基于社会联盟机制的Web服务安全控制模型研究
|
摘要
Internet已经演化成一个巨大的服务网络、事务性网络。人们通过Internet享受着这个庞大网络带来的方便,也忍受着与之俱来的窃听、泄密甚至黑客攻击。因此,人们采取了各种各样的安全技术来保护网络、重要设备及机密数据,迫切希望改变拥塞不堪、漏洞不断的网络现状,能使无中心控制的Internet变得安全有序,能在某些智能机制的调控下有弹性有约束地提供有质量保障的网络服务。
众所周知,人类社会是一个高度智能的发达的服务网络。它有着局部的结构自治,不同的国家政权维护着某一地域的社会秩序。但从整个世界范围看,这些众多的“异构网络”保持着和谐的兼容性。随着虚拟地球村的形成,世界的经济、生活、服务等早已跨越不同的国家政权组成全球性的“社会联盟”,这种社会联盟显示出在大规模事务管理方面社会智能特性:无中心的动态自适应控制、具有一定可信度的社会信誉评估保障体系和动态均衡特性,这些都为建立可信、可靠、可扩展性的新一代Web服务提供重要的借鉴机理。本论文就是借鉴了这些智能调控机理来控制Web服务的动态事务特性,建立了Web服务动态安全保障体系。
首先,我们对Web服务的现状、发展趋势和安全需求作了综述,提出建立可信、可靠、可扩展的Web服务安全目标,指出人类社会的有关安全管理机理对Web服务的动态服务保障和安全管理特性有天然的启迪。根据人类社会的分层次事务、逻辑控制机制,规划了Web服务智能安全控制框架。以后,各章分别对每个分层进行了相关安全机理的研究。
社会智能是人类社会进化过程中产生的趋利避害自我保护的逻辑智能。受人类社会智能的启发,设计了网络信息流安全环检测模型,对有关安全闭环机理进行了深入研究和仿真试验对照。并根据此模型开发了安全环防火墙监控技术和三因素身份认证技术。
邮局服务是人类社会中普遍存在的跨国家和地区的普适事务。根据社会邮局服务,设计了Web服务流安全集成模型,提出了Web服务事务安全闭环算法和Web服务安全监管闭环算法,并结合相关的安全规范,讨论了Web服务事务安全闭环策略(WS-TRing)、信息流安全闭环策略(WS-Ring)的实现方法。
小世界网络是人类社会中普遍存在关系网络、资源网络、信息网络,根据小世界模型设计了可信Web服务的管理及组织模型。详细讨论了其内在机制和实现原理,并且作了有关的仿真试验,验证了Web服务的负载均衡、可信可控的有关机理。
社会联盟和社会免疫特性是人类社会大系统之间表现出的自我约束、自我调节的安全自适应特性,通过社会联盟间的彼此协同和对自然灾难的免疫特性,人类社会保持着整体的安全协调和自我免疫。根据此原理,设计了有关的Web服务入侵协同检测及攻击源反向追踪、事务恢复方法,并且设计了一个初步的原型系统加以讨论。
最后,对全文研究内容进行了总结,指出研究工作中存在的不足,明确了下一步的研究方向。
Internet already evolved to a huge service network and business network.People are enjoying convenience that Internet brings,and endure the interception,secret-divulging and attacks that come with.Therefore,people have adopted various security technologies to protect the network and the secret data.People earnestly hope to change network situation, which includes loopholes,commutation jam,viruses and Trojans,and make the non-center control Internet to become order and safety,automatic controlling,and auto-adapting under certain safety mechanisms.
It is well known that the human society is an advanced intelligently developed service-network.It has the partial structure self-government,which maintains predominating in a certain region.But in the entire world scope,these multitudinous "isomerous networks" form a harmonious hybrid collectivity.Along with the formation of virtual earth village,the economy,the life,and the environment of the whole world and so on already bridge over the state power,which makes the entire human society to show more and more social intelligent features in the large-scale regulative scope at business.These features include non-central adaptive control characteristic,the social prestige appraising and safeguarding characteristic at the certain trusty level and the social network expanding characteristic.They can provide an important model mechanism for the establishment credible,reliable,expansible extended and auto-adapted network.As one main service on Internet,Web service not only prevents various network threats,but also protects the credibility,the reliability,the stability and the security for the services.This thesis mainly profits from the human society network certain regulative mechanisms to maintain security,highly effective,stable business characteristics for Web service.
First,we make the exhaustive summary to the present situation,the development tendency and the security requirements of Web service,and then propose the credible,reliable, the expandable security goal for Web service.We try to make the related security control mechanism of the human society to map the control for Web service,giving some enlightenment in the service safeguard and security management.The security control frame for Web service intelligence is proposed according to business security logic control mechanism of human society in administrative levels.The frame includes four kinds of different dynamic security safeguard mechanism for Web serves,which are elaborated carrying out in the next chapters.
The social intelligence is the logical intelligence which is produced in human society evolution process to protect oneself and minimize losses.The closed-security-ring model for network information flow is designed inspired by the human society intelligence,which is proved with the related experimental comparison.And according to the above the model, closed-security-ring firewall monitoring technology and three factors security authentication technology based on IPv6's flows mark have been proposed.
The post office service is a universal business in the human society,which exists cross different country and local general.According to the post office service,the security integrated model for Web service flows is designed,and closed-security-loop managing algorithm for Web service is proposed.According to the above model,business-security-channel isolates the technology for Web service is put forward,and the business security safeguarded system is also discussed with the related Web service security standard.
The small world network is a kind of society relates network,resources network, information network,that universally exists in the human society.According to the mechanism,a credible management and organization model for Web service is designed.Its management mechanism and realization principle are detail discussed,and related simulation experiment is performed to validate that Web services can be load balance,the credible and controllable in the management and organization model.
The social federation and immunity characteristic is a self-restraint,self-adjustment, self-adapted characteristic evolved in the human society.Through the social coordination and immunity characteristic,the human society keeps in the whole the secure and the self-immunity state.According to the principle,Web service coordination detecting and business immunity system is designed and discussed.Moreover,a preliminary prototype system is designed to prove the flexibility of the social immunity.
Finally,all the researches have been summarized,and some insufficiencies are shown. Also,the further research directions have been pointed out.
众所周知,人类社会是一个高度智能的发达的服务网络。它有着局部的结构自治,不同的国家政权维护着某一地域的社会秩序。但从整个世界范围看,这些众多的“异构网络”保持着和谐的兼容性。随着虚拟地球村的形成,世界的经济、生活、服务等早已跨越不同的国家政权组成全球性的“社会联盟”,这种社会联盟显示出在大规模事务管理方面社会智能特性:无中心的动态自适应控制、具有一定可信度的社会信誉评估保障体系和动态均衡特性,这些都为建立可信、可靠、可扩展性的新一代Web服务提供重要的借鉴机理。本论文就是借鉴了这些智能调控机理来控制Web服务的动态事务特性,建立了Web服务动态安全保障体系。
首先,我们对Web服务的现状、发展趋势和安全需求作了综述,提出建立可信、可靠、可扩展的Web服务安全目标,指出人类社会的有关安全管理机理对Web服务的动态服务保障和安全管理特性有天然的启迪。根据人类社会的分层次事务、逻辑控制机制,规划了Web服务智能安全控制框架。以后,各章分别对每个分层进行了相关安全机理的研究。
社会智能是人类社会进化过程中产生的趋利避害自我保护的逻辑智能。受人类社会智能的启发,设计了网络信息流安全环检测模型,对有关安全闭环机理进行了深入研究和仿真试验对照。并根据此模型开发了安全环防火墙监控技术和三因素身份认证技术。
邮局服务是人类社会中普遍存在的跨国家和地区的普适事务。根据社会邮局服务,设计了Web服务流安全集成模型,提出了Web服务事务安全闭环算法和Web服务安全监管闭环算法,并结合相关的安全规范,讨论了Web服务事务安全闭环策略(WS-TRing)、信息流安全闭环策略(WS-Ring)的实现方法。
小世界网络是人类社会中普遍存在关系网络、资源网络、信息网络,根据小世界模型设计了可信Web服务的管理及组织模型。详细讨论了其内在机制和实现原理,并且作了有关的仿真试验,验证了Web服务的负载均衡、可信可控的有关机理。
社会联盟和社会免疫特性是人类社会大系统之间表现出的自我约束、自我调节的安全自适应特性,通过社会联盟间的彼此协同和对自然灾难的免疫特性,人类社会保持着整体的安全协调和自我免疫。根据此原理,设计了有关的Web服务入侵协同检测及攻击源反向追踪、事务恢复方法,并且设计了一个初步的原型系统加以讨论。
最后,对全文研究内容进行了总结,指出研究工作中存在的不足,明确了下一步的研究方向。
Internet already evolved to a huge service network and business network.People are enjoying convenience that Internet brings,and endure the interception,secret-divulging and attacks that come with.Therefore,people have adopted various security technologies to protect the network and the secret data.People earnestly hope to change network situation, which includes loopholes,commutation jam,viruses and Trojans,and make the non-center control Internet to become order and safety,automatic controlling,and auto-adapting under certain safety mechanisms.
