[1]Hardt D.The OAuth 2.0 authorization framework(draftietfoatuthv231)[EB/OL]. [20120801].https://tools.ietf.org/id/draftieft.org/id/draftietfoauthv231.html.
[2]Pai S, Sharma Y, Kumar S, et al. Formal verification of OAuth 2.0 using Alloy framework[C]∥Proc of 2011 International Conference on Communication Systems and Network Technologies (CSNT),2011:655659.
[3]Sun SanTsai. Simple but not secure:An empirical security analysis of OAuth2.0based single signon systems[D]. Vancouver:University of British Columbia,2012.
[4]Chen Wei,Yang Yitong,Niu Leyuan. Improved OAuth2.0 protocol and analysis of its security[J]. Computer Systems & Applications,2014,23(3):2530.(in Chinese)
[5]Wang Huanxiao,Gu Chunxiang,Zheng Yonghui. Formal security analysis of OAuth 2.0 authorization protocol[J]. Journal of Information Engineering University ,2014,15(2):141147.(in Chinese)
[6]Yu Peng,Wei Ou,Han Lansheng,et al. Model checking network transmission intervention policies[J]. Journal of Frontiers of Computer Science and Technology,2014,8(8):906918.(in Chinese)
[7]Xiao M H,Ma C L,Deng C Y,et al. A novel approach to automatic security protocol analysis based on authentication event logic[J].Chinese Journal of Electronics,2014,23(2):235241.
[8]Holzmann G J. The model checker SPIN[J]. IEEE Transactions on Software Engineering,1997,23(5):279295.
[9]Hu Liangwen,Ma Jinjing,Sun Bo. SPINbased verification framework for SysML activity diagram[J]. Journal of Frontiers of Computer Science and Technology,2014,8(7):836847.(in Chinese)
[10]Maggi P,Sisto R. Using SPIN to verify security properties of cryptographic protocols[C]∥Proc of the 9th International SPIN Workshop Grenoble,2002:187204.
[11]Dolev D,Yao A C. On the security of public key protocols[J]. IEEE Transactions on Information Theory,1983,29(2):198208.
[12]Hou Gang,Zhou Kuanjiu,Yong Jiawei,et al. Survey of state explosion problem in model checking[J]. Computer Science, 2013,40(z1):77 85.(in Chinese)
[13]Jamal B,Mohamed ElM,Hongyang Q,et al. Communicative commitments:Model checking and complexity analysis[J]. KnowledgeBased Systems, 2012,35:2134.
[14]Yang Yuanyuan, Ma Wenping,Liu Weibo. The construction of changeable intruder model in model checking [J]. Journal of Beijing University of Posts and Telecommunications, 2011,34(2):5457.(in Chinese)
[15]Li Xingfeng,Zhang Xinchang,Yang Meihong,et al. Study on modularized model checking method based on SPIN [J]. Journal of Electronics & Information Technology, 2011,33(4):902907.(in Chinese)
[16]Xiao Meihua,Xue Jinyun. Formal description of properties of concurrency system by temporal logic [J]. Journal of Naval University of Engineering,2004,16(5):1013.(in Chinese)
[17]Salamah S,Ochoa O,Jacquez Y. Using pairwise testing to verify automaticallygenerated formal specifications[C]∥Proc of 2015 IEEE 16th International Symposium on High Assurance Systems Engineering (HASE),2015:279280.
附中文参考文献:
[4]陈伟,杨伊彤,牛乐园.改进的OAuth2.0协议及其安全性分析[J]. 计算机系统应用,2014,23(3):2530.
[5]王焕孝,顾纯祥,郑永辉. 开放授权协议OAuth2.0的安全性形式化分析[J].信息工程大学报,2014,15(2):141147.
[6]余鹏,魏欧,韩兰胜,等.模型检测网络传播干预策略[J].计算机科学与探索,2014,8(8):906918.
[9]胡良文,马金晶,孙博. 基于SPIN的SysML活动图验证框架[J]. 计算机科学与探索,2014,8(7):836847.
[12]侯刚,周宽久,勇嘉伟,等. 模型检测中状态爆炸问题研究综述[J].计算机科学, 2013,40(z1):7785.
[14]杨元原,马文平,刘维博. 模型检测中可变攻击者模型的构造[J].北京邮电大学学报,2011,34(2):5457.
[15]李兴锋,张新常,杨美红,等. 基于SPIN的模块化模型检测方法研究[J]. 电子与信息学报,2011,33(4):902907.
[16]肖美华,薛锦云. 时态逻辑形式化描述并发系统性质[J].海军工程大学学报,2004,16(5):1013. |