint generation for separation of duty [C]// Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies. New York: ACM Press, 2006: 130-138.[13]徐小良,汪乐宇,周泓.有限状态机的一种实现框架[J].工程设计学报,2003,10(5):251-255. |