摘要
随着移动设备、智能手机和传感器技术的迅速发展,普适计算正日益走进人们的日常生活。普适计算的重要特点之一是计算机及信息系统能够感知物理世界的变化,从而对其行为做出主动调整,以更好地服务人类。换句话说,计算机系统通过感知和分析来自物理世界的信息而变得更加智能。人类社会、信息空间、物理世界三者的全面连通与融合正成为下一代普适计算技术的重要特征和主要趋势。
随着人们对普适计算研究的不断深入,普适计算环境下的安全问题(如信息的保密性、完整性、可用性和隐私性等)成为研究关注的焦点,同时也是阻碍普适计算从理论和实验阶段走向大规模实际应用的主要问题之一。由于普适计算具有分布性、动态性和不确定性等特点,传统的安全技术难以满足其复杂的安全需求。访问控制作为保障计算机安全的核心技术之一,对复杂信息系统的安全控制十分有效,因此也必将成为确保普适计算安全的关键技术。现有访问控制技术普遍采取的是集中安全策略管理模式和基于确定信息(包括安全策略、主体身份等)的静态授权方式,这种封闭环境下被动的访问控制已经无法适用于具有高度开放性的普适计算环境,迫切需要研究一种全新的访问控制技术。
本文针对普适计算环境下资源的安全访问控制问题进行了研究。论文将主动数据库理论、元图理论、模糊集合理论、模糊控制和模糊推理方法引入了传统访问控制技术,从访问控制的策略、模型和实现机制三个层面上对普适计算环境下的主动模糊访问控制技术进行了系统深入研究,解决了普适计算环境下访问控制的模糊不确定性和动态自适应性问题,为下一代智能访问控制技术研究提供了新的思路。论文的主要工作如下:
1.提出了一个普适计算环境下的模糊访问控制模型。该模型针对普适计算环境下具有不确定性的上下文信息和模糊信任关系建立模型,并引入授权决策过程。在该模型中,用户最终权限的获取是通过对上下文条件的满足程度、用户的信任程度以及激活角色可能产生的安全风险进行模糊推理得到的。给出了模型实现的体系结构,对模糊授权推理器的设计与实现进行了详细说明。
2.提出了一个普适计算环境下的主动访问控制模型。该模型将空间角色、环境及安全强度等概念引入访问控制模型建模,实现了在不同的安全强度下,用户可以激活不同的角色和使用不同的权限。基于主动数据库技术的ECA规则触发机制,设计了模型的主动访问控制模式,即根据环境上下文变化主动提供授权服务,并且自适应地调整模型的安全控制强度和授权策略。
3.提出了一种基于区间值主动模糊规则的主动模糊访问控制模型。首先将区间值模糊集合理论和主动数据库技术引入访问控制规则建模,提出了一种主动区间值模糊访问控制规则,用以描述普适计算环境下具有主动性和模糊不确定性的安全控制策略;然后基于提出的区间值主动模糊访问控制规则,构造了一个普适计算环境下的主动模糊访问控制模型,该模型具有支持多安全策略、分布式授权等特点;最后给出了保证访问控制模型授权正确性和可信性的条件,即保证主动模糊访问控制规则集的终止性和汇流性。
4.提出了一种基于元图理论的主动模糊访问控制规则集终止性分析方法。首先给出了模糊触发元图(Fuzzy Triggering Metagraph, FTMG)定义,用以表示主动模糊访问控制规则之间复杂的触发和激活关系;然后给出了一个基于FTMG的主动模糊访问控制规则集终止性分析方法,即通过分析FTMG的邻接矩阵闭包,寻找最小真触发环,判断主动模糊访问控制规则集的终止性;最后通过一个实例详细说明了算法的具体分析过程,并验证了该方法的正确性。
5.提出了一种基于元图理论的主动模糊访问控制规则集汇流性分析方法。首先给出了主动模糊访问控制规则集汇流性的定义,然后提出了一个基于FTMG的主动模糊访问控制规则集汇流性分析方法,并给出了相关的定理、证明及算法;最后通过一个实例详细说明了算法的具体分析过程,并验证了该方法的正确性。
6.设计并实现了一个普适计算环境下的智能访问控制原型系统(Smart Access Control System, SACS)。首先给出了SACS系统的体系结构设计及授权流程,然后对访问控制相关模块的设计与实现进行了详细说明,并给出了相关实现算法和部分实现代码;最后通过仿真实验测试了SACS原型系统的运行效率,通过对比实验验证了本文提出的基于元图的主动模糊访问控制规则集终止性分析算法具有较好的正确性和较高的效率。
With the development of mobile device, smart phone and sensor technology, ubiquitous computing is entering into people's lives. One of the important features of ubiquitous computing is that the computers are able to perceive the changes in the physical world, and make the initiative to adjust their behavior and provide better services for people. In other words, the computers become more intelligent through the perception and analysis of the contexts from the physical world, therefore, the connectivity and integration of human society, information space and physical world is becoming the important feature of the next generation of the ubiquitous computing technology, and the ubiquitous computing will provide a harmonious environment with more transparent, more intelligent, greener and more secure services.
