[1] 劉敦仁,吳美玉,李旭登及黎尚青,網際網路病歷資訊之安全管理:角色存取控制機制之建置,醫療資訊雜誌第十一期,民國89年6月。
[2] 邱榮輝,PKI技術與應用發展,http://www.pki-pma.org.tw/。
[3] 劉興華,執行權管制系統的理論性架構設計,國立交通大學博士論文,民國88年。[4] 吳國禎,數位證書在電子商務安全之應用,國立交通大學資訊管理研究所,博士論文,民國87年。[5] 洪仲璽,網際網路安全與公開金鑰基礎建設,國立成功大學資訊工程學系。
[6] 黃景彰,資訊安全-電子商務之基礎,華泰文化事業公司,2001年。
[7] PKI小百科,亞洲公開金鑰基礎建設論壇-中華台北推動委員會, http://www.pki.org.tw/
[8] ITU Recommendation X.509, Information technology – Open systems interconnection –The Directory: Public-Key and attribute certificate frameworks, 2000/03, Telecommunication Standardization Sector or ITU.
[9] S. Farrell and R. Housley, “An Internet Attribute Certificate Profile for Authorization”, RFC 3281, April 2002.
[10] ETSI TR 102 044:”Electronic Signatures and Infrastructures (ESI); Requirements for role and attribute certificates”, December 2002.
[11] Zoltan Nochta, Peter Ebinger and Sebastian Abeck, ”PAMINA: A Certificate Based Privilege Management System”, Network and Distributed System Security Symposium Conference Proceedings, 2002.
[12] Rich Baker, Leon Gommans, Andrew Mcnab, Mardus Lorch, Lavanya Ramakrishnan, Krishna Sankar and Mary R.Thompson, “Conceptual Grid Authorization Framework and Classification”, May 15, 2003.
[13] Lorch, M., Adams, D. B., Kafura, D., Koneni, M. S. R, Rathi, A., Shah, S. , “The PRIMA System for Privilege Management,Authorization and Enforcement in Grid Environments”, Department of Computer Science, Virginia Tech, 2003.
[14] Rolf Oppliger, Gunther Pernul and Christine Strauss, “Using Attribute Certificates to Implement Role-based Authorization and Access Controls”.
[15] David W. Chadwick, Alexander Otenko, and Edward Ball,“Role-Based Access Control With X.509 Attribute Certificate”,IEEE Internet Computing, March•April,2003。.
[16] Ravi Sandhu, Edward Coyne, Hal Feinstein and Charles Youman, “Role-Based Access Control Models”, IEEE Computer, Volume 29, Number 2 / February 1996.
[17] David F. Ferraiolo, Ravi Sandhu, Serban Gavrila, D. Richard Kuhn and Ramaswamy Chandramouli ,“Proposed NIST Standard for Role-Based Access Control”, ACM Transactions on Information and Systems Security, Volume 4, Number 3 / August 2001.
[18] Chadwick, D.W., Otenko, A. “RBAC Policies in XML for X.509 Based Privilege Management” to be presented at IFIP SEC 2002, Egypt, May 2002
[19] Takeshi Imamura and Hiroshi Maruyama, “Mapping between ASN.1 and XML”, IEEE, 2001.
[20] Darren P Mundy, David Chadwick and Andrew Smith, “Comparing the Performance of Abstract Syntax Notation One(ASN.1) vs eXtensible Markup Language(XML)”, in proceedings of the Terena Networking Conference 2003, Zagreb, Croatia, 19-22nd May 2003.
[21] X. Orri and J.M. Mas, Octalis SA, ”SPKI-XML Certificate Structure”, 2001/9.
[22] Hoylen Sue, “XER – A Bridge between ASN.1 and XML”, DSTC Pty Ltd.
[23] ITU-T Recommendation X.693 │ISO/IEC 8825-4:2002, Information technology – ASN.1 encoding rules: XML encoding Rules (XER), 2002.
[24] John Larmouth, “The emergence of ASN.1 as an XML schema notation”, 2003.
[25] “A Brief Introduction to XACML”, http://www.oasis-open.org/, 2003.
[26] eXtensible Access Control Markrp Language(XACML) Version 1.1, http://www.oasis-open.org/, 2003.
[27] XACML Profile for Role Based Access Control, http://www.oasis-open.org /, 2004.
[28] “Sun’s XACML Implementation Programmer’s Guide for Version 1.1”, http://sunxacml.sourceforge.net/guide.html, Nov 5, 2003.