1. Information Systems Security Association, Inc. CISSP Review Course 2002, Domain 1, "Access Control Systems and Methodology." PowerPoint presentation given on August 10, 1999 , slide 3.
2. U.S. Department of Commerce. Special Publication 800-12, "An Introduction to Computer Security: The NIST Handbook," undated, Chapter 17, p. 204.
3. National Computer Security Center publication NCSC-TG-003, "A Guide to Understanding Discretionary Access Control in Trusted Systems," September 30, 1987 .
4. Ferraiolo, D. F. et al. "Proposed NIST Standard for Role-Based Access Control," Gaithersburg, MD: NIST, 2002 .
5. See note 2.
6. Data obtained from public Web site of @stake, Inc., at http://www.atstake.com/research/lc/index.html .
7. Shimonski, Rob. "Hacking Techniques: Introduction to Password Cracking," July 2002 , http://www.-106.ibm.com/developerworks/security/library/s-crack .