面向多视点设计的EIS访问控制技术研究
|
摘要
信息是现代企业的核心关键资源,企业需要存储海量信息资源,也需要有效、高效、安全地管理信息资源。企业信息系统作为企业资源管理平台,是现代企业赖以获取竞争优势的基础设施之一。有效利用计算机进行信息资源管理的根本问题在于生产信息系统的方法。尽管相关研究工作众多,企业信息系统项目的低成功率仍然没有得到完善解决,信息系统架构与业界所渴望的成熟度也相距甚远。
企业信息系统开发是一个由多个利益群体共同参与的设计、实现、运行和维护过程。由于利益群体对目标系统兴趣点的差异,以及他们使用的技术、语言和建模工具的多样性,导致了利益群体模型之间的不一致性,从而严重阻碍利益群体之间和利益群体内部成员之间的相互理解和交流。在现行企业信息系统及其体系结构的研究中,普遍将访问控制作为一种辅助服务,而不是体系结构的一个核心要素,使系统的体系结构本身并没有足够的安全保障。此外,这些访问控制技术仅控制主体对客体的访问能力,缺乏对客体资源的访问范围限制,从而导致客体资源存在被泄露的可能。
针对多视点设计的一致性保证问题,在系统分析企业信息系统复杂性的基础之上,提出了基于受控实体的信息系统体系结构框架ECBISAF。ECBISAF以“资源管理”作为利益群体的公共兴趣点,以全局一致的“实体管理关系”作为利益群体模型的表述模式,确立了利益群体模型簇之间、利益群体成员模型之间的关系,并给出了模型一致性的判定规则。与其它基于多视点设计的信息系统架构框架的对比分析表明,ECBISAF不仅能够保证多视点体系结构设计的一致性,而且无需中间模型,就能直接完成模型间的相互转换。
为了解决企业信息资源的安全保障问题,面向实体管理,建立了基于受控实体的访问控制模型ECBAC。与其它的访问控制模型在管理层面上组织用户的行为能力不同,ECBAC强调的是企业信息信息资源的管理职责应该由谁如何来行使。在资源管理全过程中,ECBAC通过完善的主体、职责和客体资源三者的可用性约束机制,从静态和动态两个方面,控制主体对客体的管理能力和主体对客体资源的访问范围。相对于其它访问控制技术客体级的安全对象粒度而言,ECBAC是一种具有更细粒度的访问控制模型。
基于ECBISAF和ECBAC,设计了安全规则驱动的企业信息系统体系结构SRDEISA。作为一种实体管理模式,SRDEISA定义了安全规则的表述模式,用来统一封装受控实体的组织结构、管理和迁移策略,实现实体业务调度和迁移的自动化处理。实验和性能分析结果表明,SRDEISA能够有效缩减系统开发的工作量,提升目标系统的可维护性和可管理性,在实现软件实体重用的同时,也实现了系统层的平台重用。
Information is the key resource of modern enterprise, and the mass information of them is required to be stored and managedeffectively, efficiently and securely. As a resources management platform, Enterprise Information System (EIS) is one of the infrastructures by which a modern enterprise can obtain competitive advantage. In order to manage resources effectively by using computers, EIS development method plays an essential role. However, most EIS projects are still not successful as being expected, and the Information System Architecture (ISA) is far behind the maturity of industry's desire.
In any large-scale distributed EIS design, different people with different interests are involved. These people, called stakeholders, have their own views on the EIS design, for which they use their own modeling languages, techniques, and tools. So these differences and variety between different stakeholder-models make stakeholders cannot understand and communicate each other and commonly. During the past few years, EIS Development methods have treated access control as an assisted server, not a core component of architecture. Therefore, EIS architecture is not secure enough for itself. In addition, these access control technologies only restrict the rights by which one subject can access an object. That should raise the risk of divulging object's data because an authorized subject can access whole dataset the object owned.
According to the consistency among stakeholder models, we analyze the complexity of EIS and proposed an ISA framework, called Entity-Controlled Based Information System Architecture Framework (ECISAF). In ECBISAF, "resource management" is established as a common point of interest, and "entity managing model" is served as a global unified perspective for stakeholder's view. To help produce a coherent and consistent design, the relationship between model clusters and that between the models of stakehold-er's members are built, and some rules used to judging the model consistency is also given. Compared to other frameworks employed multi-viewpoint design, ECBISAF not only guarantees consistency in the multi-viewpoint design, but also supports direct inter-conversation between models without any middle-model.
After that, ECBAC (Entity-Controlled-Based Aaccess Control), an access control model, is proposed to resolve the problem of information resources security. Different from other access control techniques that structure user's action at levels of management, ECBAC orients to entity management and focus on who and how to do duties for information resources management. ECBAC provides a perfect constraint mechanism for subject identifying, duties obtaining and object resource accessing, so it can protect information resources statically and dynamically during whole managing process. Compared to other access control techniques, ECBAC achieves more fine-granule control for resources accessing.
Finally, a security-rule driver EIS architecture (SRDEISA) is proposed based on ECBISAF and ECBAC. SRDEISA provides a schema of security rule representation to uniformly encapsulate policies for structuring, managing and transferring entity-controlled. The results of experiment and performance analysis show that SRDEISA can reduce workload of system development, and increases maintainability and manageability of target system. In addition, it achieves not only software entities reuse, but also system-level platform reuse.
企业信息系统开发是一个由多个利益群体共同参与的设计、实现、运行和维护过程。由于利益群体对目标系统兴趣点的差异,以及他们使用的技术、语言和建模工具的多样性,导致了利益群体模型之间的不一致性,从而严重阻碍利益群体之间和利益群体内部成员之间的相互理解和交流。在现行企业信息系统及其体系结构的研究中,普遍将访问控制作为一种辅助服务,而不是体系结构的一个核心要素,使系统的体系结构本身并没有足够的安全保障。此外,这些访问控制技术仅控制主体对客体的访问能力,缺乏对客体资源的访问范围限制,从而导致客体资源存在被泄露的可能。
针对多视点设计的一致性保证问题,在系统分析企业信息系统复杂性的基础之上,提出了基于受控实体的信息系统体系结构框架ECBISAF。ECBISAF以“资源管理”作为利益群体的公共兴趣点,以全局一致的“实体管理关系”作为利益群体模型的表述模式,确立了利益群体模型簇之间、利益群体成员模型之间的关系,并给出了模型一致性的判定规则。与其它基于多视点设计的信息系统架构框架的对比分析表明,ECBISAF不仅能够保证多视点体系结构设计的一致性,而且无需中间模型,就能直接完成模型间的相互转换。
为了解决企业信息资源的安全保障问题,面向实体管理,建立了基于受控实体的访问控制模型ECBAC。与其它的访问控制模型在管理层面上组织用户的行为能力不同,ECBAC强调的是企业信息信息资源的管理职责应该由谁如何来行使。在资源管理全过程中,ECBAC通过完善的主体、职责和客体资源三者的可用性约束机制,从静态和动态两个方面,控制主体对客体的管理能力和主体对客体资源的访问范围。相对于其它访问控制技术客体级的安全对象粒度而言,ECBAC是一种具有更细粒度的访问控制模型。
基于ECBISAF和ECBAC,设计了安全规则驱动的企业信息系统体系结构SRDEISA。作为一种实体管理模式,SRDEISA定义了安全规则的表述模式,用来统一封装受控实体的组织结构、管理和迁移策略,实现实体业务调度和迁移的自动化处理。实验和性能分析结果表明,SRDEISA能够有效缩减系统开发的工作量,提升目标系统的可维护性和可管理性,在实现软件实体重用的同时,也实现了系统层的平台重用。
Information is the key resource of modern enterprise, and the mass information of them is required to be stored and managedeffectively, efficiently and securely. As a resources management platform, Enterprise Information System (EIS) is one of the infrastructures by which a modern enterprise can obtain competitive advantage. In order to manage resources effectively by using computers, EIS development method plays an essential role. However, most EIS projects are still not successful as being expected, and the Information System Architecture (ISA) is far behind the maturity of industry's desire.