It is well known that the human society is an advanced intelligently developed service-network.It has the partial structure self-government,which maintains predominating in a certain region.But in the entire world scope,these multitudinous "isomerous networks" form a harmonious hybrid collectivity.Along with the formation of virtual earth village,the economy,the life,and the environment of the whole world and so on already bridge over the state power,which makes the entire human society to show more and more social intelligent features in the large-scale regulative scope at business.These features include non-central adaptive control characteristic,the social prestige appraising and safeguarding characteristic at the certain trusty level and the social network expanding characteristic.They can provide an important model mechanism for the establishment credible,reliable,expansible extended and auto-adapted network.As one main service on Internet,Web service not only prevents various network threats,but also protects the credibility,the reliability,the stability and the security for the services.This thesis mainly profits from the human society network certain regulative mechanisms to maintain security,highly effective,stable business characteristics for Web service.
First,we make the exhaustive summary to the present situation,the development tendency and the security requirements of Web service,and then propose the credible,reliable, the expandable security goal for Web service.We try to make the related security control mechanism of the human society to map the control for Web service,giving some enlightenment in the service safeguard and security management.The security control frame for Web service intelligence is proposed according to business security logic control mechanism of human society in administrative levels.The frame includes four kinds of different dynamic security safeguard mechanism for Web serves,which are elaborated carrying out in the next chapters.
The social intelligence is the logical intelligence which is produced in human society evolution process to protect oneself and minimize losses.The closed-security-ring model for network information flow is designed inspired by the human society intelligence,which is proved with the related experimental comparison.And according to the above the model, closed-security-ring firewall monitoring technology and three factors security authentication technology based on IPv6's flows mark have been proposed.
The post office service is a universal business in the human society,which exists cross different country and local general.According to the post office service,the security integrated model for Web service flows is designed,and closed-security-loop managing algorithm for Web service is proposed.According to the above model,business-security-channel isolates the technology for Web service is put forward,and the business security safeguarded system is also discussed with the related Web service security standard.
The small world network is a kind of society relates network,resources network, information network,that universally exists in the human society.According to the mechanism,a credible management and organization model for Web service is designed.Its management mechanism and realization principle are detail discussed,and related simulation experiment is performed to validate that Web services can be load balance,the credible and controllable in the management and organization model.
The social federation and immunity characteristic is a self-restraint,self-adjustment, self-adapted characteristic evolved in the human society.Through the social coordination and immunity characteristic,the human society keeps in the whole the secure and the self-immunity state.According to the principle,Web service coordination detecting and business immunity system is designed and discussed.Moreover,a preliminary prototype system is designed to prove the flexibility of the social immunity.
Finally,all the researches have been summarized,and some insufficiencies are shown. Also,the further research directions have been pointed out.
引文
[1]I.Foster,Internet Computing and the Emerging Grid,Nature,7 December 2000,www.nature.com/nature/Webmatters/grid/grid.html.
[2]I.Foster and C.Kesselman,Eds.The Grid:Blueprint for a New Computing Infrastructure,Morgan Kaufmann Publishers,San Francisco,USA,1999.
[3]M.Weiser,The computer for the twenty-first century,Scientific American,1991,265(3):94-104.
[4]IBM Autonomic Computing,http://www.research.ibm.com/autonomic/.
[5]I.Foster,C.Kesselman,and S.Tuecke,The anatomy of the grid:Enabling scalable virtual organizations,Int.J.Supercomputers Applicationa,2001,15(3):205-220.
[6]I.Foster,C.Kesselman,J.M.Nick,and S.Tuecke,Grid services for distributed system integration,IEEE Computer,2002,35(6):37-46.
[7]D.De Route,N.R.Jrnnings,and N.R.Shadbolt,The evolution of the Grid,in F.Berman,G.Fox,and A.J.G.Hey,Eds.Grid Computing:Making the Global Infrastructure a Reality,NJ:John Wiley and Sons Ltd.Publishing,2003,65-100.
[8]Comprehensive Perl Archive Network[EB/OL].http://www.cpan.org
[9]Mizessyn F,Ishida Y.Immune networks for cement plants[A].International symposium on auto-enormous decentralized systems[C].1993:282-288.
[10]Insecure.org.Top 75 Security Tools[EB/OL].http://www.insecure.org/tools.html
[11]WebServicesSecurity(WS-Security)[EB/OL]http://www.w3.org/Encryption/2001,6.
[12]D.Sfader.Packet factory Network Security Projects[EB/OL].http://www.packetfactory.net/projects/
[13]C.Tsai.Impedance control with on-line neural network compensator for dual-arm robots[EB/OL].http://www.atstake.com/research/tools/network_utilities/
[14]M.Chidambaram.Identification of unstable transfer model with a zero by optimization method[EB/OL].http://www.cenzic.com/prod_Overview.html
[15]D.Lea and S.Vinoski,Middleware for Web Service[J],IEEE Internet Computing,2003,7(1):28- 29.
[16]D.Eastlake,J.Reagle and D.Solo.XML2Signature Syntax and Processing W3C Recommendation[EB/OL].http://www.w3.org/TR/xmldsig2core/,2001.
[17]D.Hallam and P.Baker.XML Key Management Specification(XKMS0)[EB/OL]. http://www.xkms.org,2002.
[18]D.Eastlake,and J.Reagle.XML Encryption Syntax and ProcessingW3C Candidate Recommendation[EB/OL].http://www.w3c.org/TR/xmlenc2core/,2002.
[19]D.Scoot and R.Sharp.Developing Secure Web Applications[J].IEEE Internet Computing,2003,6(6):38-45.
[20]M.Wahl,T.Howes,and S.Kille.,Lightweight Directory Access Protocol (v3),RFC2251[S].http://www.xml.com/pub/a/2OO1/O3/21/timbl.html
[21]H.Besedovsky and E.Sorkin.Network of immune-neuroendocrine interactions[J].Clinical and Experimental Immunology,1977,27:1-12.
[22]I.Foster,C.Kesselman,and S.Tueeke.The anatomy of the Grid:Enabling scalable virtual organizations[J].Int.J.Supercomputers Applications,2001,15(3):205-220.
[23]R.Mary and F.Thompson.CA-based Trust Model for Grid Authentication and Identity Delegation[EB/OL].http://www.gr idforum.org/meetings
[24]J.G.Frey,D.De Roure,and L.A.Carr.Scientific communication from a publication Web to a data grid[EB/OL].EuroWeb2002 Confi The Web and the GRID:From e-Science to e-Business,2002,1236-1241.
[25]G.Hughes,H.Mills,and D.Roure.The semantic smart laboratory:A system for supporting the chemical esseientist[J].Org.Biomol.Chem,2004,2(22):3284-3293.
[26 H.S.Seo.Network security agent DEVS simulation modeling[J].Simulation Modelling Practice and Theory,2006,14(5):481-492.
[27]Li-Chiu Chi,Tseng-Chung Tang.Artificial neural networks in reorganization outcome and investment of distressed firms:The Taiwanese case[J].Expert Systems with Applications,2005,29(3):641-652.
[28]I.Becerra-Femandez.The role of artificial intelligence technologies in the implementation of People-Finder knowledge management systems[J].Knowledge-Based Systems.2000,13(5):315-320
[29]M.H.Kuo,An intelligent agent-based collaborative information security framework.[J].Expert Systems with Applications,2007,32(2):585-598.
[30]T.Oshio,Social security and trust fund management[J],Journal of the Japanese and International Economies,2004,18(4):528-550.
[32]Peer-to-Peer:A Security Nightmare or a Secure Opportunity[EB/OL].http://www.endeavors,com/ dfs/,2002.
[33]Peer-to-Peer Computing:Issues and Opportunities in Information Sharing[EB/OL].http://www.s2peer.com/p2p-pdf/,2002-01-13.
[34]Peer-to-Peer Technology:An Overview of Technology and Opportunities[EB/OL].Http://www.cognizant.coat/about us/wizards/papers/,2002.
[35]M.Parameswaran,,A.Susarla,and D.Whinston.P2P networking:an information sharing alternative Computer[J],Expert Systems with Applications,2001,34(7):31-38.
[36]B.Vaduvur and G.Vijay.A framework for application adaptation in mobile computing environments[A].Computer Software and Aplications Conference [C].Washington,2005,1356-1364.
[37]V.Simonet.Flow Camlinanut shell[A],Proceedings of the First APPSEM-ⅡWorkshop[C],Graham Hutton,2003,1(1):152-165.
[38]S.Zdancewic,Challenges for information-flow security[A],Proceedings of the Second APPSEM-ⅡWorkshop[C],New York,2004,2(1):124-129.
[39]R.Wahbe,S.Lucco,T.E.Anderson,Efficient software-based fault isolation[J],Communications of the ACM,1993,27(5):203-216.
[40]W.Farme,J.Guttman,V.Swarup,Security for mobile agents,authentication and state appraisal[A],Proceedings of the Computer Security ESORICS'96.Lecture Notes in Computer Science[C],1996:118-130.
[41]G.C.NeculaandP.L.Safe,Untrusted agents using proof-carrying code[A],Mobile Agents and Security,Lecture Notes in Computer Sciencel419[C],Springer-Verlag,1998:61-91.
