[1] MYERS A C, LISKOV B. A decentralized model for information flow control [J]. ACM SIGOPS Operating Systems Review, 1997, 31(5): 129-142. [2] La PADULA L J, BELL D E. Secure computer system: a mathematical model, ESD-TR-73-278 [R]. Bedford: MITRE Corporation, 1973. [3] FRIDRICH J, PEVNY T, KODOVSKY J, et al. Statistically undetectable JPEG steg-anography: dead ends, challenges and opportunities [C]// Proceedings of the 9th ACM Workshop on Multimedia and Security. New York, ACM Press, 2007: 3-14. [4] JAIN S, KUMAR A, MANDAL S, et al. B4: experience with a globally-deployed software defined WAN [C]// SIGCOMM'13: Proceedings of the ACM SIGCOMM 2013 Conference on SIGCOMM. New York, ACM Press, 2013: 3-14. [5] ZELDOVICH N, BOYD-WICKIZER S, KOHLER E, et al. Making information flow explicit in HiStar [J]. Communications of the ACM, 2011, 54(11): 93-101. [6] BRODSKY M, EFSTATHOPOULOS P, KAASHOEK F, et al. Toward secure services from untrusted developers, TR-2007-041 [R]. Cambridge: Massachusetts Institute of Technology, 2007. [7] ZHANG Q, McCULLOUGH J, MA J, et al. Neon: system support for derived data management [J]. ACM SIGPLAN Notices, 2010, 45(7): 63-74. [8] CORBATO F J, VYSSOTSKY V A. Introduction and overview of the multics system [C]// AFIPS'65: Proceedings of the 1965 Fall Joint Computer Conference. New York, ACM Press, 1965: 185-196. [9] KROHN M, YIP A, BRODSKY M, et al. Information flow control for standard OS abstractions [J]. ACM SIGOPS Operating Systems Review, 2007, 41(6): 321-334. [10] SHIN S, PORRAS P, YEGNESWARAN V, et al. FRESCO: modular composable security services for software-defined networks [EB/OL]. [2014-06-20]. http://www.csl.sri.com/users/vinod/papers/fresco.pdf. [11] PORRAS P, SHIN S, YEGNESWARAN V, et al. A security enforcement kernel for OpenFlow networks [C]// HotSDN'12: Proceedings of the First Workshop on Hot Topics in Software Defined Networks. New York: ACM Press, 2012: 121-126. [12] FAYAZBAKHSH S K, SEKAR V, YU M, et al. FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions [C]// HotSDN'13: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. New York: ACM Press, 2013: 19-24. [13] MUNDADA Y, RAMACHANDRAN A, TARIQ M B, et al. Practical data-leak prevention for legacy applications in enterprise networks, GT-CS-11-01 [R]. Atlanta: Georgia Institute of Technology, 2011. [14] MUNDADA Y, RAMACHANDRAN A, FEAMSTER N. Silver-Line: data and network isolation for cloud services [EB/OL]. [2014-06-10]. https://www.usenix.org/legacy/event/hotcloud11/tech/final_files/Mundada6-1-11.pdf. |