1. Model-based risk assessment to improve enterprise security;Aagedal,2002

2. Role-based authorization constraints specification;Ahn;ACM Transactions on Information and System Security,2000

3. Operationally critical threat, asset, and vulnerability evaluation (octave);Alberts,1999

4. Reconfiguring role based access control policies using risk semantics;Aziz;Journal of High Speed Networks: Special Issue on Managing Security Policies, Modelling Verification and Configuration,2006

5. A trust-and-risk aware RBAC framework: tackling insider threat;Baracaldo,2012