|
1.Along Lin, “A Knowledge-Based Approach to Internet Authorizations Using PKI”. Trusted E-Services Laboratory HP Laboratories Bristol, HPL-2000-133, Oct. 13, 2000 2.AlphaWorks. XML Security Suite, April 1999. http://www.alphaWorks.ibm.com/tech/xmlsecuritysuite 3.B. Hashii, S. Malabarba, R. Pandey, M. Bishop,” Supporting Reconfigurable Security Policies for Mobile Programs”. http://www9.org/w9cdrom/345/345.html 4.Bertino, E.; Buccafurri, F.; Ferrari, E.; Rullo, P., “A logical framework for reasoning on data access control policies”. Coomputer Security Foundations Workshop, 1999. Proceedings of the 12th IEEE , 1999 , Page(s): 175 -189 5.Bruch Schneier, Applied Cryptography,Second Edition. John Wiley & Sons, Inc. 1996. 6.Charles P. Pfleeger, Security in Computing, Prentice-Hall International, Inc.1989 7.Charlie Huafman, Radia Perlman, Mike Speriner, Network Security Private Communication in a Public World, Prentice-Hall, Englewood Cliffs, New Jersey, 1995 8.Chung-Huang Yang; Shy-Ming Ju; Rao, T.R.N., “A smartcard-based framework for secure document exchange”. Security Technology, 1998. Proceedings., 32nd Annual 1998 International Carnahan Conference on , 1998 , Page(s): 93 -96 9.David Mazieres, Michael Kaminsky, M. Frans Kaashoek and Emmett Witchel, “Separating key management from file system security”. Proceedings of the 17th ACM symposium on Operating systems principles, 1999, Pages 124 - 139 10.Deng, P.; Kuo, C.; Kao, V., “A dynamic access control model for object-oriented system”. Security Technology, 1993 Security Technology, Proceedings, Institute of Electrical and Electronics Engineers 1993 International Carnahan Conference on , 1993 , Page(s): 159 -163 11.Denning, Dorothy E., (Dorothy Elizabeth), Cryptography and Data Security, Addision-Wesley Publishing Company, 1983. 12.Dieter Gollmann, COMPUTER SECURITY, Cambridge, UK, John Wiley & Sons, 1999 13.Edward G. Amoroso, Fundamentals of computer security technology, Prentice-Hall International, Inc., 1994 14.Elisa Bertino, Piero Andrea Bonatti and Elena Ferrari, “TRBAC: a temporal role-based access control model”. Proceedings of the fifth ACM workshop on Role-based access control, 2000, Pages 21 - 30 15.Elisa Bertino, Silvana Castano, Elena Ferrari and Marco Mesiti, "Controlled access and dissemination of XML documents". Proceedings of the second international workshop on Web information and data management, 1999, Pages 22 - 27 16.Elisa Bertino, Silvana Castano, Elena Ferrari, Marco Mesiti,”Specifying and Enforcing Access Control Policies for XML Document Sources”. 17.Emil C. Lupu, Damian A. Marriott, Morris S. Sloman and Nicholas Yialelis, "A Policy Based Role Framework for Access Control". First ACM/NIST Role Based Access Control Workshop, Gaitherburg, USA, Dec. 1995 18.Emil Lupu, Morris Sloman and Nicholas Yialelis, “Policy Based Roles for Distributed Systems Security”. Presented at the HP-Openview University Association(HP-OVUA) Plenary Workshop, Madrid, April 1997 19.Ernesto Damiani, Sabrina De Capitani di Vimercati , Stefano Paraboschi, Pierangela Samarati, “Design and Implementation of an Access Control Processor for XML Documents”. http://www9.org/w9cdrom/419/419.html 20.Fausto Rabitti, Elisa Bertino, Won Kim and Darrell Woelk, “A model of authorization for next-generation database systems”. ACM Trans. Database Syst. 16, 1 (Mar. 1991), Pages 88 - 131 21.Gail-Joon Ahn and Ravi Sandhu, “The RSL99 language for role-based separation of duty constraints”. Proceedings of the fourth ACM workshop on role-based access control on Role-based access control, 1999, Pages 43 — 54 22.Gregory B. White, Eric A. Fisch, Udo W. Pooch, Computer System and Network Security. CRC Press, Inc.1996. 