With the deepening of the pervasive computing research, which the security issue becomes a focus problem (such as the confidentiality, integrity, availability and privacy of the information), at the same time, it is one of the main problem to hinder the pervasive computing to large-scale practical application from the theoretical and experimental stage; on the other hand, the traditional security mechanism is difficult to meet the security needs of the complex environment of pervasive computing, as the pervasive computing has the characteristics of distributed, dynamic, uncertainty. So, the access control is one of the kernel technology to protect computer security, and it is very effective to the security control of complex information systems, and it will also become the key technology to ensure secure of pervasive computing. However, the existing access control generally adopt centralized security policy management mode and determined information (including security policy, subject identity) based static authorization, such passive access control in the closed environment, is no longer applicable to highly open pervasive computing environment. To achieve a safe and effective control of resources in the pervasive computing environment, it is necessary to establish a new access control mechanism:the established new mechanism not only be able to trigger specific events in the ubiquitous environment, take the initiative to adjust the authorization policy changed adaptively control strength to ensure the safety and flexibility of permissions; but also it can support the authorization inference between the uncertain context information and fuzzy trust relationship, and give the result of the determininged authorization decision to ensure the correctness and intelligence of the authorization process. As the energy of the pervasive equipment is limited, the performance of access control system is higher, therefore, the access control system in pervasive computing environment shoule not only ensure the correctness and confluence of authorization inference results, and also prevent invalid circular reasoning, in order to guarantee the termination of the authorization decision process.
In this paper, to address the problem of access control in pervasive computing environment, we propose an active fuzzy access control method.and its realization mechanism used in pervasive computing environment, which is analyzed deeply the dynamic behavior of the access control system. In the proposed method, the active database theory, metgraphs theory, interval-valued fuzzy set theory, interval-valued fuzzy inference method and fuzz control technology are introduced into the traditional access control technology, and the active fuzzy access control technology is studied from three aspects:access control strategy, model and mechanism, which solve the fuzzy uncertainty and dynamic adaptive of pervasive computing, and provide a new idea for smart access control system. The mainly works of the paper are as follows:
(1) A fuzzy access control model for ubiquitous computing is presented, which is established to uncertainty context information and fuzzy trust relationship, and the authorization decision process is also introduced to this model. Furthermore, the permission of the user is obtained by the fuzzy inference of the satisfaction degree of the context condition, the level of trust of the user and the risk of the user's role activate. At last, the architecture of model and the design of fuzzy inference machine are detailed presented.
(2) An active access control model for ubiquitous computing is presented, which is established by introducing the space role, environment role and security level, to realize the user can active the different roles and use the different permissions under different security level. Moreover, an active access control mode is designed based on the trigger mechanism of ECA rules, That is, the model can initiative to adjust the access control level and security control strategy according to the changes in the context, to realize an adaptive control for resources.
(3) An active fuzzy access control model for ubiquitous computing is presented. Firstly, the interval-valued fuzzy set theory and active database technology is introduced into access control rule model, and an active interval-valued fuzzy access control rule is presented to describe the active fuzzy security strategy of pervasive computing environment; secondly, an active fuzzy access control model based on active interval-valued fuzzy access control rule is presented; finally,the termination and confiluence analysis problems of active fuzzy access control rule set is presented.