[42]V.Roth,Securere cording of itineraries through cooperating agents,[EB/OL]http://cuiwww.unige.ch/~ecoopws/ws98/papers/vroth98c.ps,1998.
[43]D.Ruyter,Saini and P.Markopoulos.Assessing the effects of building social intelligence in a robotic interface forth home[J],Interactive Compute,2005,17(5):522-541.
[44]S.Chantaraskul,L.Cuthbert.An intelligent-agent approach for congestion management in 3G networks[J].Engineering Applications of Artificial Intelligence,2008,21(4):619-632.
[45]I.Margaria,M.Zacchi.Access control in mobile ambient calculi:A comparative view [J].Theoretical Computer Science,2008,398(1-3):183-202.
[46]B.S.Manoj,Ping Zhou,R.R.Rao.Dynamic adaptation of CSMA/CA MAC protocol for wide area wireless mesh networks[J].Computer Communications,2008,31(8):1627-1637.
[47]Jingqiao Zhang,Heung-No Lee.Throughput enhancement with a modified 802.11 MAC protocol with multi-user detection support.AEU[J].International Journal of Electronics and Communications,2008,62(5):365-373.
[48]Tsung-Yi Chen.Knowledge sharing in virtual enterprises via an ontology-based access control approach[J].Computers in Industry,2008,59(5):502-519.
[49]S.Langella,S.Hastings,S.Oster.Sharing Data and Analytical Resources Securely in a Biomedical Research Grid Environment[J].Journal of the American Medical Informatics Association,2008,15(3):363-373.
[50]J.Kwon,C.Moon.Visual modeling and formal specification of RBAC constraints using semantic Web technology[J].Knowledge-Based Systems,2008,15(6):635-650.
[51]F.Perich,M.McHenry.Policy-based spectrum access control for dynamic spectrum access network radios.Web Semantics:Science[J],Services and Agents on the World Wide Web,2008,12(4)3:232-245.
[52]O.Tsigkas,F.i Pavlidou.An adaptive medium access control protocol using m-ary tree algorithms for quality-of-service support in single-cell ad hoe networks.Ad Hoc Networks[J],2008,6(2):245-259.
[53]F.Siebenlist.GSA Security Road map Global Grid Forum Specification Road map towards a Secure OGSA[EB/OL].http://www.gridforum.org/meetings/ggf6.
[54]Scientific Publications:Free for All Tenth Report of Session2003-04[EB/OL].http://www.groove.net/,2002-01-10.
[55]D.Ruyter,Saini and P.Markopoulos.Assessing the effects of building social intelligence in a robotic interface forth home[J],Interactive Compute,2005,17(5):522-541.
[56]M.Dornier,B.Heyd and M.Danzart.Evaluation of the simplex method for training simple multilayer neural networks[J].Neural Computer & Application,1998,(7):107-114.
[57]L.Ferreira,B.erstis,V.Armstrong.A Security Architecture for Computational Grids [A].Proc.5th ACM Conference on Computer and Communications Security Conference[C],1998:83-92.
[58]C.Kesselman,G.Tsudik.OGSA Security Workgroup.Security Architecture for Open Grid Services[EB/OL].http://www.ggf.org/ogsa-sec-wg.
[59]W.Chung.,G.Lam.Secure Group Communications Using Key Graphs[J].IEEE/Acm Transactions on networking,2000,8(1):16 -30.
[60]Y.X.Huang,Y.Wang,W.G.Zhou,et al.A fuzzy neural network system based on generalized class cover and particle swarm optimization[J].Lecture Notes in Computer Science,2005,3645:119-128.
[61]M.Inoue and A.Nagayoshi.A chaos neural-computer[J].Physical Letter A,1991,158(8):373-376.
[62]M.Inoue and K.Nakamoto.Epilepsy in a chaos neural-computer model,chaos in biology and medicine[J].SPLE,1993,236:77-84.
[63]D.Ventura and R.Martinez.Quantum associated memory[J].Information Sciences,2000,124:147-148.
[64]丁永 编著,计算智能:理论、技术与应用,科学出版社,2OO4.
[65]C.Balducelli,S.Bologna,L.Lavalle,G.Vicoli.Safeguarding information intensive critical infrastructures against novel types of emerging failures[J].Reliability Engineering & System Safety,2007,92(9):1218-1229.
[66]H.Suk Seo.Network security agent DEVS simulation modeling[J].Simulation Modelling Practice and Theory,2006,14(5):481-492.
[67]N.C.Rowe,S.Schiavo.An intelligent tutor for intrusion detection on computer systems[J].Computers & Education,1998,31(4):395-404.
[68]H.J.Highland.Artificial Intelligence and Intrusion Detection:Current and Future Directions:Jeremy Frank[J],University of California,Davis,CA.Computers &Security,1995,14(1):31-56.
[69]H.S.Seo Network security agent DEVS simulation modeling[J].Simulation Modelling Practice and Theory,2006,14(5):481-492.
[70]Li-Chiu ChiTseng-Chung Tang.Artificial neural networks in reorganization outcome and investment of distressed firms:The Taiwanese case[J].Expert Systems with Applications,2005,29(3):641-652.
[71]J.Berman.Confidentiality issues for medical data miners[J].Artificial Intelligence in Medicine,2002,26(1-2):25-36.
[72]I.Becerra-Fernandez.The role of artificial intelligence technologies in the implementation of People-Finder knowledge management systems[J].Knowledge-Based Systems,2000,13(5):315-320.
[73]X.Boney,L.Weenie.Automatic induction of fuzzy decision trees and its application to power system security assessment[J].Fuzzy Sets and Systems,1999,102(1):3-19.
[74]W.W.Boles.A security system based on human iris identification using wavelet transforms[J].Engineering Applications of Artificial Intelligence,1998,11(1):77-85.
[75]F.Krebs,H.Bessel.Emergent value orientation in self-organization of an animate[J].Ecological Modelling,1997,96(1-3) 143-164.
[76]L.Wehenkel,M.Pavella.Decision tree approach to power systems security assessment [J].International Journal of Electrical Power & Energy Systems,1993,15(1):13-36.
[77]B.David,H.Sieger,B.Adedeji.Real-time integrated model for visual perception and fuzzy control[J].Computers & Industrial Engineering,1992,23(1-4):355-371.
[78]C.C.Wood The human immune system as an information systems security reference model[J].Computers & Security,1987,6(6):511-516.
[79]G.Nigel Gilbert.Decision support in large organizations[J].Data Processing,1985,27(4):28-30.
[80]M.John.H.Caroll,Oi-Lun Wu.Methodology for security analysis of data-processing systems[J].Computers & Security,1983,2(1):24-34.
[81]C.Balducelli,S.Bologna,L.Lavalle,G.Vicoli.Safeguarding information intensive critical infrastructures against novel types of emerging failures[J].Reliability Engineering & System Safety,2007,92(9):1218-1229.
[82]J.A.Gognen and J.Meseguer.Security policies and security models[A].IEEE Symposium on Security and Privacy[C],2002,7(2):11-20.
[83]D.E.Denning.Alattice model of secure information flow[J].Communications of the ACM,2004,19(5):236-243.
[84]A.Sabelfeld and A.C.Myers.Language-based information-flow security[A].IEEE Journal on Selected Areas in Communications[C],2003,21(1):5-19.
[85]C.A.Myers,N.Nystrom,L.Zheng and S.Zdancewic.Jif:Java information flow,Software Release[EB/OL],http://www.cs.cornell.edu/jif.
[86]B.Liu,L.-H.Ren,and Y.-S.Ding,A novel intelligent controller based on modulation of neuroendocrine system,Lecture Notes in Computer Science,2005,3498:119-124.
[87]L.-H.Ren,Y.-S.Ding,H.Ying,and S.-H.Shao,Emergence of self-learning fuzzy systems by a new virus DNA-based evolutionary algorithm,Int.J.Intelligent Systems,2003,18(3):339-354.
[88]Y.-S.Ding,L.-H.Ren,and S.-H.Shao,Automatic design of Takagi-Sugeno fuzzy controllers by a new DNA-based evolutionary algorithm,自动化学报,2001,27(4):510-520.
[89]L.-H.Ren,Y.-S.Ding,and S.-H.Shao.DNA bio-soft computing and its application to intelligent control systems.J.Shanghai Jiaotong University(English version),1999,E-4(2):97-103.
[90]刘宝,丁永生,一种基于免疫存储记忆的智能控制器的设计与实现,控制与决策, 录用.
[91]Y.-S.Ding,L.-H.Ren,X.-F.Zhang,L.Gao,and B.Zhou,Mutual-coupled immune network-based emergent computation model for supply chain formation,IEEE Int.Conf.Systems,Man,and Cybernetics,Hyatt Regency,Washington,D.C.,USA,October 5-8,2003,504-509.
[92]L.Gao,Y.-S.Ding,and L.-H.Ren,Implementation of three-layered grid conceptual prototype using ecological network computing environment,J.Donghua University (English Edition),2004,21(5):8-11.
[93]X.-F.Zhang,Y.-S.Ding,L.-H.Ren,and L.Gao,Immune emergent computation-based bio-network architecture and its simulation platform,6th Int.FLINS Conf.on Applied Computational Intelligence,Blankenberge,Belgium,Sep 1-3,2004,124-127.
