[1] David Ferraiolo, Richard Kuhn. (1992), “Role-Based Access Control”, In Proceedings of 15th NIST-NCSC National Computer Security Conference, October 1992.
[2] R. S. Sandhu, E. J. Coyne, H. L. Feinstein and C. E. Youman (1994), “Role-Based Access Control : A Multi-Dimensional View,” Proc. of 10th Annual Computer Security Applications Conf., Orlando, Florida, December 5-9, 1994.
[3] R. S. Sandhu and P. Samarati (1994), “Access Control: Principles and Practice,” IEEE Communication Magazine, Vol:32, Iss:9, 1994.
[4] Ravi S. Sandhu, Edward J. Coyne, Hal. L. Feinstein, and Charles E. Youman (1996), “Role-Based Access Control Models,” IEEE Computer, Vol.29, No.2, pp. 38-47, February 1996.
[5] R. S. Sandhu and J. S. Park (1998), “Decentralized User-Role Assignment for Web-based Intranets,” Proceedings of 3rd ACM Workshop on Role-Based Access Control, Fairfax, Virginia, October 22-23, 1998.
[6] R. S. Sandhu , David Ferraiolo and Richard Kuhn. (2000), “The NIST Model for Role-Based Access Control: Towards A Unified Standard,” Proceedings of the fifth ACM workshop on Role-Based Access Control ,July 2000.
[7] Sylvia Osborn, R. S. Sandhu and Qamar Munawer (2000), “Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies,” ACM Transactions on Information and System Security, Vol. 3, No. 2, pp. 85-106, May 2000.
[8] David. Ferraiolo, Ravi. Sandhu, Serban. Gavrila, Richard. Kuhn and Ramaswamy. Chandramouli (2001),“Proposed NIST Standard for Role-Based Access Control,” ACM Transactions on Information and System Security, Vol. 4, No. 3, pp. 224-274, 2001.
[9] Edgar Weippl (2001), “An Approach to Role-Based Access Control for Digital Content”Information Technology: Coding and Computing, 2001. Proceedings. International Conference on 2-4 April 2001, pp.209-294.
[10] Jaehong Park and Ravi S. Sandhu, (2002). “TowardsUsage Control Models: Beyond Traditional Access Control,” In Proc. of 7th ACM SACMAT 2002, 57-64, 2002.
[11] Andreas Schaad and Jonathan D. Moffett (2002) “A Lightweight Approach to Specification and Analysis of Role-based Access Control Extensions,” In Proc. of 7th ACM SACMAT 2002, pp13-22, 2002.
[12] 楊政學著 (2007),”實務專題製作-企業研究方法的實踐”,3th Edition,新文京開發出版。
[13] 李美華譯,Babbie,E. 著 (1998),”社會科學研究方法”,8th Edition,時英出版。
[14] Von Bertalanffy,L., (1968) General System Theory, New York: George Braziller.
[15] ISO/IEC 10181-3 (1996),Information technology-Open Systems Interconnection-Security Framework for Open Systems:Access Control Framework.
[16] 劉興華 (1999),"執行權管制系統的理論性架構設計",國立交通大學資訊管理研究所博士論文,1999。[17] 方仁威、熊鴻哲 (2009),"植基於RBAC安全機制應用於電子公文系統之研究",清雲科技大學2009資訊管理實務研討會論文集,2009。
[18] 林祝興、張真誠著 (2006),"電子商務安全技術與應用",旗標公司95年3月出版。
[19] Simson Garfinkel and Gene Spafford (1997) , "Web Security & Commerce" , O''Reilly & Associates Press , 1997.
[20] D.E. Denning (1982) , "Cryptography and Data Security", Addison Wesley, 1982.
[21] Bruce Schneier(1996), "Applied Cryptography ", John Wiley & Sons, Inc., 1996.
