[1] FIELDING R T. Architectural styles and the design of network-based software architectures[D]. Irvine:University of California, 2000:76-106. [2] 百度百科.REST[EB/OL].[2017-10-31].https://baike.baidu.com/item/rest/6330506?fr=aladdin.(Baidu Baike. REST[EB/OL].[2017-10-31]. https://baike.baidu.com/item/rest/6330506?fr=aladdin.) [3] 程飞.REST的安全性分析与策略研究[D].北京:北京交通大学,2013:17-52.(CHENG F. The Security analysis and strategic research of REST[D]. Beijing:Beijing Jiaotong University, 2013:17-52.) [4] 程飞,沈波.REST的安全性分析与策略研究[J].铁路计算机应用,2013,22(10):34-36.(CHENG F, SHEN B. Security analysis and strategic research of REST[J]. Railway Computer Application, 2013, 22(10):34-36.) [5] 韩志杰,段晓阳.基于REST的Web服务安全模型[J].信息化研究,2011,37(6):49-51,56.(HAN Z J, DUAN X Y. Web service security model based on REST[J]. Informatization Research, 2011, 37(6):49-51, 56.) [6] 王亚玲,王胜,李晓珍,等.基于面向资源架构的Web资源服务安全交互模型设计与实现[J].计算机应用,2015,35(S2):160-163,184.(WANG Y L, WANG S, LI X Z, et al. Design and implementation of Web resource service security interaction model based on resource-oriented architecture[J]. Journal of Computer Applications, 2015, 35(S2):160-163, 184.) [7] 张玉凤,楼芳,张历.面向软件攻击面的Web应用安全评估模型研究[J].计算机工程与科学,2016,38(1):73-77.(ZHANG Y F, LOU F, ZHANG L. Security assessment of Web applications based on software attack surface[J]. Computer Engineering & Science, 2016, 38(1):73-77.) [8] 李玲娟,孙光辉.网络攻击图生成算法研究[J].计算机技术与发展,2010,20(10):171-175.(LI L J, SUN G H. Research on algorithm of generating network attack graph[J]. Computer Technology and Development, 2010, 20(10):171-175.) [9] 王继钢.基于攻击图模型的网络可能入侵估计研究[J].微电子学与计算机,2016,33(2):116-119.(WANG J G. Invade estimation research based on network attack graph mode[J]. Microelectronics & Computer, 2016, 33(2):116-119.) [10] 程叶霞,姜文,薛质,等.基于攻击图模型的多目标网络安全评估研究[J].计算 机研 究与 发展,2012,49(增刊):23-31.(CHENG Y X, JIANG W, XUE Z, et al. Multi-objective network security evaluation based on attack graph model[J]. Journal of Computer Research and Development, 2012, 49(Suppl.):23-31.) [11] 陈锋,张怡,苏金树.攻击图的两种形式化分析[J].软件学报,2010,21(4):838-848.(CHEN F, ZHANG Y, SU J S, et al. Two formal analyses of attack graphs[J]. Journal of Software, 2010, 21(4):838-848.) [12] 吴明峰,张永胜,李园园,等.Web服务攻击技术研究[J].计算机技术与发展,2012,22(1):213-216.(WU M F, ZHANG Y S, LI Y Y, et al. Research of Web services attack technology[J]. Computer Technology and Development, 2012, 22(1):213-216.) [13] 华悦,徐涛.一种基于SOA的SOAP消息安全传输机制[J].计算机科学,2012,39(6):77-80.(HUA Y, XU T. SOAP message security transport mechanism based on SOA[J]. Computer Science, 2012, 39(6):77-80.) [14] 高妮,高岭,贺毅岳,等.基于贝叶斯攻击图的最优安全防护策略选择模型[J].计算机工程与应用,2016,52(11):125-130.(GAO N, GAO L, HE Y Y, et al. Optimal security hardening measures selection model based on Bayesian attack graph[J]. Computer Engineering and Applications, 2016, 52(11):125-130.) [15] 仝青,张铮,张为华,等.拟态防御Web服务器设计与实现[J].软件学报,2017,28(4):883-897.(TONG Q, ZHANG Z, ZHANG W H, et al. Design and implementation of mimic defense Web server[J]. Journal of Software, 2017, 28(4):883-897.) |