[94]张向锋,任立红,皋磊,丁永生,生态网络仿真平台的能量服务管理,计算机工程与应用,2003,39(31):145-148.
[95]任立红,张向锋,皋磊,丁永生,基于互联耦合免疫网络的服务突现,计算机科学,2004,31(2):6-8.
[96]张向锋,任立红,皋磊,丁永生,基于生物实体的网络服务突现,系统仿真学报,2004,16(8):1797-1800.
[97]张向锋,任立红,皋磊,丁永生,基于免疫对称网络的P2P网络拓扑结构,信息与控制,2003,32(7):639-643.
[98]B.Atkinson,G.Della-Liberal.WebServicesSecurity(WS-Security)Versionl.0.[EB/OL]http://msdn.microsoft.com/library/en-us/dnglobspec/html/ws-security.asp?Frame=true .2002,7.
[99]Web Services Security Policy Language(WS-Security Policy)[EB/OL].http://msdn.microsoft.com/ws/2002/12/ws-securitypolicy/,2002,4.
[100]Microsoft's Federated Security and Identity Roadmap[EB/OL].http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnWebsrv/html/wsfe derate,asp?Frame=true.2002,5.
[101]Web Services Secure Conversation Language(WS-Secure-Conversation)[EB/OL]http://msdn.microsoft.com/ws/2005/02/ws-secure-conversation/,2005,2.
[102]Web Services Trust Language(WS-Trust)[EB/OL].http://msdn.microsoftcom/ws/2004/04/ws-trust/,2004,8.
[103]M.Abad,C.Foumet,Private authentication[J],Theoretic.Computer Science.2004,322(3):427-476.
[104]R.Bhatia,D.Joshi,E.Bettino,and A.Glamour.Access control in dynamic XML-based Web-services with X-RBAC[A].The first international conference on Web services [C],Las Vegas,2003,6:23-26.
[105]E.Biermann,E.Cloete,L.M.Venter.A comparison of Intrusion Detection systems[J],Computers & Security,2001,20(8):676-683.
[106]Web Service Definition Language(WSDL) Specification[EB/OL].http://www.w3.org/TR/wsdl,2002-08.
[107]Web服务领域中的事务,[EB/OL].http://www-128.ibm.com/developerworks/,2002-11.
[108]J.Snall.在Web服务中将业务流程和事务自动化[EB/OL]http://www-128.ibm.com/developerworka/cn/Websersvices/,2002,08.
[109]Work flow Management Coalition.The Work flow Reference Model[R].WfMC-TCO0-1003.2004,6:102-156.
[110]孙利荣,蒋泽军,王丽芳.Ad hoc网络信任模型的研究[J].微电子学与计算机,2004,21(10):30-37.
[111]孙怀江.开放多Agent系统信任管理中的信任获取方法研究[J].计算机工程与应用,2004,40(29):35-46.
[112]徐锋,吕建.Web安全中的信任管理研究与进展[J].软件学报,2004,13(11):2057-2064.
[113]李承,汪为农.分布式信任模型直接信任的模糊计算方法[J],计算机应用与软件,2004,21(8):33-36.
[114]王惠芳,郭中,郭金庚,黄永忠,陈海勇.虚拟组织中的一种信任管理机制[J].计算机科学,2004,31(6):45-50.
[115]胡勤友,胡运发.多主体系统中的信任管理[J].计算机工程与科学,2004,26(7):56-59.
[116]窦文,王怀民,贾焰,邹鹏.构造基于推荐的Peer-to-Peer环境下的Trust模型.软件学报,2004,15(4):56-60.
[117]李颖,刘金刚,李锦涛.联盟环境中的资源安全共享模型[J].微电子学与计算机,2003,20(11):34-38.
[118]王浩鸣,宋擒豹,冯博琴,马兆丰.基于动态许可证的信任版权安全认证协议[J],软件学报,2004,15(1):1234-1239.
[119]刘端阳,潘雪增.虚拟企业的安全交互模型[J].计算机研究与发展,2003,40 (09):45-50.
[120]张景祥,张京楣.P2P网络安全的信任模型研究[J],计算机应用研究,2003,20(3):67-73.
[121]谢铮,陈松乔,王建新.移动自组网络安全声誉机制的研究[J].计算机应用,2004,24(10):23-28.
[121]L.Mekouar,Y.Iraqi and R.Boutaba.Peer-to-peer's most wanted:Malicious peers[J].Computer Networks,2006,50(4):545-562.
[122]C.Busco,A.Riccaboni and W.Scapens.Trust for accounting and accounting for trust [J].Management accounting Research,2006,17(1):11-41.
[123]A.U Gustman,T.L.Steinmeier.The social security early entitlement age in a structural model of retirement and wealth[J].Journal of Public Economics,2005,89(2-3):441-463
[124]M.Blaze,J.Feigenbaum and J.Lacy.Decentralized trust management[A].Proceedings of the 17~(th) Symposium on Security and Privacy[C].Oakland,CA:I EEE Computer Society Press,1996.164-173.
[125]J.H.P.Eloff,M.M.Eloff.Information security architecture[J].Computer Fraud &Security,2005,11:10-16.
[126]D.Tr(?)ek.An integral framework for information systems security management[J],Computers & Security,2003,22(4):337-360.
[127]J.W.Haines,L.M.Rossey and R.P.Lippmann.Extending the DARPA off-line intrusion detection evaluations[J]DARPA Information Survivability Conference & Exposition Ⅱ,DISCEX'01.2001,1:35-45.
[128]J.E.Diekerson,J.Juslin and J.A.Dickerson.Fuzzy intrusion detection[A],IFSA World Congress and 20~(th) NAFIPS International Conference[C],2001,6:25-28.
[129]K.P.Anchor,P.D.Williams and G.H.Gunsch.The computer defense immune system,current and future search in intrusion detection[A],Proceedings of Evolutionary Computation[C],2002,2:1027-1032.
[130]A.Seleznyov and O.Mazhel.Learning temporal patterns foranomaly intrusion detection[A],Proceedings of the 17~(th) symposium on Proceedings of the 2002 ACM symposium on applied computing[C],2002,3:24-29.
[131]J.Bala,S.Baik and A.Hadjarian.Application of a distributed determining approach to network intrusion detection[A],Proceedings of the first international joint conference on Autonomous agents and mutl-agent systems[C],2002,6:456-462.
[132]O.Kachirski and R.Guha.Effective intrusion detection using multiple sensors in wireless adhoc networks,System Sciences[A],Proceedings of the 36~(th) Annual Hawaii International Conference[C],2003,3:57-64.
[133]T.Bass.Intrusion detection systems and multi-sensor data fusion[J],Communications of the ACM,2000.3:43-53.
[134]W.Farme,J.Guttman,V.Swarup,Security for mobile agents,authentication and state appraisal[A],Proceedings of the Computer Security ESORICS'96.Lecture Notes in Computer Science[C],1996:118-130.
[135]SANS Institute.The Twenty Most Critical Internet Security Vulnerabilities(Updated):The Experts' Consensus[EB/OL].http://www.sans.org/top20/.2003,5.
[136]巨永锋.智能控制和智能自动化[J].西安交通大学学报,2001,25(3):206-220.
[137]N K.Jerne.The immune system[J].Scientific American,1973,229(1):52-60.
[138]N K.Jerne.Towards a network theory of the immune system[J].Annual Immunology,1974,125C:373-389.
[139]S.Perelson.Immune network theory[J].Immunological Review.1989,10:5-36.
[140]L.N.DeCastro and J.Timmis.Artificial immune systems:a new computational intelligence approach[A].Workshop on Artificial Immune Systems and Their Applications,Springer-Verlag,London,2002.3(2):1202-1220.
[141]D.Dasgupta.Artificial Immune Systems and their Applications[A].Workshop on Artificial Immune Systems and Their Applications[C],Springer-Verlag,Inc.,1999,4(3):506-578.
[142]L.N.Decastrp and F.J.VonZuben,The colonel selection algorithm with engineering applications[A].Workshop Proceeding of GECCO'O0.2000,Workshop on Artificial Immune Systems and Their Applications,Las Vegas[C],USA,July 2000,8:2068-2080.
[143][80]林闯,任丰原.可控可信可扩展的新一代互联网[J].软件学报,2004,15(12):1023-1032.
[144]林闯,彭雪海,可信网络研究[J],计算机学报,2005,28(5):752-757.
[145]单志广,林闯,肖人毅.Web QoS控制研究综述[J],计算机学报.2004,27(2):145-156.
[146]De Castro,Von Zuben.Artificial immune systems:part Ⅱ- a survey of applications [A].Workshop on Artificial Immune Systems in the 2002 IEEE World Congress on Computational Intelligence[C],Honolulu,Hawaii,2002,286-295.
[147]Y.Watanabe,A.Ishiguro and Y.Uchikawa.Decentralized behavior arbitration mechanism for autonomous mobile robots using immune network[A].Artificial immune systems and their applications[C].Berlin:Springer-Verlag,1999,5:187-209.
[148]刘克胜,张军,曹先彬等.一种基于免疫原理的自律机器人行为控制算法[J].计算机工程与应用,2000,36(5):30-32.
