參考文獻:

[1] BIBA K J. Integrity Considerations for Secure Computer Systems, MTR-3153[R]. Bedford: The MITRE Corporation, 1975.

[2] BIBA K J. Integrity Considerations for Secure Computer Systems, ESD-TR-76-372[R]. Bedford: The MITRE Corporation, 1977.

[3] BISHOP M. Computer Security: Art and Science[M]. Boston: Addison Wesley, 2002:0-201-4409-7.

[4] 周洲儀, 賀也平, 梁洪亮. 基于Biba和Clark-Wilson策略的混合強制完整性模型[J]. 軟件學報, 2010,21(1):98−106.

[5] 張相鋒, 孫玉芳. Biba模型中嚴格完整性政策的動態實施[J]. 計算機研究與發展, 2005, 42(5):746-754.

[6] 張明西, 韋俊銀, 程裕強, 等. 具有歷史特征的Biba模型嚴格完整性策略[J]. 鄭州大學學報（理學版）, 2011, 43(1):85-89.

[7] 張明西, 韋俊銀, 張相峰, 等. 主體完整性標記動態確定方案及其正確性證明[J]. 小型微型計算機系統, 2011, 32(4):656-661.

[8] 何建波, 卿斯漢, 王超. 對兩個改進的BLP模型的分析[J]. 軟件學報, 2007, 18(6):1501-1509.

[9] BELL D E, LAPADULA L J. Secure Computer Systems: Mathematical Foundations, ESD-TR-73-278, I(AD)770768[R]. Bedford: The MITRE Corporation, 1973.

[10] LAPADULA L J, BELL D E. Secure Computer Systems: A Mathematical Model, ESD-TR-73-278, II(AD)771543[R]. Bedford: The MITRE Corporation, 1973.

[11] WATSON R, FELDMAN B, MIGUS A, et al. Design and Implementation of Trusted BSD MAC Framework[C]//Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX III), Washington, 2003. Los Alamitos: IEEE Computer Society Press, 2003, 1:38-49.

[12] RILEY S. Mandatory Integrity Control in Windows Vista[EB/OL]. http://blogs.technet.com/b/steriley/archive/2006/07/21/442870.aspx.

[13] BADGER L, STERNE D F, SHERMAN D L, et al. A Domain and Type Enforcement UNIX Prototype[J]. USENIX Computing Systems, 1996,9(1):47–83.

[14] LOSCOCCO P, SMALLEY S. Integrating Flexible Support for Security Policies into the Linux Operating System[C]//Proceedings of the 2001 USENIX Annual Technical Conference, Boston. Berkeley: USENIX Association, 2001:29-42

[15] SMALLEY S. Configuring the SELinux Policy, 02-007[R]. [S.l.]: NAI Labs, 2005.

[16] LOSCOCCO P, SMALLEY S. Meeting Critical Security Objectives with Security-Enhanced Linux[C]//Proceedings of the 2001 Ottawa Linux Symposium. 2001:58-63

[17] SMALLEY S, VANCE C, SALAMON W. Implementing SELinux as a Linux Security Module, 01-043[R]. [S.l.]: NAI Labs, 2006.

[18] FRANK M, KARL M，DAVID C. SELinux by Example: Using Security Enhanced Linux[M]. New Jersey: Prentice Hall, 2006:0-131-96369-4.

[19] BELL D E. Security Policy Modeling for the Next-generation Packet Switch[C]//Proceedings of the IEEE Symposium on Security and Privacy, Oakland, 1988. Los Alamitos: IEEE Computer Society Press, 1988:212-216

 

基金項目：核高基項目（2010ZX01045-001-002-5）：基于國產基礎軟件的集成與運行環境研究。

林橋鏗（1977-），男，廣東新會人，碩士研究生，主要研究方向為操作系統安全；

陳松政（1971-），男，安徽祁門人，碩士生導師，主要研究方向為系統軟件與計算機安全；

魏立峰（1973-），男，山東聊城人，副研究員，主要研究方向為系統軟件與信息安全。