(4) A termination analysis method based on metgraph theory for active fuzzy access control rules set is presented. Firstly, the concept of termination is given; secondly, a termination analysis method based on fuzzy trigger metgraph is presented, and the theorem and algorithm are presented; Finally, the simulation results demonstrate that the accuracy and efficiency of the proposed method.
(5) A confluence analysis method based on metgraph theory for active fuzzy access control rules set is presented. Firstly, the concept of confluence is given; secondly, a confluence analysis method based on fuzzy trigger metgraph is presented, and the theorem and algorithm are presented; lastly, an example show the specific analysis procedure.
(6) A prototype system of smart access control is designed and implemented. System architecture is presented, fuzzy reasoning efficiency is proved. Firstly, the architecture design and authorization process of the SACS are given; and then, the details of realizing the access control module are explained; finally, we compare the efficiency of the prototype system to the termination analysis of the access control rules set.
引文
[1]Weiser M. The computer for the 21st century[J]. Scientific American,1991,265(3): 94-104.
[2]Satyanarayanan M. Pervasive computing:vision and challenges [J]. IEEE Personal Communications,2001,8(4):10-17.
[3]徐光祐,史元春,谢伟凯.普适计算[J].计算机学报,2003,26(9):1042-1050.
[4]Friedewald M, Raabe O.Ubiquitous computing:An overview of technology impacts[J].Telematics and Informatics,2011,28(2):55-65.
[5]Fernando N, Loke S, Rahayu W. Mobile cloud computing:A survey. Future Generation Computer Systems[J],2012,29(12):84-106.
[6]Agarwal N, Xu XW. Social computational systems[J]. Journal of Computational Science,2011,2(3):189-192.
[7]MIT Project Oxygen. http://oxygen.lcs.mit.edu/
[8]Garlan D,Siewiorek DP, Smailagic A, et al. Project Aura:toward distraction-free pervasive computing[J]. IEEE Pervasive Computing,2002,1(2):22-31.
[9]Gaia:active space for ubiquitous computing. In:Department of Computer Science, University of Illinois at Urbana-Champaign,2003.
[10]Disappearing computer. In:The Disappearing Computer Initiative funded by Europe Union(EU),2002.
[11]Easy Living.In:Microsoft Research,2003.
[12]Smart Classroom. In:Key Laboratory of PervasiveComputing,Tsinghua University, Ministry of Education Beijing,China,2003.
[13]Hayat Z, Reeve J, Boutle C. Ubiquitous security for ubiquitous computing[J]. Information Security Technical Report,2007,12(3):172-178.
[14]魏志强,康密军,贾东宁,等.普适计算隐私保护策略研究[J].计算机学报,2010,33(1):128-138.
[15]郭亚军,李蓉.普适计算的访问控制研究[J].华中师范大学学报(自然科学版),2006,40(4):504-506,510.
[16]Shehab M, Squicciarini A, Ahn G et al. Access control for online social networks third party applications[J]. Computers & Security,2012,31(8):897-911.
[17]Sandu R, Samarati P. Access control:principles and practice[J]. IEEE Commu-nications Magazine,1994,32(9):40-48.
[18]王小明,付红,张立臣.基于属性的访问控制研究进展[J].电子学报,2010,38(7):1660-1667.
[19]Wang H, Zhang Y. Access control management for ubiquitous computing[J]. Future Generation Computer Systems,2008,24(8):870-878.
[20]林闯,封富君,李俊山.新型网络环境下的访问控制技术[J].软件学报,2007,18(4):955-966.
[21]Wang J, Yang Y,Yurcik W. Secure smart environments:security requirements, challenges and experiences in pervasive computing[C]. In:Proc. of NSF Pervasive Computing Infrastructure and Experience Workshop,2005:36-48.
[22]Hutter D, Stephan W, Ullmann M. Security and privacy in pervasive computing: state and future directions [J]. Lecture Notes in Computer Science,2004,2802: 285-289.
[23]Hosmer H. Security is fuzzy:applying the fuzzy logic paradigm to the muti-policy paradigm[C]. In:Proceedings of the ACM Workshop on New security Paradigms, ACM Press,1993:175-184.
[24]Lech J. Need-to-Know principle and fuzzy security modelling[J]. Journal of Information Management & Computer Security,2000,8(5):210-217.