[149]S.Forrest,A.Perelson and R.Cherukri.Self-nonself discrimination in a computer [A].Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy[C].Los Almitos,CA,USA:IEEE Computer Society,1994.202-212.
[150]T.Okamoto and Y.Ishida.A distributed approach to computer virus detection and neutralization by autonomous and heterogeneous agents[A].Proc of the ISADS'99[C].Los Alamitos,CA,USA:IEEE Computer Soc,1999.328-331.
[151]丁永生,任立红.一种新颖的模糊自调整免疫反馈控制系统[J].控制与决策,2000,15(4):443-446.
[152]K Krishna and J.Neidhoefer.Immunized Neurocontrol[J].Expert Systems with Applications,1997,13(3):201-214.
[153]M.Kawafuku,M.Sasaki and Takahashik.Adaptive learning method of neural network controller using an immune feedback law[A].1999 IEEE/ASME International Conference on Advanced Intelligent Mechatronics[C].Piscataway,N J,USA:IEEE,1999,641-646.
[154]S.Forrest,B.Javornik and R.Smith.Using genetic algorithms to explore pattern recognition in the immune system[J].Evolutionary Computation,1993,1(3):191-211.
[155]H.Feiertag and P.G.Neumann.The Foundations of a Provably Secure Operating System(PSOS)[A].Proc.AFZPS Nat.Computer[C];AFIPS Press,Montvale,N.J.1999,329-334.
[156]I.Foster and C.Kesselman,Globus:A Met computing Infrastructure Toolkit[J],International Journal of Supercomputer Applications,1997,11(2):115-128.
[157]R.S.Neumann,R.J.Boyer,K.N.Feiertag,.A Provab& Secure Operating System[J].The System,its Applications,and Proofs,SRI International,Menlo Park,.2000.
[158]B.D.Gold,R.R.Lined,R.J.Peeler,M.Schaefer,J,F.Scheid,and P.D.Ward.A Security Retrofitof VM1370[A].Proc.AFIPS Nat.Computer[C].AFIPS Press,Montvale,N.J.,1999,335-342.
[159]N.C.Rowe,S.Schiavo.An intelligent tutor for intrusion detection on computer systems[J].Computers & Education,1998,31(4):395-404.
[160]H.J.Highland.Artificial Intelligence and Intrusion Detection:Current and Future Directions:Jeremy Frank,University of California[J],Davis,CA.Computers &Security,1995,14(1):31-56.
[161]Jie Zhang.Comparing social security programs with leisure and bequests[J],Economics Letters,2003,78(1):59-66.
[162]F.C.Rosati.Social security in a non-altruistic model with uncertainty and endogenous fertility[J],Journal of Public Economics,1996,60(2):283-294.
[163]S.J.Shepherd,P.W.Sanders,A.Patel.A comprehensive security system:the concepts,agents and protocols[J],Computers & Security,1990,9(7):631-643.
[164]T.Ermolieva.Simulation-based optimization of social security systems under uncertainty[J],European Journal of Operational Research,2005,166(3):782-793.
[165]J.Keedy.A model for security and protection in persistent systems[J],Microprocessors and Microsystems,1993,17(3):139-146.
[166]S.Muftic.Extended OSI security architecture:Second Stage of the CEC COST-11 Ter Project[J],Computer Networks and ISDN Systems,1989,17(3):223-227.
[167]C.Caleiro,L.Vigan(?).David Basin On the semantics of Alice&Bob specifications of security protocols[J],Theoretical Computer Science,2006,367(1-2):88-122.
[168]E.Biermann,E.Cloete,L.M.Venter.A comparison of Intrusion Detection systems[J].Computers & Security,2001,20(8):676-683.
[169]J.B.Williamson,G.Hochman Innovative old-age security models for developing nations:Chile and Brazil[J],Journal of Aging Studies,1995,9(3):245-262.
[170]D.Tr(?)ek.An integral framework for information systems security management[J],Computers & Security,2003,22(4):337-360.
[171]B.Sieger,B.Badiru.Real-time integrated model for visual perception and fuzzy control[J].Computers & Industrial Engineering,1992,23(1-4):355-365.
[172]G.A.Cowan,D.Pines,D.Meltzer.Complexity:Metaphors,Models and Reality.[M]Addison-Wesley,1994.
[173]Dasgupta D.Immunity-based intrusion detection system:a general framework[A].Proceedings of 22nd National Information System Security Conference[C]Gaithersburg,USA:NIST,1999.147-160.
[174]A.Boukerche,K.R.Lemos Huca,J.B.Sobral,and M.Notare.An artificial immune based intrusion detection modal for computer and telecommunication systems[J],Parallel Computing,2004,30:629-646.
[175]Feedback and Control in natural and artificial immune systems[EB/OL].http://www.santafe,eddo/sift/research/focus/compPhysics/projects/immunology,html.2000. 10.16.
[176]Mizessyn F,Ishida Y.Immune networks for cement plants[A].International symposium on auto-enormous decentralized systems[C].1993:282-288.
[177]Kayama M,Su Gita Y,Morooka Y,Fu Kuoka S.Distributed diagnosis system combining the immune network and learning vector quantization[A].21st international conference on industrial electronics,control,and instrumentation[C].Orlando,FL,USA,1995,(2):1531-1536.
[178]D.Dasgupta and S.Forrest.Tool breakage detection in milling operations using a negative-selection algorithm[M].New Mexico.Univ.New Mexico,1995.
[179]Chun J S,Kim M K,and Jung H K.Shape optimization of electromagnetic devices using immune algorithm[J].IEEE Transactions on Magnetic,1997,33(2):1876-1879.
[180]J.S.Chun,J.P.Lim,H.K.Jung,and J S.Yoon.Optimal design of synchronous motor with parameter correction using immune algorithm[J].IEEE Transaction on Energy Conversion,1999,14(3):610-615.
[181]S.J.Huang Enhancement of thermal unit commitment using immune algorithms based opt-imization approaches[J].International journal of electrical power & energy systems,1999,21(4):245-252.
[2]I.Foster and C.Kesselman,Eds.The Grid:Blueprint for a New Computing Infrastructure,Morgan Kaufmann Publishers,San Francisco,USA,1999.
[3]M.Weiser,The computer for the twenty-first century,Scientific American,1991,265(3):94-104.
[4]IBM Autonomic Computing,http://www.research.ibm.com/autonomic/.
[5]I.Foster,C.Kesselman,and S.Tuecke,The anatomy of the grid:Enabling scalable virtual organizations,Int.J.Supercomputers Applicationa,2001,15(3):205-220.
[6]I.Foster,C.Kesselman,J.M.Nick,and S.Tuecke,Grid services for distributed system integration,IEEE Computer,2002,35(6):37-46.
[7]D.De Route,N.R.Jrnnings,and N.R.Shadbolt,The evolution of the Grid,in F.Berman,G.Fox,and A.J.G.Hey,Eds.Grid Computing:Making the Global Infrastructure a Reality,NJ:John Wiley and Sons Ltd.Publishing,2003,65-100.
[8]Comprehensive Perl Archive Network[EB/OL].http://www.cpan.org
[9]Mizessyn F,Ishida Y.Immune networks for cement plants[A].International symposium on auto-enormous decentralized systems[C].1993:282-288.
[10]Insecure.org.Top 75 Security Tools[EB/OL].http://www.insecure.org/tools.html
[11]WebServicesSecurity(WS-Security)[EB/OL]http://www.w3.org/Encryption/2001,6.
[12]D.Sfader.Packet factory Network Security Projects[EB/OL].http://www.packetfactory.net/projects/
[13]C.Tsai.Impedance control with on-line neural network compensator for dual-arm robots[EB/OL].http://www.atstake.com/research/tools/network_utilities/
[14]M.Chidambaram.Identification of unstable transfer model with a zero by optimization method[EB/OL].http://www.cenzic.com/prod_Overview.html
[15]D.Lea and S.Vinoski,Middleware for Web Service[J],IEEE Internet Computing,2003,7(1):28- 29.
[16]D.Eastlake,J.Reagle and D.Solo.XML2Signature Syntax and Processing W3C Recommendation[EB/OL].http://www.w3.org/TR/xmldsig2core/,2001.
[17]D.Hallam and P.Baker.XML Key Management Specification(XKMS0)[EB/OL]. http://www.xkms.org,2002.
[18]D.Eastlake,and J.Reagle.XML Encryption Syntax and ProcessingW3C Candidate Recommendation[EB/OL].http://www.w3c.org/TR/xmlenc2core/,2002.
[19]D.Scoot and R.Sharp.Developing Secure Web Applications[J].IEEE Internet Computing,2003,6(6):38-45.
[20]M.Wahl,T.Howes,and S.Kille.,Lightweight Directory Access Protocol (v3),RFC2251[S].http://www.xml.com/pub/a/2OO1/O3/21/timbl.html
[21]H.Besedovsky and E.Sorkin.Network of immune-neuroendocrine interactions[J].Clinical and Experimental Immunology,1977,27:1-12.
[22]I.Foster,C.Kesselman,and S.Tueeke.The anatomy of the Grid:Enabling scalable virtual organizations[J].Int.J.Supercomputers Applications,2001,15(3):205-220.