[22] 潘天佑著 (2008),"資訊安全概論與實務",碁峰資訊股份有限公司,2008年12月初版。
[23] Mark S.Merkow˙Jim Breithaupt 著、柳望君譯 (2006) ,"資訊安全",台灣培生教育出版有限公司,2006年10月初版。
[24] 林千代 (2003), "可攜性RBAC資訊系統架構之研究",朝陽科技大學資訊管理學系碩士論文,2003。[25] 林忠賢 (2003), "以角色基礎之數位權利管理模式之研究",世新大學資訊管理學系碩士論文,2003。[26] 陳星吏 (2003),"架構一個以角色為金鑰管理基礎的企業數位版權管理系統雛型",國立交通大學資訊管理研究所碩士論文,2003。[27] 方仁威、熊鴻哲 (2008),"以角色識能概念導入知識管理系統之研究",清雲科技大學2008企業經營管理實務研討會論文集,2008。
[28] M. Alavi and D. E. Leidner (1999), “Knowledge Management Systems: Emerging Views and Practices from the Field”, Processdings of the of the 32nd Hawaii International Conference on System Sciences-1999 (IEEE).
[29] M. Alavi and D. E. Leidner (2001), “Review:Knowledge Management and Knowledge Management Systems: Conceptual Foundation and Research Issues”, MISQ, Vol. 25, No. 1. pp. 107-135.
[30] C.K. Prahalad and G. Hamel (1990), “The Core Competence of the Corporation”, Harvard Business Review , pp. 79-91.
[31] T. H. Davenport (1994), “Saving IT''s Soul: Human-Centered Information Management”, Harvard Business Review, vol. 72, no. 2, pp. 119-131.
[32] P. S. Myers and R. W. Swanborg (1998), Packaging Knowledge , CIO Communication , 15-April. (Or James W. Cortada & John A.Woods , The Knowledge Management Yearbook 1999-2000, Butterworth-Heinemann, pp. 200-203).
[33] Sejong Oh and Seog Park (2003), “Task-Role-based Access Control Model,” Information Systems ,Vol. 28, No.6, pp. 533-562, 2003.
[34] Dirk Schwartmann (2004), “An Attributable Role-based Access Control for Healthcare,” Proceedings of International Conference on Computational Science ,LNCS 3039, pp. 1148-1155, 2004.
[35] R. S. Sandhu , Edward J. Coyne, Hal L. Feinstein and Charles E. Youman (1994), “Role-Based Access Control: A Multi-dimensional view,” In Proceedings of 10th Annual Computer Security Application Conference, pp. 54-62, 1994.
[36] Mohammad A. Al-Kahtani and Ravi Sandhu (2003), “Induced Role Hierarchies with Attribute-Based RBAC,” Proceedings of the 8th ACM Symposium on Access Control Models and Technologies Table of Contents, pp. 142-148, 2003.
[37] Axel Kern and Claudia Walhorn (2005), “Rule support for Role-Based Access Control,” Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, pp. 130-138, 2005.
[38] Baoyi Wang and Shaomin Zhang (2004), “The Research on Role-based Access Control Mechanism for Workflow Management System,” Proceedings of Grid and Cooperative Computing ,LNCS 3251, pp. 729-736, 2004.
[39] Feng Xu, Guoyuan Lin and Hao Huang, Li Xie (2004), “Role-based Access Control System for Web Services,” Proceedings of The 4th International Conference on Computer and Information Technology, pp. 357-362, 2004.
[40] 李宗澤 (2006),”以屬性為基礎的工作-角色指派模型之研究”,中華大學資訊管理學系碩士論文,2006。[41] 鍾聿光 (2006),”RBAC權限控管系統中登入管理之研究”,中原大學資訊工程學系碩士論文,2006。[42] 邱啟弘(2004),” RBAC權限控管系統中靜態責任分離機制之研究”,中原大學資訊工程學系碩士論文,2004。[43] 曾瑋展(2005),”以角色為主之權限控管系統中使用控制模組之研究與實作”,中原大學資訊工程學系碩士論文,2005。[44] 蔡昌學(2004),” RBAC權限控管系統中動態責任分離機制之研究”,中原大學資訊工程學系碩士論文,2004。[45] 劉義漢 (2002),” 以RBAC架構設計XML-based電子金融服務入口之存取權控管”,交通大學資訊管理學研究所碩士論文,2002。[46] 郭貞伶 (2006),”網際網路單一簽入系統結合RBAC授權機制之研究”,世新大學資訊管理學系碩士論文,2006。[47] 蔡政宇 (2008),”以角色為基支援跨網域之網頁應用程式授權方法設計”,南華大學資訊管理學系碩士論文,2008。[48] 邱裕翔 (2009),”多層次文件加密方法之研究”,淡江大學資訊管理學系碩士論文,2009。