2D F Ferraiolo, R Kuhn. Role-based access control. The 15th National Computer Security Conf, Baltimore, MD, 1992. http://hissa.ncsl.nist.gov/kuhn
3R S Sandhu et al. Role-based access control models. IEEE Computer, 1996, 29(2): 38~47
4P Loscocco et al.The Inevitability of failure: The flawed assumption of security in modern computing environments, national security agency. The 21st National Information Systems Security Conf, Virginia, USA, 1997
5David F Ferraiolo. An argument for the role-based access control model. The 6th ACM Symp on Access Control Models and Technologies, Chantilly, Virginia, USA, 2001
6R Sandhu, P Samarati. Access control: Principles and practice. IEEE Communications, 1994, 32(9): 40~48
7Feustel, Mayfield. The DGSA: Unmet information security challenges for operating system designers. Operating Systems Review, 1998, 32(1): 3~22
8Research Challenges in Operating System Security, Arlington, Hilton: DARPA/ISO. 1997. http://www.ito.arpa.mil/Proceedings/OS_Security/challenges/challenges_long.html
9J H Saltzer, M Schroeder. The protection and control of information sharing in multics. Communications of the ACM, 1974, 17(7): 388~402
10J Hoffman. Implementing RBAC on type enforced systems. In: Proc of the 13th Annual Computer Security Applications Conf. San Diego, CA: IEEE Computer Society Press, 1997