[23]R.Mary and F.Thompson.CA-based Trust Model for Grid Authentication and Identity Delegation[EB/OL].http://www.gr idforum.org/meetings
[24]J.G.Frey,D.De Roure,and L.A.Carr.Scientific communication from a publication Web to a data grid[EB/OL].EuroWeb2002 Confi The Web and the GRID:From e-Science to e-Business,2002,1236-1241.
[25]G.Hughes,H.Mills,and D.Roure.The semantic smart laboratory:A system for supporting the chemical esseientist[J].Org.Biomol.Chem,2004,2(22):3284-3293.
[26 H.S.Seo.Network security agent DEVS simulation modeling[J].Simulation Modelling Practice and Theory,2006,14(5):481-492.
[27]Li-Chiu Chi,Tseng-Chung Tang.Artificial neural networks in reorganization outcome and investment of distressed firms:The Taiwanese case[J].Expert Systems with Applications,2005,29(3):641-652.
[28]I.Becerra-Femandez.The role of artificial intelligence technologies in the implementation of People-Finder knowledge management systems[J].Knowledge-Based Systems.2000,13(5):315-320
[29]M.H.Kuo,An intelligent agent-based collaborative information security framework.[J].Expert Systems with Applications,2007,32(2):585-598.
[30]T.Oshio,Social security and trust fund management[J],Journal of the Japanese and International Economies,2004,18(4):528-550.
[32]Peer-to-Peer:A Security Nightmare or a Secure Opportunity[EB/OL].http://www.endeavors,com/ dfs/,2002.
[33]Peer-to-Peer Computing:Issues and Opportunities in Information Sharing[EB/OL].http://www.s2peer.com/p2p-pdf/,2002-01-13.
[34]Peer-to-Peer Technology:An Overview of Technology and Opportunities[EB/OL].Http://www.cognizant.coat/about us/wizards/papers/,2002.
[35]M.Parameswaran,,A.Susarla,and D.Whinston.P2P networking:an information sharing alternative Computer[J],Expert Systems with Applications,2001,34(7):31-38.
[36]B.Vaduvur and G.Vijay.A framework for application adaptation in mobile computing environments[A].Computer Software and Aplications Conference [C].Washington,2005,1356-1364.
[37]V.Simonet.Flow Camlinanut shell[A],Proceedings of the First APPSEM-ⅡWorkshop[C],Graham Hutton,2003,1(1):152-165.
[38]S.Zdancewic,Challenges for information-flow security[A],Proceedings of the Second APPSEM-ⅡWorkshop[C],New York,2004,2(1):124-129.
[39]R.Wahbe,S.Lucco,T.E.Anderson,Efficient software-based fault isolation[J],Communications of the ACM,1993,27(5):203-216.
[40]W.Farme,J.Guttman,V.Swarup,Security for mobile agents,authentication and state appraisal[A],Proceedings of the Computer Security ESORICS'96.Lecture Notes in Computer Science[C],1996:118-130.
[41]G.C.NeculaandP.L.Safe,Untrusted agents using proof-carrying code[A],Mobile Agents and Security,Lecture Notes in Computer Sciencel419[C],Springer-Verlag,1998:61-91.
[42]V.Roth,Securere cording of itineraries through cooperating agents,[EB/OL]http://cuiwww.unige.ch/~ecoopws/ws98/papers/vroth98c.ps,1998.
[43]D.Ruyter,Saini and P.Markopoulos.Assessing the effects of building social intelligence in a robotic interface forth home[J],Interactive Compute,2005,17(5):522-541.
[44]S.Chantaraskul,L.Cuthbert.An intelligent-agent approach for congestion management in 3G networks[J].Engineering Applications of Artificial Intelligence,2008,21(4):619-632.
[45]I.Margaria,M.Zacchi.Access control in mobile ambient calculi:A comparative view [J].Theoretical Computer Science,2008,398(1-3):183-202.
[46]B.S.Manoj,Ping Zhou,R.R.Rao.Dynamic adaptation of CSMA/CA MAC protocol for wide area wireless mesh networks[J].Computer Communications,2008,31(8):1627-1637.
[47]Jingqiao Zhang,Heung-No Lee.Throughput enhancement with a modified 802.11 MAC protocol with multi-user detection support.AEU[J].International Journal of Electronics and Communications,2008,62(5):365-373.
[48]Tsung-Yi Chen.Knowledge sharing in virtual enterprises via an ontology-based access control approach[J].Computers in Industry,2008,59(5):502-519.
[49]S.Langella,S.Hastings,S.Oster.Sharing Data and Analytical Resources Securely in a Biomedical Research Grid Environment[J].Journal of the American Medical Informatics Association,2008,15(3):363-373.
[50]J.Kwon,C.Moon.Visual modeling and formal specification of RBAC constraints using semantic Web technology[J].Knowledge-Based Systems,2008,15(6):635-650.
[51]F.Perich,M.McHenry.Policy-based spectrum access control for dynamic spectrum access network radios.Web Semantics:Science[J],Services and Agents on the World Wide Web,2008,12(4)3:232-245.
[52]O.Tsigkas,F.i Pavlidou.An adaptive medium access control protocol using m-ary tree algorithms for quality-of-service support in single-cell ad hoe networks.Ad Hoc Networks[J],2008,6(2):245-259.
[53]F.Siebenlist.GSA Security Road map Global Grid Forum Specification Road map towards a Secure OGSA[EB/OL].http://www.gridforum.org/meetings/ggf6.
[54]Scientific Publications:Free for All Tenth Report of Session2003-04[EB/OL].http://www.groove.net/,2002-01-10.
[55]D.Ruyter,Saini and P.Markopoulos.Assessing the effects of building social intelligence in a robotic interface forth home[J],Interactive Compute,2005,17(5):522-541.
[56]M.Dornier,B.Heyd and M.Danzart.Evaluation of the simplex method for training simple multilayer neural networks[J].Neural Computer & Application,1998,(7):107-114.
[57]L.Ferreira,B.erstis,V.Armstrong.A Security Architecture for Computational Grids [A].Proc.5th ACM Conference on Computer and Communications Security Conference[C],1998:83-92.
[58]C.Kesselman,G.Tsudik.OGSA Security Workgroup.Security Architecture for Open Grid Services[EB/OL].http://www.ggf.org/ogsa-sec-wg.
[59]W.Chung.,G.Lam.Secure Group Communications Using Key Graphs[J].IEEE/Acm Transactions on networking,2000,8(1):16 -30.
[60]Y.X.Huang,Y.Wang,W.G.Zhou,et al.A fuzzy neural network system based on generalized class cover and particle swarm optimization[J].Lecture Notes in Computer Science,2005,3645:119-128.
[61]M.Inoue and A.Nagayoshi.A chaos neural-computer[J].Physical Letter A,1991,158(8):373-376.
[62]M.Inoue and K.Nakamoto.Epilepsy in a chaos neural-computer model,chaos in biology and medicine[J].SPLE,1993,236:77-84.
[63]D.Ventura and R.Martinez.Quantum associated memory[J].Information Sciences,2000,124:147-148.
[64]丁永 编著,计算智能:理论、技术与应用,科学出版社,2OO4.
[65]C.Balducelli,S.Bologna,L.Lavalle,G.Vicoli.Safeguarding information intensive critical infrastructures against novel types of emerging failures[J].Reliability Engineering & System Safety,2007,92(9):1218-1229.
[66]H.Suk Seo.Network security agent DEVS simulation modeling[J].Simulation Modelling Practice and Theory,2006,14(5):481-492.
[67]N.C.Rowe,S.Schiavo.An intelligent tutor for intrusion detection on computer systems[J].Computers & Education,1998,31(4):395-404.
[68]H.J.Highland.Artificial Intelligence and Intrusion Detection:Current and Future Directions:Jeremy Frank[J],University of California,Davis,CA.Computers &Security,1995,14(1):31-56.
[69]H.S.Seo Network security agent DEVS simulation modeling[J].Simulation Modelling Practice and Theory,2006,14(5):481-492.
[70]Li-Chiu ChiTseng-Chung Tang.Artificial neural networks in reorganization outcome and investment of distressed firms:The Taiwanese case[J].Expert Systems with Applications,2005,29(3):641-652.
[71]J.Berman.Confidentiality issues for medical data miners[J].Artificial Intelligence in Medicine,2002,26(1-2):25-36.
[72]I.Becerra-Fernandez.The role of artificial intelligence technologies in the implementation of People-Finder knowledge management systems[J].Knowledge-Based Systems,2000,13(5):315-320.
[73]X.Boney,L.Weenie.Automatic induction of fuzzy decision trees and its application to power system security assessment[J].Fuzzy Sets and Systems,1999,102(1):3-19.
[74]W.W.Boles.A security system based on human iris identification using wavelet transforms[J].Engineering Applications of Artificial Intelligence,1998,11(1):77-85.
[75]F.Krebs,H.Bessel.Emergent value orientation in self-organization of an animate[J].Ecological Modelling,1997,96(1-3) 143-164.
[76]L.Wehenkel,M.Pavella.Decision tree approach to power systems security assessment [J].International Journal of Electrical Power & Energy Systems,1993,15(1):13-36.