In any large-scale distributed EIS design, different people with different interests are involved. These people, called stakeholders, have their own views on the EIS design, for which they use their own modeling languages, techniques, and tools. So these differences and variety between different stakeholder-models make stakeholders cannot understand and communicate each other and commonly. During the past few years, EIS Development methods have treated access control as an assisted server, not a core component of architecture. Therefore, EIS architecture is not secure enough for itself. In addition, these access control technologies only restrict the rights by which one subject can access an object. That should raise the risk of divulging object's data because an authorized subject can access whole dataset the object owned.
According to the consistency among stakeholder models, we analyze the complexity of EIS and proposed an ISA framework, called Entity-Controlled Based Information System Architecture Framework (ECISAF). In ECBISAF, "resource management" is established as a common point of interest, and "entity managing model" is served as a global unified perspective for stakeholder's view. To help produce a coherent and consistent design, the relationship between model clusters and that between the models of stakehold-er's members are built, and some rules used to judging the model consistency is also given. Compared to other frameworks employed multi-viewpoint design, ECBISAF not only guarantees consistency in the multi-viewpoint design, but also supports direct inter-conversation between models without any middle-model.
After that, ECBAC (Entity-Controlled-Based Aaccess Control), an access control model, is proposed to resolve the problem of information resources security. Different from other access control techniques that structure user's action at levels of management, ECBAC orients to entity management and focus on who and how to do duties for information resources management. ECBAC provides a perfect constraint mechanism for subject identifying, duties obtaining and object resource accessing, so it can protect information resources statically and dynamically during whole managing process. Compared to other access control techniques, ECBAC achieves more fine-granule control for resources accessing.
Finally, a security-rule driver EIS architecture (SRDEISA) is proposed based on ECBISAF and ECBAC. SRDEISA provides a schema of security rule representation to uniformly encapsulate policies for structuring, managing and transferring entity-controlled. The results of experiment and performance analysis show that SRDEISA can reduce workload of system development, and increases maintainability and manageability of target system. In addition, it achieves not only software entities reuse, but also system-level platform reuse.
引文
①Standish Group.Chaos Report(1994 & 2007).http://www.standishgroup.com
①http://users.iafrica.com/o/om/omisditd/denniss/text/framewrk.html
① SAP:全球第一大企业管理软件与解决方案供应商,http://www.sap.org
① http://searchsoa.techtarget.com/news/article/0,289142,sid26_gci1230185,00.html
[1]IDC. The Expanding Digital Universe:A Forecast of Worldwide Information Growth Through 2010. March 2007
[2]J. A. Reimer. Enterprise Content Management. DatenBank-Spektrum (April 2002): 17-22. Last accessed on January 3,2009 from http://mordor. prakinf. tu-ilmenau. de/papers/dbspektrum/dbs-04-17. pdf
[3]J. V. Brocke, A. Simons, B. Schenk. Transforming Design Science Research into Practical Application:Experiences from Two ECM Teaching Cases. In:Proceedings of 19th Australasian Conference on Information Systems (ACIS 2008). Christchurch.2008:1049-1058
[4]A. Pavlak. Lessons from Classical Architecture. Journal of Enterprise Architecture, 2006,2 (2):20-27
[5]林正奎.质量和功能目标驱动的大型复杂信息系统开发方法研究:[博士学位论文].大连:大连理工大学,2006
[6]R. Baskerville, M. Myers. Information Systems as a Reference Discipline. MIS Quarterly,2002,26(1):1-14
[7]A. Tatnall, A. Gilding. Actor-Network Theory and Information Systems Research. In:Proceedings of 10th Australasian Conference on Information Systems. Victoria University of Wellington,1999:955-966
[8]T. Paivarinta, B. E. Munkvold. Enterprise Content Management:An Integrated Perspective on Information Management. In:Proceedings of the 38th Hawaii International Conference on System Sciences. Hawaii, USA.2005:96
[9]J. V. Brocke, J. Becker, A. Simons, et al. Towards the Specification of Digital Content-The Enterprise Content Modeling Language (ECML). In:Proceedings of 14th Americas Conference on Information Systems (AMCIS 2008). Toronto, Ontario,2008:403
[10]R. A. D. Carvalho. An Enterprise Content Management Solution Based on Open Source. In:Proceedings of IFIP TC 8 WG 8.9 International Conference on Research and Practical Issues of Enterprise Information Systems (CONFENIS 2007). Beijing, China,2007:173-183
[11]K. Beyer, V. Ercegovac, R. Krishnamurthy, et al. Towards a Scalable Enterprise Content Analytics Platform. IEEE Data Engineering Bulletin,2009,32(1):28-35
[12]T. M. Froese, B. C. P. Jr. OPIS:An Object Model-Based Project Information System. Computer-Aided Civil and Infrastructure Engineering,2008,9(1):13-28
[13]甘仞初,崔国玺.信息系统需求驱动自适应体系结构的研究.信息系统学报,2008,2(1):66-74
[14]K. E. Emam, S. Quintin, N. H. Madhavji. User Participation in the Requirements Engineering Process:An Empirical Study. Requirements Engineering,1996,1(1): 4-26
[15]C. Potts, K. Takahashi, A. I. Anton. Inquiry-Based Requirements Analysis. IEEE Software,1994,11(2):21-32
[16]张伟,刘峰,赵海燕等.一种问题驱动基于场景的协同式需求诱导方法.计算机学报,2008,31(9):1554-1562
[17]B. Decke, E. Ras, J. Rech, et al. Wiki-Based Stakeholder Participation in Requirements Engineering. IEEE Software,2007,24(2):28-35
[18]M. Geisser, T. Hildenbrand. A Method for Collaborative Requirements Elicitation and Decision-Supported Requirements Analysis. In:Proceedings of the IFIP 19th World Computer Congress, First International Workshop on Advanced Software Engineering. Boston, USA.2006:108-122
[19]Z. Zhang. Effective Requirements Development-A Comparison of Requirements Elicitation Techniques. Last accessed on 16/10, from http://www.cs.uta.fi/re/rem. pdf,2009
[20]E. Yu, M. Strohmaier, X. Deng. Exploring Intentional Modeling and Analysis for Enterprise Architecture. In:Proceedings of the 10th IEEE on International Enterprise Distributed Object Computing Conference Workshops(EDOC 2006). Hong Kong,2009:32
[21]E. Anderson, J. Hall, J. Hartline, et al. Algorithms for Data Migration. Algorithmica, 2010,57(2):349-380
[22]C. Curino, H. J. Moon, C. Zaniolo. Automating Database Schema Evolution in Information System Upgrades. In:Proceedings of the Second International Workshop on Hot Topics in Software Upgrades. Orlando, Florida,2009:5
[23]M. J. Earl, M. T. Vendel(?). Prototypes are Not Pilots(and vice versa):Reflecting on a 25 Year Old Idea. In:K. V. Anderson ed. The Past and Future of Information Systems. Oxford:Elsevier Ltd,2004:7-12
[24]M. Crisp. Defining and Managing Requirements Within Large and Distrbuted Agile Projects. Last accessed on 21/8,2008 from http://www.orasi.com/Documents /bp_Requirements_within_Distributed_Agile_Teams. pdf.