[25]Patroklos, Argyoudis G, Mahony D. An authorization management architecture for ubiquitous computing[J]. Lecture Notes in Computer Science,2004,3093: 246-259.
[26]Richard A, Berrached A. Using fuzzy relation equations for adaptive access control in distributed system [C]. In:Proc. of the IFIP International Conference on Distributed Computing and Security, IFIP Press,2000:81-86.
[27]Sandhu R, Kumar R, Zhang XW. Secure information sharing enabled by trusted computing and P-E-I models[C]. In:Proc. of ACM Symposium on Information, Computer and Communication Security, ACM Press,2006:66-75.
[28]Zhang GS. SESAME:scalable, environment sensitive access management engine[J]. Journal of Cluster Computing,2006,9(1):19-27.
[29]Patroklos, Argyoudis G, Mahony D. An authorization management architecture for ubiquitous computing[J]. Lecture Notes in Computer Science,2004,3093: 246-259.
[30]Basu A, Robert W. Metagraphs and Their Applications[M]. Springer-Verlag New York, Secaucus, NJ, USA,2006.
[31]Lampson BW. Protection[J]. Operating System Rev.,1974,8(1):18-24.
[32]Department of Defense. Trusted computer system evaluation criteria (TESEC). Technical Report, DOD 5200.28-STD,1985.
[33]沈海波,洪帆.访问控制模型研究综述[J].计算机应用研究,2005,5(6):9-11.
[34]刘宏月,范九伦,马建峰.访问控制技术研究进展[J].小型微型计算机系统,2004,25(1):56-59.
[35]李晓峰,冯登国,徐震.一种通用访问控制管理模型[J].计算机研究与发展,2007,44(6):947-957.
[36]Harrison MA, Ruzzo WL, Ullman JD. Protection in operating systems[J]. Comm-unications of ACM,1976,19(8):461-471.
[37]Bell DE, Lapadula LJ. Secure Computer Systems:Mathematical Foundations[M], Vol.1. Bedford:The Mitre Corporation,1973.
[38]Ferraiolo D, Kuhn DR. Role-Based access control[C]. In:Proc. of the 15th National Computer Security Conf.1992,554-563.
[39]Sandhu R, Coyne EJ, Feinstein HL et al. Role-Based access control models[J]. IEEE Computer,1996,29(2):38-47.
[40]Sandhu R, Bhamidipati V, Munawer Q. The ARBAC97 model for role-based adm-inistration of roles[J]. ACM Trans. on Information and System Security (TISSEC),1999,2(1):105-135.
[41]Sandhu R, Munawer Q. The ARBAC99 model for administration of roles[C]. In: Proc. of the 15th Annual Computer SecurityApplications Conf. Washington:IEEE Computer Society,1999.229-238.
[42]Ferraiolo DF, Sandhu R, Gavrila S. Proposed NIST standard for role-based access control[J]. ACM Trans. on Information and Systems Security (TISSEC),2001, 4(3):224-274.
[43]Thomas RK, Sandhu RS. Task-Based authentication control (TBAC):A family of models for active an enterprise-oriented authentication management[C]. In:Proc. of the 1 lth IFIP Conf. on Database Security,California,1997,11-13.
[44]Oh S, Park S. Task-Role-Based access control model[J]. Information System,2003, 28(6):533-562.
[45]Oh S, Park S. Task-Role-Based access control model[J]. Information System,2003, 28(6):533-562.
[46]Park J, Sandhu R. Towards usage control models:Beyond traditional access control [C]. In:Proc. of the 7th ACM Symp. on Access Control Models and Tech-nologies,California,2002,57-64.
[47]Park J, Sandhu R. The UCONABC usage control model[J]. ACM Trans. on Infor-mation and System Security,2004,7(1):128-174.
[48]Sandhu R, Park J. Usage control:A vision for next generation access control[C]. In Proc. of the 2nd Int'1 Workshop on Mathematical Methods, Models and Arch-itectures for Computer Networks Security, LNCS 2776, Berlin:Springer-Verlag, 2003,17-31.
[49]Youna J, James BD. CRiBAC:Community-centric role interaction based access control model[J].Computers Security,2012,3(1):497-523.