[77]B.David,H.Sieger,B.Adedeji.Real-time integrated model for visual perception and fuzzy control[J].Computers & Industrial Engineering,1992,23(1-4):355-371.
[78]C.C.Wood The human immune system as an information systems security reference model[J].Computers & Security,1987,6(6):511-516.
[79]G.Nigel Gilbert.Decision support in large organizations[J].Data Processing,1985,27(4):28-30.
[80]M.John.H.Caroll,Oi-Lun Wu.Methodology for security analysis of data-processing systems[J].Computers & Security,1983,2(1):24-34.
[81]C.Balducelli,S.Bologna,L.Lavalle,G.Vicoli.Safeguarding information intensive critical infrastructures against novel types of emerging failures[J].Reliability Engineering & System Safety,2007,92(9):1218-1229.
[82]J.A.Gognen and J.Meseguer.Security policies and security models[A].IEEE Symposium on Security and Privacy[C],2002,7(2):11-20.
[83]D.E.Denning.Alattice model of secure information flow[J].Communications of the ACM,2004,19(5):236-243.
[84]A.Sabelfeld and A.C.Myers.Language-based information-flow security[A].IEEE Journal on Selected Areas in Communications[C],2003,21(1):5-19.
[85]C.A.Myers,N.Nystrom,L.Zheng and S.Zdancewic.Jif:Java information flow,Software Release[EB/OL],http://www.cs.cornell.edu/jif.
[86]B.Liu,L.-H.Ren,and Y.-S.Ding,A novel intelligent controller based on modulation of neuroendocrine system,Lecture Notes in Computer Science,2005,3498:119-124.
[87]L.-H.Ren,Y.-S.Ding,H.Ying,and S.-H.Shao,Emergence of self-learning fuzzy systems by a new virus DNA-based evolutionary algorithm,Int.J.Intelligent Systems,2003,18(3):339-354.
[88]Y.-S.Ding,L.-H.Ren,and S.-H.Shao,Automatic design of Takagi-Sugeno fuzzy controllers by a new DNA-based evolutionary algorithm,自动化学报,2001,27(4):510-520.
[89]L.-H.Ren,Y.-S.Ding,and S.-H.Shao.DNA bio-soft computing and its application to intelligent control systems.J.Shanghai Jiaotong University(English version),1999,E-4(2):97-103.
[90]刘宝,丁永生,一种基于免疫存储记忆的智能控制器的设计与实现,控制与决策, 录用.
[91]Y.-S.Ding,L.-H.Ren,X.-F.Zhang,L.Gao,and B.Zhou,Mutual-coupled immune network-based emergent computation model for supply chain formation,IEEE Int.Conf.Systems,Man,and Cybernetics,Hyatt Regency,Washington,D.C.,USA,October 5-8,2003,504-509.
[92]L.Gao,Y.-S.Ding,and L.-H.Ren,Implementation of three-layered grid conceptual prototype using ecological network computing environment,J.Donghua University (English Edition),2004,21(5):8-11.
[93]X.-F.Zhang,Y.-S.Ding,L.-H.Ren,and L.Gao,Immune emergent computation-based bio-network architecture and its simulation platform,6th Int.FLINS Conf.on Applied Computational Intelligence,Blankenberge,Belgium,Sep 1-3,2004,124-127.
[94]张向锋,任立红,皋磊,丁永生,生态网络仿真平台的能量服务管理,计算机工程与应用,2003,39(31):145-148.
[95]任立红,张向锋,皋磊,丁永生,基于互联耦合免疫网络的服务突现,计算机科学,2004,31(2):6-8.
[96]张向锋,任立红,皋磊,丁永生,基于生物实体的网络服务突现,系统仿真学报,2004,16(8):1797-1800.
[97]张向锋,任立红,皋磊,丁永生,基于免疫对称网络的P2P网络拓扑结构,信息与控制,2003,32(7):639-643.
[98]B.Atkinson,G.Della-Liberal.WebServicesSecurity(WS-Security)Versionl.0.[EB/OL]http://msdn.microsoft.com/library/en-us/dnglobspec/html/ws-security.asp?Frame=true .2002,7.
[99]Web Services Security Policy Language(WS-Security Policy)[EB/OL].http://msdn.microsoft.com/ws/2002/12/ws-securitypolicy/,2002,4.
[100]Microsoft's Federated Security and Identity Roadmap[EB/OL].http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnWebsrv/html/wsfe derate,asp?Frame=true.2002,5.
[101]Web Services Secure Conversation Language(WS-Secure-Conversation)[EB/OL]http://msdn.microsoft.com/ws/2005/02/ws-secure-conversation/,2005,2.
[102]Web Services Trust Language(WS-Trust)[EB/OL].http://msdn.microsoftcom/ws/2004/04/ws-trust/,2004,8.
[103]M.Abad,C.Foumet,Private authentication[J],Theoretic.Computer Science.2004,322(3):427-476.
[104]R.Bhatia,D.Joshi,E.Bettino,and A.Glamour.Access control in dynamic XML-based Web-services with X-RBAC[A].The first international conference on Web services [C],Las Vegas,2003,6:23-26.
[105]E.Biermann,E.Cloete,L.M.Venter.A comparison of Intrusion Detection systems[J],Computers & Security,2001,20(8):676-683.
[106]Web Service Definition Language(WSDL) Specification[EB/OL].http://www.w3.org/TR/wsdl,2002-08.
[107]Web服务领域中的事务,[EB/OL].http://www-128.ibm.com/developerworks/,2002-11.
[108]J.Snall.在Web服务中将业务流程和事务自动化[EB/OL]http://www-128.ibm.com/developerworka/cn/Websersvices/,2002,08.
[109]Work flow Management Coalition.The Work flow Reference Model[R].WfMC-TCO0-1003.2004,6:102-156.
[110]孙利荣,蒋泽军,王丽芳.Ad hoc网络信任模型的研究[J].微电子学与计算机,2004,21(10):30-37.
[111]孙怀江.开放多Agent系统信任管理中的信任获取方法研究[J].计算机工程与应用,2004,40(29):35-46.
[112]徐锋,吕建.Web安全中的信任管理研究与进展[J].软件学报,2004,13(11):2057-2064.
[113]李承,汪为农.分布式信任模型直接信任的模糊计算方法[J],计算机应用与软件,2004,21(8):33-36.
[114]王惠芳,郭中,郭金庚,黄永忠,陈海勇.虚拟组织中的一种信任管理机制[J].计算机科学,2004,31(6):45-50.
[115]胡勤友,胡运发.多主体系统中的信任管理[J].计算机工程与科学,2004,26(7):56-59.
[116]窦文,王怀民,贾焰,邹鹏.构造基于推荐的Peer-to-Peer环境下的Trust模型.软件学报,2004,15(4):56-60.
[117]李颖,刘金刚,李锦涛.联盟环境中的资源安全共享模型[J].微电子学与计算机,2003,20(11):34-38.
[118]王浩鸣,宋擒豹,冯博琴,马兆丰.基于动态许可证的信任版权安全认证协议[J],软件学报,2004,15(1):1234-1239.
[119]刘端阳,潘雪增.虚拟企业的安全交互模型[J].计算机研究与发展,2003,40 (09):45-50.
[120]张景祥,张京楣.P2P网络安全的信任模型研究[J],计算机应用研究,2003,20(3):67-73.
[121]谢铮,陈松乔,王建新.移动自组网络安全声誉机制的研究[J].计算机应用,2004,24(10):23-28.
[121]L.Mekouar,Y.Iraqi and R.Boutaba.Peer-to-peer's most wanted:Malicious peers[J].Computer Networks,2006,50(4):545-562.
[122]C.Busco,A.Riccaboni and W.Scapens.Trust for accounting and accounting for trust [J].Management accounting Research,2006,17(1):11-41.
[123]A.U Gustman,T.L.Steinmeier.The social security early entitlement age in a structural model of retirement and wealth[J].Journal of Public Economics,2005,89(2-3):441-463
[124]M.Blaze,J.Feigenbaum and J.Lacy.Decentralized trust management[A].Proceedings of the 17~(th) Symposium on Security and Privacy[C].Oakland,CA:I EEE Computer Society Press,1996.164-173.
[125]J.H.P.Eloff,M.M.Eloff.Information security architecture[J].Computer Fraud &Security,2005,11:10-16.
[126]D.Tr(?)ek.An integral framework for information systems security management[J],Computers & Security,2003,22(4):337-360.
[127]J.W.Haines,L.M.Rossey and R.P.Lippmann.Extending the DARPA off-line intrusion detection evaluations[J]DARPA Information Survivability Conference & Exposition Ⅱ,DISCEX'01.2001,1:35-45.
[128]J.E.Diekerson,J.Juslin and J.A.Dickerson.Fuzzy intrusion detection[A],IFSA World Congress and 20~(th) NAFIPS International Conference[C],2001,6:25-28.
[129]K.P.Anchor,P.D.Williams and G.H.Gunsch.The computer defense immune system,current and future search in intrusion detection[A],Proceedings of Evolutionary Computation[C],2002,2:1027-1032.