[25]任明仑,朱卫东,杨善林.基于构件的信息系统体系结构模型.小型微型计算机系统,2004,25(7):1159-1163
[26]P. Sun. Restructuring Hospital Information Systems Based on Service-Oriented Architecture [Ph. D dissertation]. National Chung Cheng University,2008
[27]T. Sueyoshi, G. R. Tadiparthi. An Agent-Based Decision Support System for Wholesale Electricity Market. Decision Support Systems,2008,44(2):425-446
[28]M. Pozzebon, A. Pinsonneault. Challenges in Conducting Empirical Work Using Structuration Theory:Learning from IT Research. Organization Studies,2005,26(9): 1353-1376
[29]M. R. Jones, H. Karsten. Giddens's Structuration Theory and Information Systems Research. MIS Quarterly,2008,32(1):127-157
[30]L. Brooks, C. Atkinson, D. Wainwright. Adaptin Structuration Theory to Understand the Role of Reflexivity:Problematination, Clinical Audit and Information Systems. International Journal of Information Management,2008,28(6):453-460
[31]V. Goepp, F. Kiefer, F. Geiskopf. Design of Information System Architecture Using a Key-Problem Framework. Computer in Industry,2006,57:189-200
[32]M. Wessel, R. Moeller. Flexible Software Architectures for Ontology-Based Information Systems. Journal of Applied Logic,2009,7(1):75-99
[33]R. Sessions. A Comparison of The Top Four Enterprise Architecture Methodologies. Last accessed on 11/8, from http://www.objectwatch.com/whitepapers/ 4EAComparison.Pdf,2009
[34]王景光,甘仞初.信息系统结构复杂性与可扩展性关系.北京理工大学学报, 1999,19(4):516-520
[35]A. Uhl. Model-Driven Development in the Enterprise. IEEE Software,2008,25(1): 46-49
[36]O. Pastor, S. Espana, J. I. Panach, et al. Model-Driven Development Informatik-Spektrum,2008,31(5):394-407
[37]H. Shah, M. E. Kourdi. Frameworks for Enterprise Architecture. IT Professional, 2007,9(5):36-41
[38]X. X. Deng. Intentional Modeling for Enterprise Architecture-Managing Knowledge About "Why" to Support Change [Ph. D dissertation]. University of Toronto,2006
[39]IEEE. ISO/IEC Standard for Systems and Software Engineering-Recommended Practice for Architectural Description of Software-Intensive Systems,2007:c1-24
[40]J. A. Zachman. A Framework for Information Systems Architecture. IBM Systems Journal,1987,26(3):282-290
[41]J. F. Sowa, J. A. Zachman. Extending and Formalizing the Framework for Information Systems Architecture. IBM Systems Journal,1992,31(3):590-616
[42]T. O. Group. The Open Group Architecture Framework(Version 9). Last accessed on 17/12, from http://www.opengroup.org/architecture/togaf9-doc/arch,2009
[43]CIO-Council. Federal Enterprise Architecture Framework(Version 1.1). Last accessed on 12/12, from http://www.cio.gov/Documents/fedarchl.pdf,2009
[44]DoDAF Architecture Framework Version 2.0. Last accessed on 24/12,from http: //cio-nii.defense.gov/sites/dodaf20/,2009
[45]A. Wegmann. On the Systemic Enterprise Architecture Methodology(SEAM). In: Proceedings of Proceedings of the 5th International Conference on Enterprise Information Systems(ICEIS 2003). Angers, France,2003:483-490
[46]DoD Standard. DOD5200.28-STD, Department of DefenseTrusted Computer System Evaluation Criteria(OrangeBook). GPO1986-623-963,6430, Dec.26,1985 (Supercedes CSC-STD-001-83, dtd 15 Aug 83)
[47]J. McLean. The Specification and Modeling of Computer Security. Computer,1990, 23(1):9-16
[48]W. Tolone. G. J. Ahn, T. Pai. Access Control in Collaborative Systems. ACM Computing Surverys,2005,37(1):29-41
[49]Q. He, A. I. Anton. Requirements-Based Access Control Analysis and Policy Specification(ReCAPS). Information and Software Technology,2009,51(6): 993-1009
[50]许峰,赖海光,黄皓等.面向服务的角色访问控制技术研究.计算机学报,2005,28(4):686-693
[51]R. S. Sanhu, E. J. Coyne, H. L. Feinstein, et al. Role-Based Access Control Models. IEEE Computer,1996,29(2):38-47
[52]R. K. Thomas, R. S. Sandhu. Task-Based Authorization Controls(TBAC):A Family of Models for Active and Enterprise-Oriented Authorization Management. In: Proceedings of Proceedings of the IFIP WG11.3 Workshop on Database Security. Lake Tahoe, California,1997:166-181
[53]邓集波,洪帆.基于任务的访问控制模型.软件学报,2003,14(1):76-82
[54]S. Oh, S. Park. Task-Role-Based Access Control Model. Information Systems,2003, 28(6):533-562
[55]D. Kulkarni, A. Tripathi. Context-Aware Role-Based Access Control in Pervasive Computing Systems. In:Proceedings of the 13th ACM symposium on Access control models and technologies. Estes Park, CO, USA.,2008:113-122
[56]C. A. Ardagna, M. Cremonini, S. D. C. D. Vimercati, et al. A Privacy-Aware Access Control System. Journal of Computer Security,2008,16(4):369-367
[57]A. D. Brucker, H. Petritsch. Idea:Efficient Evaluation of Access Control Constraints. In:Proceedings of International Symposium on Engineering Secure Software and Systems(ESSoS 2010). Pisa, Italy,2010:157-165
[58]B. Katt, X. Zhang, R. Breu, et al. A General Obligation Model and Continuity: Enhanced Policy Enforcement Engine for Usage Control. In:Proceedings of the 13th ACM Symposium on Access Control Models and Technologies. Estes Park, CO, USA.,2008:123-132
[59]E. Yuan, J. Tong. Attribute Based Access Control(ABAC) for Web Services. In: Proceedings of 3rd International Conference on Web Services(ICWS 2005). Orlando, USA.,2005:561-569
[60]Y. Jung, A. Masoumzadeh, J. B. D. Joshi, et al. RiBAC:Role Interaction Based Access Control Model for Community Computing. In:Proceedings of 4th International Conference on Collaborative Computing:Networking, Applications and Worksharing(CollaborateCom 2008). Orlando, FL, USA.,2008:304-321
[61]C. Wullems, M. Looi, A. Clark. Towards Context-Aware Security:An Authorization Architecture for Intranet Environments. In:Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW'04). Orlando, Florida.2004:132-137
[62]M. Ge, S. L. Osborn. A Design for Parameterized Roles. In:Proceedings of Research Directions in Data and Applications Security XVIII, IFIP TC11/WG 11.3 Eighteenth Annual Conference on Data and Applications Security(DBsec2004). Sitges, Catalonia, Spain,2004:251-264
[63]R. F. Han, H. X. Wang, Q. Xiao, et al. A United Access Control Model for Systems in Collaborative Commerce. Journal of Networks,2009,4(4):279-289
[64]D. Ferraiolo, V. Atluri. A Meta Model for Access Control:Why Is It Needed And Is It Even Possible to Achieve? In:Proceedings of Proceedings of the 13th ACM symposium on Access control models and technologies. Estes Park, CO, USA., 2008:153-154
[65]陈建明.信息系统开发中的若干理论问题的研究:[博士学位论文].北京:北方交通大学,2000
[66]C. Edwards, J. Ward, A. Bytheway. The Essence of Information systems. Bangalore: Prentice-hall Of India Pvt Ltd,2005
[67]D. Kang, J. Lee, S. Choi, et al. An Ontology-Based Enterprise Architecture. Expert Systems with Applications,2010,37(2):1456-1464
[68]R. M. Dijkman, D. A. C. Quartel, M. J. v. Sinderen. Consistency in Multi-Viewpoint Design of Enterprise Information Systems. Information and Software Technology, 2008,50(7-8):737-752
[69]D. Quartel, W. Engelsman, H. Jonkers, et al. A Goal-Oriented Requirements Modelling Language for Enterprise Architecture. In:Proceedings of 2009 IEEE International Enterprise Distributed Object Computing Conference(EDOC 2009). Auckland, New Zealand,2009:3-13
