[1]SAYDJARI O S. Multilevel security: reprise[J]. Security & Privacy, 2004,2(5): 64-67.[2]RUSHBY J. From DSS to MILS[M]. Berlin:Springer-Verlag, 2011: 53-57.[3]BOETTCHER C, DELONG R, RUSHBY J, et al. The MILS component integration approach to secure information sharing[C]// Proceedings of the 27th IEEE/AIAA Digital Avionics Systems Conference. Piscataway, NJ: IEEE Press, 2008: 1-12.[4]National computer security center. NCSC-TG-005, Trusted network interpretation[S]. USA: Department of Defence, 1987.[5]LU W P, SUNDARESHAN M K. A model for multilevel security in computer networks[J]. IEEE Transactions on Software Engineering, 1990, 16(6): 647-659.[6]VNADHARAJM V. A multilevel security policy model for networks[C]// INFOCOM '90. Proceedings of the Ninth Annual Joint Conference of the IEEE Computer and Communication Societies. Washington, DC: IEEE Computer Society, 1990: 710-718.[7]LEVIN T E, IRVINE C E, WEISSMAN C, et al. Analysis of three multilevel security architectures[C]// Proceedings of 2007 ACM Workshop on Computer Security Architecture. New York: ACM Press, 2007: 610-619.[8]FOSS J A, HARRISON W S, OMAN P, et al. The MILS architecture for high-assurance embedded systems[J]. International Journal of Embedded Systems, 2006, 2(3): 239-247.[9]LEVIN T E, IRVINE C E, NGUYEN T D. Least privilege in separation kernels[C]// Proceedings of the IEEE International Conference on Security and Cryptography. Piscataway, NJ: IEEE Press, 2006: 355-362.[10]LUO J, KANG M. Infrastructure for multi-level secure service-oriented architecture (MLS-SOA)[C]// Proceedings of 2010 Military Communications Conference. Piscataway, NJ: IEEE Press, 2010: 475-481.[11]NGUYEN T D, GONDREE M A, SHIFFLETT D J, et al. A cloud-oriented cross-domain security architecture[C]// Proceedings of 2010 Military Communications Conference. Piscataway, NJ: IEEE Press, 2010: 441-447.[12]GOGUEN J A, MESEGUER J. Security policies and security models[C]// IEEE Symposium on Security and Privacy. Washington, DC: IEEE Computer Society, 1982: 11-20.[13]SHI Q, ZHANG N. An effective model for composition of secure systems[J]. The Journal of Systems and Software, 1998, 43(3): 233-244.[14]RUSHBY J. Partitioning for avionics architectures: Requirements, mechanisms, and assurance, CR-1999-209347 [R]. Menlo Park CA : SRI International, 1999.[15]CHENG P, ROHATGI P, KESER C, et al. Fuzzy multi-level security: an experiment on quantified risk-adaptive access control[C]// Proceedings of 2007 IEEE Symposium on Security and Privacy. Piscataway, NJ: IEEE Press, 2007: 222-230. |