[130]A.Seleznyov and O.Mazhel.Learning temporal patterns foranomaly intrusion detection[A],Proceedings of the 17~(th) symposium on Proceedings of the 2002 ACM symposium on applied computing[C],2002,3:24-29.
[131]J.Bala,S.Baik and A.Hadjarian.Application of a distributed determining approach to network intrusion detection[A],Proceedings of the first international joint conference on Autonomous agents and mutl-agent systems[C],2002,6:456-462.
[132]O.Kachirski and R.Guha.Effective intrusion detection using multiple sensors in wireless adhoc networks,System Sciences[A],Proceedings of the 36~(th) Annual Hawaii International Conference[C],2003,3:57-64.
[133]T.Bass.Intrusion detection systems and multi-sensor data fusion[J],Communications of the ACM,2000.3:43-53.
[134]W.Farme,J.Guttman,V.Swarup,Security for mobile agents,authentication and state appraisal[A],Proceedings of the Computer Security ESORICS'96.Lecture Notes in Computer Science[C],1996:118-130.
[135]SANS Institute.The Twenty Most Critical Internet Security Vulnerabilities(Updated):The Experts' Consensus[EB/OL].http://www.sans.org/top20/.2003,5.
[136]巨永锋.智能控制和智能自动化[J].西安交通大学学报,2001,25(3):206-220.
[137]N K.Jerne.The immune system[J].Scientific American,1973,229(1):52-60.
[138]N K.Jerne.Towards a network theory of the immune system[J].Annual Immunology,1974,125C:373-389.
[139]S.Perelson.Immune network theory[J].Immunological Review.1989,10:5-36.
[140]L.N.DeCastro and J.Timmis.Artificial immune systems:a new computational intelligence approach[A].Workshop on Artificial Immune Systems and Their Applications,Springer-Verlag,London,2002.3(2):1202-1220.
[141]D.Dasgupta.Artificial Immune Systems and their Applications[A].Workshop on Artificial Immune Systems and Their Applications[C],Springer-Verlag,Inc.,1999,4(3):506-578.
[142]L.N.Decastrp and F.J.VonZuben,The colonel selection algorithm with engineering applications[A].Workshop Proceeding of GECCO'O0.2000,Workshop on Artificial Immune Systems and Their Applications,Las Vegas[C],USA,July 2000,8:2068-2080.
[143][80]林闯,任丰原.可控可信可扩展的新一代互联网[J].软件学报,2004,15(12):1023-1032.
[144]林闯,彭雪海,可信网络研究[J],计算机学报,2005,28(5):752-757.
[145]单志广,林闯,肖人毅.Web QoS控制研究综述[J],计算机学报.2004,27(2):145-156.
[146]De Castro,Von Zuben.Artificial immune systems:part Ⅱ- a survey of applications [A].Workshop on Artificial Immune Systems in the 2002 IEEE World Congress on Computational Intelligence[C],Honolulu,Hawaii,2002,286-295.
[147]Y.Watanabe,A.Ishiguro and Y.Uchikawa.Decentralized behavior arbitration mechanism for autonomous mobile robots using immune network[A].Artificial immune systems and their applications[C].Berlin:Springer-Verlag,1999,5:187-209.
[148]刘克胜,张军,曹先彬等.一种基于免疫原理的自律机器人行为控制算法[J].计算机工程与应用,2000,36(5):30-32.
[149]S.Forrest,A.Perelson and R.Cherukri.Self-nonself discrimination in a computer [A].Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy[C].Los Almitos,CA,USA:IEEE Computer Society,1994.202-212.
[150]T.Okamoto and Y.Ishida.A distributed approach to computer virus detection and neutralization by autonomous and heterogeneous agents[A].Proc of the ISADS'99[C].Los Alamitos,CA,USA:IEEE Computer Soc,1999.328-331.
[151]丁永生,任立红.一种新颖的模糊自调整免疫反馈控制系统[J].控制与决策,2000,15(4):443-446.
[152]K Krishna and J.Neidhoefer.Immunized Neurocontrol[J].Expert Systems with Applications,1997,13(3):201-214.
[153]M.Kawafuku,M.Sasaki and Takahashik.Adaptive learning method of neural network controller using an immune feedback law[A].1999 IEEE/ASME International Conference on Advanced Intelligent Mechatronics[C].Piscataway,N J,USA:IEEE,1999,641-646.
[154]S.Forrest,B.Javornik and R.Smith.Using genetic algorithms to explore pattern recognition in the immune system[J].Evolutionary Computation,1993,1(3):191-211.
[155]H.Feiertag and P.G.Neumann.The Foundations of a Provably Secure Operating System(PSOS)[A].Proc.AFZPS Nat.Computer[C];AFIPS Press,Montvale,N.J.1999,329-334.
[156]I.Foster and C.Kesselman,Globus:A Met computing Infrastructure Toolkit[J],International Journal of Supercomputer Applications,1997,11(2):115-128.
[157]R.S.Neumann,R.J.Boyer,K.N.Feiertag,.A Provab& Secure Operating System[J].The System,its Applications,and Proofs,SRI International,Menlo Park,.2000.
[158]B.D.Gold,R.R.Lined,R.J.Peeler,M.Schaefer,J,F.Scheid,and P.D.Ward.A Security Retrofitof VM1370[A].Proc.AFIPS Nat.Computer[C].AFIPS Press,Montvale,N.J.,1999,335-342.
[159]N.C.Rowe,S.Schiavo.An intelligent tutor for intrusion detection on computer systems[J].Computers & Education,1998,31(4):395-404.
[160]H.J.Highland.Artificial Intelligence and Intrusion Detection:Current and Future Directions:Jeremy Frank,University of California[J],Davis,CA.Computers &Security,1995,14(1):31-56.
[161]Jie Zhang.Comparing social security programs with leisure and bequests[J],Economics Letters,2003,78(1):59-66.
[162]F.C.Rosati.Social security in a non-altruistic model with uncertainty and endogenous fertility[J],Journal of Public Economics,1996,60(2):283-294.
[163]S.J.Shepherd,P.W.Sanders,A.Patel.A comprehensive security system:the concepts,agents and protocols[J],Computers & Security,1990,9(7):631-643.
[164]T.Ermolieva.Simulation-based optimization of social security systems under uncertainty[J],European Journal of Operational Research,2005,166(3):782-793.
[165]J.Keedy.A model for security and protection in persistent systems[J],Microprocessors and Microsystems,1993,17(3):139-146.
[166]S.Muftic.Extended OSI security architecture:Second Stage of the CEC COST-11 Ter Project[J],Computer Networks and ISDN Systems,1989,17(3):223-227.
[167]C.Caleiro,L.Vigan(?).David Basin On the semantics of Alice&Bob specifications of security protocols[J],Theoretical Computer Science,2006,367(1-2):88-122.
[168]E.Biermann,E.Cloete,L.M.Venter.A comparison of Intrusion Detection systems[J].Computers & Security,2001,20(8):676-683.
[169]J.B.Williamson,G.Hochman Innovative old-age security models for developing nations:Chile and Brazil[J],Journal of Aging Studies,1995,9(3):245-262.
[170]D.Tr(?)ek.An integral framework for information systems security management[J],Computers & Security,2003,22(4):337-360.
[171]B.Sieger,B.Badiru.Real-time integrated model for visual perception and fuzzy control[J].Computers & Industrial Engineering,1992,23(1-4):355-365.
[172]G.A.Cowan,D.Pines,D.Meltzer.Complexity:Metaphors,Models and Reality.[M]Addison-Wesley,1994.
[173]Dasgupta D.Immunity-based intrusion detection system:a general framework[A].Proceedings of 22nd National Information System Security Conference[C]Gaithersburg,USA:NIST,1999.147-160.
[174]A.Boukerche,K.R.Lemos Huca,J.B.Sobral,and M.Notare.An artificial immune based intrusion detection modal for computer and telecommunication systems[J],Parallel Computing,2004,30:629-646.
[175]Feedback and Control in natural and artificial immune systems[EB/OL].http://www.santafe,eddo/sift/research/focus/compPhysics/projects/immunology,html.2000. 10.16.
[176]Mizessyn F,Ishida Y.Immune networks for cement plants[A].International symposium on auto-enormous decentralized systems[C].1993:282-288.
[177]Kayama M,Su Gita Y,Morooka Y,Fu Kuoka S.Distributed diagnosis system combining the immune network and learning vector quantization[A].21st international conference on industrial electronics,control,and instrumentation[C].Orlando,FL,USA,1995,(2):1531-1536.
[178]D.Dasgupta and S.Forrest.Tool breakage detection in milling operations using a negative-selection algorithm[M].New Mexico.Univ.New Mexico,1995.
[179]Chun J S,Kim M K,and Jung H K.Shape optimization of electromagnetic devices using immune algorithm[J].IEEE Transactions on Magnetic,1997,33(2):1876-1879.
[180]J.S.Chun,J.P.Lim,H.K.Jung,and J S.Yoon.Optimal design of synchronous motor with parameter correction using immune algorithm[J].IEEE Transaction on Energy Conversion,1999,14(3):610-615.
[181]S.J.Huang Enhancement of thermal unit commitment using immune algorithms based opt-imization approaches[J].International journal of electrical power & energy systems,1999,21(4):245-252.