[50]Zhang G, Parashar M. Context-aware dynamic access control for pervasive appli-cations[EB/OL], http://citeseer.ist.psu.edu/687356.html,2007.
[51]Park S, Han Y,Chung T.Context-Role Based Access Control for Context-Aware Application[C]. In:Proc of second internation conference, HPCC2006,Munich, Germany,2006.
[52]Damiani M, Bertino E, Catania B et al. GEO-RBAC:A spatially aware RBAC[J]. ACM Transactions on Information Systems and Security,2007,10(1):1-42.
[53]Hu J, Weaver AC. A dynamic context-aware security infrastructure fordistri-buted healthcare applications[C]. In:Proc of the 1st Workshop on Pervasive Privacy Security, Privacy and Trust, Boston,2004.
[54]Antonios G, Ioannis M. domRBAC:An access control model for modem collabor-ative systems[J]. Computers & Security,2012,31(4):540-556.
[55]石伟丞,谭良,周明天.具有特征判断能力的使用控制模型研究[J].计算机科学,2010,37(6):86-90.
[56]武海鹰.基于上下文的普适计算使用控制模型[J].计算机应用,2012,32(2):489-492.
[57]Wu J, Shimamoto S. Usage control based security access scheme for wireless sensor networks[C]. In:Proc. of the IEEE International Conference on the Comm-unications (ICC 2010), Cape Town, South Africa,2010.
[58]Hourdin V, Tigli J, Lavirotte S et al. Context-sensitive authorization in interaction patterns[C]. In:Proc. of the 6th International Conference on Mobile Technology, Application & Systems, Nice, France,2009.
[59]李小勇,桂小林.大规模分布式环境下动态信任模型研究[J].软件学报,2007,18(6):1510-1521.
[60]周炜.基于博弈论的普适计算信任模型的安全问题研究[D].中国海洋大学,2011.
[61]徐文拴,辛运帏,卢桂章.普适计算环境下信任机制的研究进展[J].计算机科学.2008,35(2):52-57.
[62]王益涵,陶莉,曹奇英.普适计算中信任模型的研究[J].计算机应用研究,2006,23(1):122-124.
[63]郭亚军,王亮,洪帆,等.基于信任的普适计算的动态授权模型[J].华中科技大学学报(自然科学版),2007,35(8):70-73.
[64]Chakraborty S, Ray I. TrustBAC-Integrating trust relationships into the RBAC-models for access control in open systems[C]. In:Proc. of 11th ACM Symposium on Access Control Models and Technologies, Lake Tahoe:ACM,2006:49-58.
[65]廖俊国,洪帆,朱更明,等.基于信任度的授权委托模型[J].计算机学报,2006,29(8):1265-1270.
[66]洪帆,郭亚军.资源限制信任协商[J].华中科技大学学报(自然科学版),2006,34(5):23-25.
[67]李明楚,杨彬,钟炜.基于反馈机制的网格动态授权新模型[J].计算机学报,2009,32(11):2187-2199.
[68]唐文,陈钟.基于模糊集合理论的主观信任管理模型研究[J].软件学报,2003,14(8):1401-1408.
[69]罗俊海,范明钰.基于置信度的MANETs主观信任管理模型[J].计算机研究与发展,2010,47(3):515-523.
[70]陈超,王汝传,张琳.一种基于开放式网络环境的模糊主观信任模型研究[J].电子学报,2010,38(11):2505-2509.
[71]张立臣,王小明.普适计算环境下基于信任度的模糊自适应访问控制模型[J].计算机应用研究,2009,26(1):311-313.
[72]Richard A, Berrached A. Using fuzzy relation equations for adaptive access control in distributed system[C]. In:Proc. of the IFIP International Conference on Distributed Computing and Security, IFIP Press,2000:81-86.
[73]Sergei Ovchinnikov. Fuzzy sets and secure computer systems[C]. In:Proc.of the IEEE Workshop on Computer and System Security, IEEE Press,2002:626-75.
[74]Zadeh LA. Fuzzy set [J]. Information and Control,1965,8(3):338-353.
[75]Zadeh LA. Fuzzy set and system[C]. In:Proc. of the symposium on system theory, New York,1965:29-39.
[76]Wang HF, Huang ZH. Top-down fuzzy decision making with partial preference information[J]. Fuzzy optimization and decision making,2002,1(2):161-176.