[70]H. Yu, J. Hong, Z. Yifeng, et al. SmartStore:A New Metadata Organization Paradigm With Semantic-Awareness for Next-Generation File Systems. In: Proceedings of the Conference on High Performance Computing Networking, Storage and Analysis. Portland, Oregon,2009:10
[71]万继光,詹玲.集群多媒体存储系统的两级元数据管理.小型微型计算机系统,2009,30(4):752-756
[72]R. T. Fielding. Architectural Styles and the Design of Network-based Software Architectures [Ph. D dissertation]. University of California,2000
[73]G B. Davis, M. H. Olson. Management Information Systems:Conceptual Foundations, Structure, and Development. New York:McGraw-Hill,1984
[74]章说荪,全安寿.对信息系统设计方法结构体系的探讨.计算机研究与发展,1989,26(4):28-36
[75]K. Smolander. Software Architecture Design in Information Systems Development: A Method Engineering View. In:Proceedings of the Sixth CAiSE/IFIP8.1 International Workshop on Evaluation of Modeling Methods in Systems Analysis and Design(EMMSAD'01). Interlaken, Switzerland.2001
[76]J. Hancock. Application Frameworks Before System Frameworks. In:Proceedings of 2000 proceedings of the conference on Object-Oriented Programming, Systems, Languages, and Applications. Minneapolis, Minnesota, United States,2000:43-44
[77]张明宝,夏安邦.基于面向服务体系架构的敏捷虚拟企业信息系统框架.计算机集成制造系统,2004,10(8):985-990
[78]M. N., E. A., R. D. S. Round-Trip Software Engineering Using UML:From Architecture to Design and Back. In:Proceedings of the 2nd Workshop on Object-Oriented Reengineering(WOOR 1999). Toulouse, France,1999:1-8
[79]M. N., T. R. N. A Classification and Comparison Framework for Software Architecture Description Languages. IEEE Transactions on Software Engineering, 2000,26(1):70-93
[80]F. C, Q. W. An Architecture-Based Approach for Component-Oriented Development. In:Proceedings of 26th Annual International Computer Software and Applications Coference(COMPSAC 2002). Oxford, England,2002:450-455
[81]马振宇,黄启春.支持分布应用的可组态管理信息系统体系结构.大连理工大学学报,2003,43(S1):118-122
[82]王颖,吴荣泉,黄美锋.一个面向服务的EAI集成框架.计算机工程,2006,32(1):279-281
[83]D. Barry, T. Stanienda. Solving the Java Object Storage Problem. Computer,1998, 31(11):33-40
[84]P. Yang-hong. Study on Enterprise Information Systems Architecture. Joural of Systems Science and Systems Engineering,2000,19(1):77-86
[85]Y. Ming-Hui, F. Qi, C. Xue-Guang. A Role Interactive Model Based on Method of Information System Function Partition. Science & Technology Progress and Policy, 2004,9:105-107
[86]柴跃廷,张晓东,董进等.敏捷供需链管理系统的可重构性研究.清华大学学报(自然科学版),2000,40(3):68-71
[87]IEEE Standard 1471-2000, IEEE Recommended Practice for Architectural Description of Software-Intensive Systems,2000
[88]L. Xudong, X. Xiaofei, Z. Dechen, et al. An Adaptive Development Framework for Web Based Enterprise Information System. In:Proceedings of Proceedings-International Symposium on Computer Science and Computational Technology (ISCSCT 2008). Shanghai,2008:82-86
[89]G. H. Lee, J. Jung. Web framework With Java and XML in Multi-tiers for Productivity. Future Generation Computer Systems,2007,23(2):263-268
[90]杨芙清,吕建,梅宏.网构软件技术体系:一种以体系结构为中心的途径.中国科学E辑,2008,38(6):818-828
[91]曾森,范玉顺.面向服务的企业架构.计算机应用研究,2008,25(2):540-545
[92]范玉顺.企业信息化管理的战略框架与成熟度模型.计算机集成制造系统,2008,14(7):1290-1296
[93]黄双喜,范玉顺,赵彧.一类通用的适应性软件体系结构风格研究.软件学报,2006,17(6):1338-1348
[94]臧传真,范玉顺.基于智能物件的制造企业信息系统研究.计算机集成制造系 统,2007,13(1):49-56
[95]段永强.基于多Agent的企业信息系统敏捷化研究:[博士学位论文].上海:上海交通大学,2000
[96]刘明忠,薛恒新,陈鹏等.面向随机协作的柔性管理信息系统体系结构研究.中国制造业信息化,2007,36(23):22-27
[97]杨昭昭,黄必清,颜波等.基于Web服务的应用网格体系结构研究.计算机应用研究,2005,7:229-233
[98]胡春明,怀进鹏,孙海龙.基于Web服务的网格体系结构及其支撑环境研究.软件学报,2004,15(7):1064-1073
[99]龚报钧,王树青.基于多Agent的开放信息集成体系结构.控制与决策,2000,15(4):427-430
[100]R. Lagerstroem, J. Saat, U. Franke, et al. Enterprise Meta Modeling Methods Combining a Stakeholder-Oriented and a Causality-Based Approach. In: Proceedings of The 10th Workshop on Business Process Modeling, Development, and Support(BPMDS 2009). Amsterdam, Netherlands,2009:381-393
[101]S. Buckl, F. Matthes, C. M. Schweda. Classifying Enterprise Architecture Analysis Approaches. In:Proceedings of 2nd IFIP WG 5.8 International Workshop(IWEI 2009). Valencia, Spain,2009:66-79
[102]M. R. Davoudi, F. S. Aliee, M. Mohsenzadeh. A New Approah towards Enterprise Architecture Analysis. In:Proceedings of International Conference on Enterprise Information Systems and Web Technologies(EISWT-09). Orlando, Florida, USA., 2009:44-51
[103]H. Koning, H. V. Vliet. A Method for Defining IEEE Std 1471 Viewpoints. Journal of System and Software,2006,79(1):120-131
[104]D. Greefhorst, H. Koning, H. V. Vliet. The Many Faces of Architectural Descriptions. Information Systems Frontiers,2006,8(2):103-113
[105]F. G. Goethals, M. Snoeck, W. Lemahieu, et al. Management and enterprise architecture click:The FAD(E)E Framework. Information Systems Frontiers,2006, 8(2):67-79
[106]Special Issue:Enterprise Architecture-A 20 Year Retrospective. P. o. t. IASA.2007, April(6)
[107]J. A. Zachman. Concepts of the Framework for Enterprise Architecture:Background, Description and Utility. Last accessed on 12/8, from http://www.ies.aust. com/papers/zachman3.htm,2007
[108]S. Gerber, U. Meyer, C. Richert. EA Model as Central Part of the Transformation into a More Flexible and Powerful Organisation. In:Proceedings of the 2nd International Workshop on Enterprise Modelling and Information Systems Architectures(EMISA 2007). St. Goar, Germany,2007:23-32
[109]嵇文路,夏安邦.基于知识和规则的企业工程元方法学.计算机工程,2008,34(3):62-65
[110]X. W, Y. B. L, L. Z. Y. Research on the Bussiness Component Design of Enterprise Information System. Joural of Software,2003,14(7):1213-1220
[111]D. Kirk, M. Roper, MurrayWood. Defining the Problems of Framework Reuse. In: Proceedings of 26th Annual International Computer Software and Applications Conference. Oxford,2002:623-626
[112]G. Succi, W. Pedrycz, E. Liu, et al. Package-Oriented Software Engineering:A Generic Architecture. IEEE IT Professional,2001,3(2):29-36
[113]S. E. Slack. Information architecture essentials, Part 1:The data and content dilemma. Last accessed on 16/8,2009 from http://www.ibm.com/developerworks /architecture/library/ar-infoarch1/
[114]S. E. Slack. Enterprise architecture essentials, Part 1:Enterprise architecture viewpoints:What's Best for Your Organization? Last accessed on 15/8,2009 from http://www.ibm.com/developerworks/architecture/library/ar-enterarchl/?S_TACT= 105AGX52&S CMP=content
[115]M. Jackson. Problems, Methods and Specialization. IEEE Software,1994,11(6): 57-62
[116]N. Boucke, D. Weyns, R. Hilliard, et al. Characterizing Relations between Architectural Views. In:Proceedings of the 2nd European conference on Software Architecture(ECSA 2008). Paphos, Cyprus.2008:66-81
[117]B. Carlo, C. Cinzia, F. Chiara, et al. Methodologies for Data Quality Assessment and Improvement. ACM Computing Surveys,2009,41(3):1-52
[118]H. Xu, J. H. Nord, N. Brown, et al. Data Quality Issues in Inplementing an ERP. Industrial Management & Data Systems,2002,102(1):47-58
[119]C. Atkinson, B. Paech, J. Reinhold, et al. Developing and Applying Component-Based Model-Driven Architectures in KobrA. In:Proceedings of Fifth IEEE International Enterprise Distributed Object Computing Conference(EDOC'01). Seattle, Washington,2001:212-223
[120]ISO. ISO/IEC 42010 Systems and Software Engineering-Architectural Description. July,2007