23.Hao He; Wong, R.K. ”A role-based access control model for XML repositories.” Web Information Systems Engineering, 2000. Proceedings of the First International Conference on Volume: 1 , 2000 , Page(s): 138 -145 vol.1 24.Kawase, T.; Watanabe, A.; Sasase, I., “Proposal of secure remote access using encryption”. Global Telecommunications Conference, 1998. GLOBECOM 1998. The Bridge to Global Integration. IEEE ,Volume: 2 , 1998 , Page(s): 868 -873 vol.2 25.Kuo, F.H.; Shen, V.R.L.; Chen, T.S.; Lai, F., “Cryptographic key assignment scheme for dynamic access control in a user hierarchy.” Computers and Digital Techniques, IEE Proceedings-Volume: 146 5 , Sept. 1999 , Page(s): 235 -240 26.Lung Kao; Chow, R., “An extended capability architecture to enforce dynamic access control policies.” Computer Security Applications Conference, 1996., 12th Annual , 1996 , Page(s): 148 -157 27.Lupu, E.; Sloman, M., ”A policy based role object model”. Enterprise Distributed Object Computing Workshop. Proceedings.”, First International , 1997 , Page(s): 36 -47 28.Lupu, E.C. “A Role-Based Framework for Distributed Systems Management.” Ph.D. Thesis, Department of Computing, Imperial College, London, U.K.,July 1998 29.M. E. Zurko, R. Simon, and T. Sanfilippo. “A user-centered, modular authorization service built on an RBAC foundation”. In Proc. of the 20th IEEE Symposium on Security and Privacy, pages 57-71, Oakland, May 1999. 30.Morris Solman, “Policy Specification and Implementation for Distributed Systems Management.” Imperial College, Transfer Report, Jan 31, 2000. 31.Nicodemos Damianou, Naranker Dulay, Emil Lupu,Morris Sloman,”The Ponder Policy Specification Language”. 32.R. S. Sandhu, P, Samarati, “Access Control: Principles and Practice.” IEEE Comm. Magazine, Sep. 1994, p40-48 33.Ravi S. Sandhu and Edward J. Coyne and Hal L. Feinstein and Charles E., “Role-Based Access Control Models”. YoumanComputer, 29(2), pp. 38-47, February 1996. 34.S. Jajodia, P. Samarati, V.S. Subramanian, and E. Bertino. “A Unified Framework for Enforcing Multiple Access Control Policies.” In Proc. of the 1997 ACM International SIGMOD Conference on Management of Data, Tucson, AZ, May 1997. 35.Silvana Castano , Database security, Addision-Wesley Publishing Company , 1995 36.Steven Holzner, XML Complete. The McGraw-Hill Companies, Inc. 1998 37.Trent Jaeger, “On the increasing importance of constraints”, Proceedings of the fourth ACM workshop on role-based access control on Role-based access control, 1999, Pages 33 — 42 38.Tseng, F.S.C.; Wen-Jong Hwung; Fei-Fei Cheng, “An automatic navigation scheme for XML documents through object-relational repository”. Knowledge-Based Intelligent Engineering Systems and Allied Technologies, 2000. Proceedings. Fourth International Conference on Volume: 1 , 2000 , Page(s): 428 -431 vol.1 39.W3C(1998a), ”Extensible Markup Language(XML)1.0,” http://www.w3.org/TR/REC-xml. 40.William Stallings, Network and Internetwork Security Principles and Practice. Prentice-Hall International, Inc.1995 41.World Wide Web Consortium (W3C). Extensible Stylesheet Language (XSL) Specification, April 1999. http://www.w3.org/TR/WD-xsl. 42.余俊德,黃士殷, “Job-based Access Control Model”, NCS 1999 43.杜弘毅,黃景彰.”高信賴度資訊系統之研發-以角色為基礎的安全管理”, http://hcs.nctu.edu.tw/ 44.施淵仁,黃士殷, ”Design of Job Based Access Control Model with Workflow Mechanism.”, Proceedings of the Fifth Symposium on Computer & Communication Technology, 2000. Pages: 3D.29-35 45.陳長念,陳勤意,XML入門與應用.松崗電腦圖書資料股份有限公司.2000
|