[77]Zhang S, He D. Fuzzy model for trust evaluation[J] Journal of Southwest Jiaotong University,2006,14(1):23-28.
[78]Nawarathna UH, Kodithuwakku SR. A Fuzzy Role Based Access Control Model for Database Security[C]. In:Proc. of the International Conference on Information and Automation, Colombo,2005:15-18.
[79]窦文阳,王小明.基于模糊逻辑的使用控制模型研究[J].微电子学与计算机,2007,24(11):116-119.
[80]Takabi, Amini, Jalili. Enhancing role-based access control model through fuzzy Relations [J]. Information Assurance and Security,2007:131-136.
[81]Hassan T, Amini M, Jalili R. Separation of duty in role-based access control model through fuzzy relations[C]. In:Proc. of the 3rd international symposium on infor-mation assurance and security,2007:125-130.
[82]Wang XM. Pervasive computing oriented interval-valued fuzzy access control [J]. Journal of Frontiers of Computer Science and Technology,2010,4(10):865-880.
[83]Ranganathan A, Al-Muhtadi J, Campbell R. Reasoning about uncertain contexts in pervasive computing environments[J]. IEEE Pervasive Computing,2004,3(2): 62-70.
[84]Minami K, Kotz D. Secure context-sensitive authorization[J]. Journal of Perva-sive and Mobile Computing,2005,1(1):26-52.
[85]刘家红,吴泉源.一个基于事件驱动的面向服务计算平台[J].计算机学报,2008,31(4):588-599.
[86]王小明,张立臣,窦文阳等.基于主动模糊规则的主动访问控制方法:中国,2009-10219221.7[P].2009-11-30.
[87]陈启浩.模糊值及其在模糊推理中的应用[M].北京:北京师范大学出版社,2000:31-55.
[88]王立新.模糊系统与模糊控制教程[M].北京:清华大学出版社,2003:73-80.
[89]裴道武.关于模糊逻辑与模糊推理逻辑基础问题的十年研究综述[J].工程数学学报,2004,21(2):249-258.
[90]王国俊.非经典数理逻辑与近似推理[M].北京:科学出版社,2000:110-123.
[91]吴新松,贺也平,周洲仪,梁洪亮.一个环境适应的基于角色的访问控制模型[J].计算机研究与发展,2011,48(6):983-990.
[92]林莉,怀进鹏,李先贤.基于属性的访问控制策略合成代数[J].软件学报,2009,20(2):403-414.
[93]Zhang LH, Gail JA, Bei TC. A Rule-Based Framework for Role-Based Delegation and Revocation[J]. ACM Transactions on Information and System Security,2003, 6(3):404-441.
[94]Hany FE, Miriam AC, David SA. Intelligent security and access control frame-work for service-oriented architecture[J]. Information and Software Technology, 2010,52(2):220-236.
[95]林闯,田源,姚敏.绿色网络和绿色评价:节能机制、模型和评价[J].计算机学报,2011,34(4):593-612.
[96]林闯,孔祥震,周寰.增强计算系统可信赖性:融合虚拟化和SOA[J].软件学报,2009,20(7):1986-2004.
[97]熊杰颖,冯军,牛新征等.基于PRBAC的Web访问控制的设计与实现[J].计算机应用,2004,24(1):42-44.
[98]Zhang LH, Gail JA, Bei TC. A Rule-Based Framework for Role-Based Delegation and Revocation[J]. ACM Transactions on Information and System Security,2003, 6(3):404-441.
[99]Hany FE, Miriam AC, David SA. Intelligent security and access control frame-work for service-oriented architecture [J]. Information and Software Technology, 2010,52(2):220-236.
[100]李晓聪,鞠时光,王益维.访问控制系统的规则集模型及其检测算法[J].计算机工程,2010,36(14):43-45.
[101]尹刚,王怀民,史殿习等.基于规则的受限委派框架[J].计算机学报,2007,30(9):1511-1519.
[102]汪应龙,胡金柱.一种基于规则的自动信任协商模型[J].计算机应用,2008,28(1):80-84.
[103]何新贵.模糊关系型数据库的数据模型[J].计算机学报,1989,2:120-126.