[121]PITAC. Information Technology for the Twenty-First Century:A bold Investment in America's Future. Last accessed on 11/6, from http://www. ccic. gov,2009
[122]P. Zhang, I. Benbasat, J. Carey, et al. Human-Computer Interaction Research in the MIS Discipline. Communications of the Association for Information Systems,2002, 9:334-355
[123]易树平,王海霞,杨文彩.人-信息系统交互效率的内涵及影响因素.工业工程与管理,2006,6:28-32
[124]邢一亭,岳延贞,王刊良.我国管理信息系统(MIS)领域人机交互(HCI)研究评述.信息系统学报,2008,2(2):97-109
[125]董士海.人机交互的进展及面临的挑战.计算机辅助设计与图形学学报,2004,16(1):1-13
[126]P. Lardieri, J. Balasubramanian, D. C. Schmidt, et al. A Multi-Layered Resource Management Framework for Dynamic Resource Management in Enterprise DRE systems. Journal of Systems and Software,2007,80(7):984-996
[127]A. Wegmann, A. Kotsalainen, L. Matthey, et al. Augmenting the Zachman Enterprise Architecture Framework with a Systemic Conceptualization. In:Proceedings of the 12th International IEEE Enterprise Distributed Object Computing Conference(EDOC 2008). Munchen, Germany,2008:3-13
[128]文铁华.信息系统安全的若干关键问题研究:[博士学位论文].长沙:中南大学,2003
[129]赵勇.重要信息系统安全体系结构及实用模型研究:[博士学位论文].北京:北京交通大学,2008
[130]文铁华.信息系统安全的若干关键问题研究:[博士学位论文].长沙:中南大学,2004
[131]G. J. AHN, R. SANDHU. Role-Based Authorization Constraints Specification. ACM Transactions on Information and System Security,2000,3(4):207-226
[132]H. Zhu, M. Zhou. Roles in Information Systems:A Survey. IEEE Transactions on Systems, Man, and Cybernetics, Part C:Applications and Reviews,2008,38(3): 377-396
[133]M. J. Moyer, M. Ahamad. Generalized Role-Based Access Control. In:Proceedings of 21st International Conference on Distributed Computing Systems. Mesa, AZ, USA.2001:391-398
[134]G. Zhang, M. Parashar. Context-aware Dynamic Access Control for Pervasive Applications. In:Proceedings of the Communication Networks and Distributed Systems Modeling and Simulation Conference(CNDS2004). San Diego, CA.2004
[135]R. A. Botha. CoSAWoE-A Model for Context-sensitive Access Control in Workflow Environments [Ph. D dissertation]. Rand Afrikaans University,2001
[136]鞠时光,陈伟鹤,顾怡.带有空间特性角色约束.计算机辅助设计与图形学学报,2008,20(10):1374-1382
[137]E. Bertino, C. Bettini, E. Ferrari, et al. An Access Control Model Supporting Periodicity Constraints and Temporal Reasoning. ACM Transactions on Database Systems,1998,23(3):231-285
[138]A. Gal, V. Atluri. An Authorization Model for Temporal Data. In:Proceedings of 7th ACM Conference on Computer and Communications Security. Athens, Greece, 2000:144-153
[139]李怀阳.进化存储系统数据组织模式研究:[博士学位论文].武汉:华中科技大学,2006
[140]H. Verjus, F. Pourraz. A Formal Framework for Building, Checking And Evolving Service Oriented Architectures. In:Proceedings of Proceedings of the Fifth European Conference on Web Services,2007:245-254
[141]S. Cimpan, H. Verjus, I. Alloui. Dynamic Architecture Based Evolution of Enterprise Information Systems. In:Proceedings of International Conference on Enterprise Information Systems (ICSEA 2007). France,2007:23-30
①http://users.iafrica.com/o/om/omisditd/denniss/text/framewrk.html
① SAP:全球第一大企业管理软件与解决方案供应商,http://www.sap.org
① http://searchsoa.techtarget.com/news/article/0,289142,sid26_gci1230185,00.html
[1]IDC. The Expanding Digital Universe:A Forecast of Worldwide Information Growth Through 2010. March 2007
[2]J. A. Reimer. Enterprise Content Management. DatenBank-Spektrum (April 2002): 17-22. Last accessed on January 3,2009 from http://mordor. prakinf. tu-ilmenau. de/papers/dbspektrum/dbs-04-17. pdf
[3]J. V. Brocke, A. Simons, B. Schenk. Transforming Design Science Research into Practical Application:Experiences from Two ECM Teaching Cases. In:Proceedings of 19th Australasian Conference on Information Systems (ACIS 2008). Christchurch.2008:1049-1058
[4]A. Pavlak. Lessons from Classical Architecture. Journal of Enterprise Architecture, 2006,2 (2):20-27
[5]林正奎.质量和功能目标驱动的大型复杂信息系统开发方法研究:[博士学位论文].大连:大连理工大学,2006
[6]R. Baskerville, M. Myers. Information Systems as a Reference Discipline. MIS Quarterly,2002,26(1):1-14
[7]A. Tatnall, A. Gilding. Actor-Network Theory and Information Systems Research. In:Proceedings of 10th Australasian Conference on Information Systems. Victoria University of Wellington,1999:955-966
[8]T. Paivarinta, B. E. Munkvold. Enterprise Content Management:An Integrated Perspective on Information Management. In:Proceedings of the 38th Hawaii International Conference on System Sciences. Hawaii, USA.2005:96
[9]J. V. Brocke, J. Becker, A. Simons, et al. Towards the Specification of Digital Content-The Enterprise Content Modeling Language (ECML). In:Proceedings of 14th Americas Conference on Information Systems (AMCIS 2008). Toronto, Ontario,2008:403
[10]R. A. D. Carvalho. An Enterprise Content Management Solution Based on Open Source. In:Proceedings of IFIP TC 8 WG 8.9 International Conference on Research and Practical Issues of Enterprise Information Systems (CONFENIS 2007). Beijing, China,2007:173-183
[11]K. Beyer, V. Ercegovac, R. Krishnamurthy, et al. Towards a Scalable Enterprise Content Analytics Platform. IEEE Data Engineering Bulletin,2009,32(1):28-35
[12]T. M. Froese, B. C. P. Jr. OPIS:An Object Model-Based Project Information System. Computer-Aided Civil and Infrastructure Engineering,2008,9(1):13-28
[13]甘仞初,崔国玺.信息系统需求驱动自适应体系结构的研究.信息系统学报,2008,2(1):66-74
[14]K. E. Emam, S. Quintin, N. H. Madhavji. User Participation in the Requirements Engineering Process:An Empirical Study. Requirements Engineering,1996,1(1): 4-26
[15]C. Potts, K. Takahashi, A. I. Anton. Inquiry-Based Requirements Analysis. IEEE Software,1994,11(2):21-32
[16]张伟,刘峰,赵海燕等.一种问题驱动基于场景的协同式需求诱导方法.计算机学报,2008,31(9):1554-1562
[17]B. Decke, E. Ras, J. Rech, et al. Wiki-Based Stakeholder Participation in Requirements Engineering. IEEE Software,2007,24(2):28-35
[18]M. Geisser, T. Hildenbrand. A Method for Collaborative Requirements Elicitation and Decision-Supported Requirements Analysis. In:Proceedings of the IFIP 19th World Computer Congress, First International Workshop on Advanced Software Engineering. Boston, USA.2006:108-122
[19]Z. Zhang. Effective Requirements Development-A Comparison of Requirements Elicitation Techniques. Last accessed on 16/10, from http://www.cs.uta.fi/re/rem. pdf,2009
[20]E. Yu, M. Strohmaier, X. Deng. Exploring Intentional Modeling and Analysis for Enterprise Architecture. In:Proceedings of the 10th IEEE on International Enterprise Distributed Object Computing Conference Workshops(EDOC 2006). Hong Kong,2009:32
[21]E. Anderson, J. Hall, J. Hartline, et al. Algorithms for Data Migration. Algorithmica, 2010,57(2):349-380
[22]C. Curino, H. J. Moon, C. Zaniolo. Automating Database Schema Evolution in Information System Upgrades. In:Proceedings of the Second International Workshop on Hot Topics in Software Upgrades. Orlando, Florida,2009:5
[23]M. J. Earl, M. T. Vendel(?). Prototypes are Not Pilots(and vice versa):Reflecting on a 25 Year Old Idea. In:K. V. Anderson ed. The Past and Future of Information Systems. Oxford:Elsevier Ltd,2004:7-12
[24]M. Crisp. Defining and Managing Requirements Within Large and Distrbuted Agile Projects. Last accessed on 21/8,2008 from http://www.orasi.com/Documents /bp_Requirements_within_Distributed_Agile_Teams. pdf.
[25]任明仑,朱卫东,杨善林.基于构件的信息系统体系结构模型.小型微型计算机系统,2004,25(7):1159-1163
[26]P. Sun. Restructuring Hospital Information Systems Based on Service-Oriented Architecture [Ph. D dissertation]. National Chung Cheng University,2008
[27]T. Sueyoshi, G. R. Tadiparthi. An Agent-Based Decision Support System for Wholesale Electricity Market. Decision Support Systems,2008,44(2):425-446
[28]M. Pozzebon, A. Pinsonneault. Challenges in Conducting Empirical Work Using Structuration Theory:Learning from IT Research. Organization Studies,2005,26(9): 1353-1376
[29]M. R. Jones, H. Karsten. Giddens's Structuration Theory and Information Systems Research. MIS Quarterly,2008,32(1):127-157
[30]L. Brooks, C. Atkinson, D. Wainwright. Adaptin Structuration Theory to Understand the Role of Reflexivity:Problematination, Clinical Audit and Information Systems. International Journal of Information Management,2008,28(6):453-460
[31]V. Goepp, F. Kiefer, F. Geiskopf. Design of Information System Architecture Using a Key-Problem Framework. Computer in Industry,2006,57:189-200
[32]M. Wessel, R. Moeller. Flexible Software Architectures for Ontology-Based Information Systems. Journal of Applied Logic,2009,7(1):75-99
[33]R. Sessions. A Comparison of The Top Four Enterprise Architecture Methodologies. Last accessed on 11/8, from http://www.objectwatch.com/whitepapers/ 4EAComparison.Pdf,2009
[34]王景光,甘仞初.信息系统结构复杂性与可扩展性关系.北京理工大学学报, 1999,19(4):516-520
[35]A. Uhl. Model-Driven Development in the Enterprise. IEEE Software,2008,25(1): 46-49
[36]O. Pastor, S. Espana, J. I. Panach, et al. Model-Driven Development Informatik-Spektrum,2008,31(5):394-407
[37]H. Shah, M. E. Kourdi. Frameworks for Enterprise Architecture. IT Professional, 2007,9(5):36-41
[38]X. X. Deng. Intentional Modeling for Enterprise Architecture-Managing Knowledge About "Why" to Support Change [Ph. D dissertation]. University of Toronto,2006
[39]IEEE. ISO/IEC Standard for Systems and Software Engineering-Recommended Practice for Architectural Description of Software-Intensive Systems,2007:c1-24
[40]J. A. Zachman. A Framework for Information Systems Architecture. IBM Systems Journal,1987,26(3):282-290
[41]J. F. Sowa, J. A. Zachman. Extending and Formalizing the Framework for Information Systems Architecture. IBM Systems Journal,1992,31(3):590-616
[42]T. O. Group. The Open Group Architecture Framework(Version 9). Last accessed on 17/12, from http://www.opengroup.org/architecture/togaf9-doc/arch,2009
[43]CIO-Council. Federal Enterprise Architecture Framework(Version 1.1). Last accessed on 12/12, from http://www.cio.gov/Documents/fedarchl.pdf,2009
[44]DoDAF Architecture Framework Version 2.0. Last accessed on 24/12,from http: //cio-nii.defense.gov/sites/dodaf20/,2009
[45]A. Wegmann. On the Systemic Enterprise Architecture Methodology(SEAM). In: Proceedings of Proceedings of the 5th International Conference on Enterprise Information Systems(ICEIS 2003). Angers, France,2003:483-490
[46]DoD Standard. DOD5200.28-STD, Department of DefenseTrusted Computer System Evaluation Criteria(OrangeBook). GPO1986-623-963,6430, Dec.26,1985 (Supercedes CSC-STD-001-83, dtd 15 Aug 83)
[47]J. McLean. The Specification and Modeling of Computer Security. Computer,1990, 23(1):9-16
[48]W. Tolone. G. J. Ahn, T. Pai. Access Control in Collaborative Systems. ACM Computing Surverys,2005,37(1):29-41
[49]Q. He, A. I. Anton. Requirements-Based Access Control Analysis and Policy Specification(ReCAPS). Information and Software Technology,2009,51(6): 993-1009
[50]许峰,赖海光,黄皓等.面向服务的角色访问控制技术研究.计算机学报,2005,28(4):686-693
[51]R. S. Sanhu, E. J. Coyne, H. L. Feinstein, et al. Role-Based Access Control Models. IEEE Computer,1996,29(2):38-47
[52]R. K. Thomas, R. S. Sandhu. Task-Based Authorization Controls(TBAC):A Family of Models for Active and Enterprise-Oriented Authorization Management. In: Proceedings of Proceedings of the IFIP WG11.3 Workshop on Database Security. Lake Tahoe, California,1997:166-181
[53]邓集波,洪帆.基于任务的访问控制模型.软件学报,2003,14(1):76-82
[54]S. Oh, S. Park. Task-Role-Based Access Control Model. Information Systems,2003, 28(6):533-562
[55]D. Kulkarni, A. Tripathi. Context-Aware Role-Based Access Control in Pervasive Computing Systems. In:Proceedings of the 13th ACM symposium on Access control models and technologies. Estes Park, CO, USA.,2008:113-122
[56]C. A. Ardagna, M. Cremonini, S. D. C. D. Vimercati, et al. A Privacy-Aware Access Control System. Journal of Computer Security,2008,16(4):369-367
[57]A. D. Brucker, H. Petritsch. Idea:Efficient Evaluation of Access Control Constraints. In:Proceedings of International Symposium on Engineering Secure Software and Systems(ESSoS 2010). Pisa, Italy,2010:157-165
[58]B. Katt, X. Zhang, R. Breu, et al. A General Obligation Model and Continuity: Enhanced Policy Enforcement Engine for Usage Control. In:Proceedings of the 13th ACM Symposium on Access Control Models and Technologies. Estes Park, CO, USA.,2008:123-132
[59]E. Yuan, J. Tong. Attribute Based Access Control(ABAC) for Web Services. In: Proceedings of 3rd International Conference on Web Services(ICWS 2005). Orlando, USA.,2005:561-569
[60]Y. Jung, A. Masoumzadeh, J. B. D. Joshi, et al. RiBAC:Role Interaction Based Access Control Model for Community Computing. In:Proceedings of 4th International Conference on Collaborative Computing:Networking, Applications and Worksharing(CollaborateCom 2008). Orlando, FL, USA.,2008:304-321
[61]C. Wullems, M. Looi, A. Clark. Towards Context-Aware Security:An Authorization Architecture for Intranet Environments. In:Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW'04). Orlando, Florida.2004:132-137