[104]魏延.主动模糊数据库中的事件与规则[J].重庆师范学院学报(自然科学版),2002,19(4):30-34.
[105]何新贵,唐常杰,李霖等.特种数据库技术[M].北京:科学出版社,2000.
[106]姜跃平,汪卫,施伯乐等.ECA规则的模型和行为特定理论[J].软件学报,1997,3(8):190-196.
[107]Simon E, Dittrich A K. Promises and realities of active database systems[J]. In: Proc. of 21st VLDB,1995,642-653.
[108]Jensen K. Coloured petri nets:Basic concepts, analysis methods and practical use[M]. Springer-Verlag, Berlin, Germany,1992.
[109]Aiken A,Widom J,Hellerstein J. Behavior of database productions rules:Termina-on, confluence and observable determinism[C]. In:Proc. of the 1992 ACM SIGMOD, San Diego, CA,1992,59-68.
[110]Aiken A, Hellerstein J, Widom J. Static analysis techniques for predicting the behavior of active database rules[J]. ACM Trans. Database Systems,1995,20(1): 3-41.
[111]郝忠孝,任超,赵龄强.含环触发图对应的主动规则集可终止性分析[J].计算机研究与发展,2005,42(12):2199-2205.
[112]左万利,刘居红,刘淑芬.关联图与主动规则集的终止性分析[J].软件学报,2001,12(2):276-282.
[113]Danilo M, Elisa B, Maria B. Refined rules termination analysis through transac-tions[J].Information Systems,2003,28(5):435-456.
[114]Jin Y, Susan DU, Suzanne WD. A concurrent rule scheduling algorithm for active rules[J]. Data & Knowledge Engineering,2007,60(3):530-546.
[115]郝忠孝,熊中敏.计算主动数据库中不可归约规则集的有效算法[J].计算机研究与发展,2006,43(2):281-287.
[116]Burcin BK,Adnan Y. A fuzzy petri net model for intelligent databases [J]. Data Knowledge Engineering,2006,35(8):219-247.
[117]Pankaj D, Suresh KJ. Fuzzy rule based system and metagraph for risk manage-ment in electronic banking activities [J]. International Journal of Engineering and Technology,2009,1(1):1793-8236.
[118]Tan ZH. Fuzzy metagraph and its combination with the indexing approach in rule-based systems[J]. IEEE Transactions on Knowledge and Data Engineering, 2006,18(6):829-841.
[119]Wang XM. A regular fuzzy tree grammar and its application[J]. Chinese Journal of Electronics,2007,16(2):193-197.
[120]Wen YZ, Hong XL. Relationship between similarity measure and entropy of interval valued fuzzy sets[J]. Fuzzy Sets and Systems,2006,157(6):1477-1484.
[121]Aiken A, Hellerstein JM,Widow JE.Static analysis techniques for predicting the behavir of active database rules[J]. ACM Transaction on Database System,1995, 20:3-40.
[122]Kim SK,Chakravarthy S. A confluent rule execution model for active database [R]. Technical Report UF-CIS-TR-95-032.Florida:University of Florida,1995,1-19.
[123]Jagadish HV,Mendelzon AO,Mumick IS. Managing conflicts between rules[C]. In: Proc. of PODS. Montreal Quebec,Canada,1996.
[124]Zhou Y, Hsu M. A theory for rule triggering systems[C]. In:Proc. Extending Database Technology(EDBI),1990,407-421.
[125]Baralis E,Widom J. Modularization techniques for active rules design[J]. ACM Transaction Database Systems,1996,21(1):1-29.
[126]蒋传来,郝忠孝.关于主动数据库的汇流性问题[J].哈尔滨理工大学学报,2004,9(2):73-75.
[127]刘泓漫.基于执行图的主动规则集汇流性判定[J].上海电机学院学报[J].2006,5(3):4-7.
[128]Gasquet O. On the influence of confluence in modal logics[J]. Fundamenta Infor-maticae,2006,70(3):227-250.
[129]杨泽雪.主动规则的汇流性分析[J].哈尔滨师范大学自然科学学报,2008,24(1):65-68.
[130]左万利,刘淑芬,王平等.具有最大并行度的合流性主动规则执行模型[J].小型微型计算机系统,2000,21(11):1150-1153.