[62]M. Ge, S. L. Osborn. A Design for Parameterized Roles. In:Proceedings of Research Directions in Data and Applications Security XVIII, IFIP TC11/WG 11.3 Eighteenth Annual Conference on Data and Applications Security(DBsec2004). Sitges, Catalonia, Spain,2004:251-264
[63]R. F. Han, H. X. Wang, Q. Xiao, et al. A United Access Control Model for Systems in Collaborative Commerce. Journal of Networks,2009,4(4):279-289
[64]D. Ferraiolo, V. Atluri. A Meta Model for Access Control:Why Is It Needed And Is It Even Possible to Achieve? In:Proceedings of Proceedings of the 13th ACM symposium on Access control models and technologies. Estes Park, CO, USA., 2008:153-154
[65]陈建明.信息系统开发中的若干理论问题的研究:[博士学位论文].北京:北方交通大学,2000
[66]C. Edwards, J. Ward, A. Bytheway. The Essence of Information systems. Bangalore: Prentice-hall Of India Pvt Ltd,2005
[67]D. Kang, J. Lee, S. Choi, et al. An Ontology-Based Enterprise Architecture. Expert Systems with Applications,2010,37(2):1456-1464
[68]R. M. Dijkman, D. A. C. Quartel, M. J. v. Sinderen. Consistency in Multi-Viewpoint Design of Enterprise Information Systems. Information and Software Technology, 2008,50(7-8):737-752
[69]D. Quartel, W. Engelsman, H. Jonkers, et al. A Goal-Oriented Requirements Modelling Language for Enterprise Architecture. In:Proceedings of 2009 IEEE International Enterprise Distributed Object Computing Conference(EDOC 2009). Auckland, New Zealand,2009:3-13
[70]H. Yu, J. Hong, Z. Yifeng, et al. SmartStore:A New Metadata Organization Paradigm With Semantic-Awareness for Next-Generation File Systems. In: Proceedings of the Conference on High Performance Computing Networking, Storage and Analysis. Portland, Oregon,2009:10
[71]万继光,詹玲.集群多媒体存储系统的两级元数据管理.小型微型计算机系统,2009,30(4):752-756
[72]R. T. Fielding. Architectural Styles and the Design of Network-based Software Architectures [Ph. D dissertation]. University of California,2000
[73]G B. Davis, M. H. Olson. Management Information Systems:Conceptual Foundations, Structure, and Development. New York:McGraw-Hill,1984
[74]章说荪,全安寿.对信息系统设计方法结构体系的探讨.计算机研究与发展,1989,26(4):28-36
[75]K. Smolander. Software Architecture Design in Information Systems Development: A Method Engineering View. In:Proceedings of the Sixth CAiSE/IFIP8.1 International Workshop on Evaluation of Modeling Methods in Systems Analysis and Design(EMMSAD'01). Interlaken, Switzerland.2001
[76]J. Hancock. Application Frameworks Before System Frameworks. In:Proceedings of 2000 proceedings of the conference on Object-Oriented Programming, Systems, Languages, and Applications. Minneapolis, Minnesota, United States,2000:43-44
[77]张明宝,夏安邦.基于面向服务体系架构的敏捷虚拟企业信息系统框架.计算机集成制造系统,2004,10(8):985-990
[78]M. N., E. A., R. D. S. Round-Trip Software Engineering Using UML:From Architecture to Design and Back. In:Proceedings of the 2nd Workshop on Object-Oriented Reengineering(WOOR 1999). Toulouse, France,1999:1-8
[79]M. N., T. R. N. A Classification and Comparison Framework for Software Architecture Description Languages. IEEE Transactions on Software Engineering, 2000,26(1):70-93
[80]F. C, Q. W. An Architecture-Based Approach for Component-Oriented Development. In:Proceedings of 26th Annual International Computer Software and Applications Coference(COMPSAC 2002). Oxford, England,2002:450-455
[81]马振宇,黄启春.支持分布应用的可组态管理信息系统体系结构.大连理工大学学报,2003,43(S1):118-122
[82]王颖,吴荣泉,黄美锋.一个面向服务的EAI集成框架.计算机工程,2006,32(1):279-281
[83]D. Barry, T. Stanienda. Solving the Java Object Storage Problem. Computer,1998, 31(11):33-40
[84]P. Yang-hong. Study on Enterprise Information Systems Architecture. Joural of Systems Science and Systems Engineering,2000,19(1):77-86
[85]Y. Ming-Hui, F. Qi, C. Xue-Guang. A Role Interactive Model Based on Method of Information System Function Partition. Science & Technology Progress and Policy, 2004,9:105-107
[86]柴跃廷,张晓东,董进等.敏捷供需链管理系统的可重构性研究.清华大学学报(自然科学版),2000,40(3):68-71
[87]IEEE Standard 1471-2000, IEEE Recommended Practice for Architectural Description of Software-Intensive Systems,2000
[88]L. Xudong, X. Xiaofei, Z. Dechen, et al. An Adaptive Development Framework for Web Based Enterprise Information System. In:Proceedings of Proceedings-International Symposium on Computer Science and Computational Technology (ISCSCT 2008). Shanghai,2008:82-86
[89]G. H. Lee, J. Jung. Web framework With Java and XML in Multi-tiers for Productivity. Future Generation Computer Systems,2007,23(2):263-268
[90]杨芙清,吕建,梅宏.网构软件技术体系:一种以体系结构为中心的途径.中国科学E辑,2008,38(6):818-828
[91]曾森,范玉顺.面向服务的企业架构.计算机应用研究,2008,25(2):540-545
[92]范玉顺.企业信息化管理的战略框架与成熟度模型.计算机集成制造系统,2008,14(7):1290-1296
[93]黄双喜,范玉顺,赵彧.一类通用的适应性软件体系结构风格研究.软件学报,2006,17(6):1338-1348
[94]臧传真,范玉顺.基于智能物件的制造企业信息系统研究.计算机集成制造系 统,2007,13(1):49-56
[95]段永强.基于多Agent的企业信息系统敏捷化研究:[博士学位论文].上海:上海交通大学,2000
[96]刘明忠,薛恒新,陈鹏等.面向随机协作的柔性管理信息系统体系结构研究.中国制造业信息化,2007,36(23):22-27
[97]杨昭昭,黄必清,颜波等.基于Web服务的应用网格体系结构研究.计算机应用研究,2005,7:229-233
[98]胡春明,怀进鹏,孙海龙.基于Web服务的网格体系结构及其支撑环境研究.软件学报,2004,15(7):1064-1073
[99]龚报钧,王树青.基于多Agent的开放信息集成体系结构.控制与决策,2000,15(4):427-430
[100]R. Lagerstroem, J. Saat, U. Franke, et al. Enterprise Meta Modeling Methods Combining a Stakeholder-Oriented and a Causality-Based Approach. In: Proceedings of The 10th Workshop on Business Process Modeling, Development, and Support(BPMDS 2009). Amsterdam, Netherlands,2009:381-393
[101]S. Buckl, F. Matthes, C. M. Schweda. Classifying Enterprise Architecture Analysis Approaches. In:Proceedings of 2nd IFIP WG 5.8 International Workshop(IWEI 2009). Valencia, Spain,2009:66-79
[102]M. R. Davoudi, F. S. Aliee, M. Mohsenzadeh. A New Approah towards Enterprise Architecture Analysis. In:Proceedings of International Conference on Enterprise Information Systems and Web Technologies(EISWT-09). Orlando, Florida, USA., 2009:44-51
[103]H. Koning, H. V. Vliet. A Method for Defining IEEE Std 1471 Viewpoints. Journal of System and Software,2006,79(1):120-131
[104]D. Greefhorst, H. Koning, H. V. Vliet. The Many Faces of Architectural Descriptions. Information Systems Frontiers,2006,8(2):103-113
[105]F. G. Goethals, M. Snoeck, W. Lemahieu, et al. Management and enterprise architecture click:The FAD(E)E Framework. Information Systems Frontiers,2006, 8(2):67-79
[106]Special Issue:Enterprise Architecture-A 20 Year Retrospective. P. o. t. IASA.2007, April(6)
[107]J. A. Zachman. Concepts of the Framework for Enterprise Architecture:Background, Description and Utility. Last accessed on 12/8, from http://www.ies.aust. com/papers/zachman3.htm,2007
[108]S. Gerber, U. Meyer, C. Richert. EA Model as Central Part of the Transformation into a More Flexible and Powerful Organisation. In:Proceedings of the 2nd International Workshop on Enterprise Modelling and Information Systems Architectures(EMISA 2007). St. Goar, Germany,2007:23-32
[109]嵇文路,夏安邦.基于知识和规则的企业工程元方法学.计算机工程,2008,34(3):62-65
[110]X. W, Y. B. L, L. Z. Y. Research on the Bussiness Component Design of Enterprise Information System. Joural of Software,2003,14(7):1213-1220
[111]D. Kirk, M. Roper, MurrayWood. Defining the Problems of Framework Reuse. In: Proceedings of 26th Annual International Computer Software and Applications Conference. Oxford,2002:623-626
[112]G. Succi, W. Pedrycz, E. Liu, et al. Package-Oriented Software Engineering:A Generic Architecture. IEEE IT Professional,2001,3(2):29-36
[113]S. E. Slack. Information architecture essentials, Part 1:The data and content dilemma. Last accessed on 16/8,2009 from http://www.ibm.com/developerworks /architecture/library/ar-infoarch1/
[114]S. E. Slack. Enterprise architecture essentials, Part 1:Enterprise architecture viewpoints:What's Best for Your Organization? Last accessed on 15/8,2009 from http://www.ibm.com/developerworks/architecture/library/ar-enterarchl/?S_TACT= 105AGX52&S CMP=content
[115]M. Jackson. Problems, Methods and Specialization. IEEE Software,1994,11(6): 57-62
[116]N. Boucke, D. Weyns, R. Hilliard, et al. Characterizing Relations between Architectural Views. In:Proceedings of the 2nd European conference on Software Architecture(ECSA 2008). Paphos, Cyprus.2008:66-81
[117]B. Carlo, C. Cinzia, F. Chiara, et al. Methodologies for Data Quality Assessment and Improvement. ACM Computing Surveys,2009,41(3):1-52
[118]H. Xu, J. H. Nord, N. Brown, et al. Data Quality Issues in Inplementing an ERP. Industrial Management & Data Systems,2002,102(1):47-58
[119]C. Atkinson, B. Paech, J. Reinhold, et al. Developing and Applying Component-Based Model-Driven Architectures in KobrA. In:Proceedings of Fifth IEEE International Enterprise Distributed Object Computing Conference(EDOC'01). Seattle, Washington,2001:212-223
[120]ISO. ISO/IEC 42010 Systems and Software Engineering-Architectural Description. July,2007
[121]PITAC. Information Technology for the Twenty-First Century:A bold Investment in America's Future. Last accessed on 11/6, from http://www. ccic. gov,2009
[122]P. Zhang, I. Benbasat, J. Carey, et al. Human-Computer Interaction Research in the MIS Discipline. Communications of the Association for Information Systems,2002, 9:334-355
[123]易树平,王海霞,杨文彩.人-信息系统交互效率的内涵及影响因素.工业工程与管理,2006,6:28-32
[124]邢一亭,岳延贞,王刊良.我国管理信息系统(MIS)领域人机交互(HCI)研究评述.信息系统学报,2008,2(2):97-109
[125]董士海.人机交互的进展及面临的挑战.计算机辅助设计与图形学学报,2004,16(1):1-13
[126]P. Lardieri, J. Balasubramanian, D. C. Schmidt, et al. A Multi-Layered Resource Management Framework for Dynamic Resource Management in Enterprise DRE systems. Journal of Systems and Software,2007,80(7):984-996
[127]A. Wegmann, A. Kotsalainen, L. Matthey, et al. Augmenting the Zachman Enterprise Architecture Framework with a Systemic Conceptualization. In:Proceedings of the 12th International IEEE Enterprise Distributed Object Computing Conference(EDOC 2008). Munchen, Germany,2008:3-13
[128]文铁华.信息系统安全的若干关键问题研究:[博士学位论文].长沙:中南大学,2003
[129]赵勇.重要信息系统安全体系结构及实用模型研究:[博士学位论文].北京:北京交通大学,2008
[130]文铁华.信息系统安全的若干关键问题研究:[博士学位论文].长沙:中南大学,2004
[131]G. J. AHN, R. SANDHU. Role-Based Authorization Constraints Specification. ACM Transactions on Information and System Security,2000,3(4):207-226
[132]H. Zhu, M. Zhou. Roles in Information Systems:A Survey. IEEE Transactions on Systems, Man, and Cybernetics, Part C:Applications and Reviews,2008,38(3): 377-396
[133]M. J. Moyer, M. Ahamad. Generalized Role-Based Access Control. In:Proceedings of 21st International Conference on Distributed Computing Systems. Mesa, AZ, USA.2001:391-398
[134]G. Zhang, M. Parashar. Context-aware Dynamic Access Control for Pervasive Applications. In:Proceedings of the Communication Networks and Distributed Systems Modeling and Simulation Conference(CNDS2004). San Diego, CA.2004
[135]R. A. Botha. CoSAWoE-A Model for Context-sensitive Access Control in Workflow Environments [Ph. D dissertation]. Rand Afrikaans University,2001
[136]鞠时光,陈伟鹤,顾怡.带有空间特性角色约束.计算机辅助设计与图形学学报,2008,20(10):1374-1382
[137]E. Bertino, C. Bettini, E. Ferrari, et al. An Access Control Model Supporting Periodicity Constraints and Temporal Reasoning. ACM Transactions on Database Systems,1998,23(3):231-285
[138]A. Gal, V. Atluri. An Authorization Model for Temporal Data. In:Proceedings of 7th ACM Conference on Computer and Communications Security. Athens, Greece, 2000:144-153
[139]李怀阳.进化存储系统数据组织模式研究:[博士学位论文].武汉:华中科技大学,2006
[140]H. Verjus, F. Pourraz. A Formal Framework for Building, Checking And Evolving Service Oriented Architectures. In:Proceedings of Proceedings of the Fifth European Conference on Web Services,2007:245-254
[141]S. Cimpan, H. Verjus, I. Alloui. Dynamic Architecture Based Evolution of Enterprise Information Systems. In:Proceedings of International Conference on Enterprise Information Systems (ICSEA 2007). France,2007:23-30