近年來因為企業或組織紛紛採用角色導向存取控制模型，以滿足最小權限原則與分工原則。最小權限原則讓每個人都只有完成工作所需要的最小權限，以避免人員擁有過高的權限；而分工原則讓關鍵的工作必須要有兩人或兩人以上共同參與，以避免舞弊或是人為疏失的發生。而角色導向存取控制模型因為可以只給每個使用者完成工作所需要的最小權限，而滿足最小權限原則，並且透過設定互斥角色，以滿足分工原則。
為了協助企業或組織建立基於角色導向的權限，許多研究者提出了角色工程的方法。然而，目前角色工程方法往往欠缺一個系統化的方式，來幫助使用者去產生符合組織作業情境的角色與權限，因而需要花上大量人力來設計權限。雖然目前可透過角色探勘的方式來產生角色與權限，然而自動化產生的角色往往無法反映作業流程之狀況。有鑑於此，本研究提出使用資訊資產價值作為建立互斥角色的方法，能夠在改良式的流程圖當中標示出存取資訊資產的地點與存取者機密等級，而在資訊資產在從較高機密等級的地方流到較低機密等級的地方，或是會被較低機密等級的人取得時，就需要建立互斥角色以管控資訊的流動，因而降低資訊資產被誤用的可能。

Current organizations usually adopt role-based access control (RBAC) model to determine their access control policies to satisfy the least privilege principle and separation of duties principle. Generally, the least privilege principle requests that organizations only allow people to access information assets necessary for their jobs. The separation of duties principle requests organizations to make sure that more than two people engage in critical jobs. Because of the nature of RBAC, organizations can create a set of access control policies complied with the least privilege and separation of duties principles easily.
To help organizations determine access control policies based on RBAC model, several researchers have proposed role engineering tools and approaches. However, current automatic tools usually do not consider context information of resource usage. Therefore, people may have trouble understanding the generated access control policies. Otherwise, organizations may need to hire a large number of people to determine access control policies manually. In light of this, this research propose to support current role engineering approaches by identifying conflicted roles based on scenarios to access information assets. If operations lead to information assets flow from higher confidential level places to lower confidential level places, organizations should assign conflicted roles of people to perform the operations. Therefore, the possibilities of unauthorized access can be reduced.

[1]羅英嘉，（2008），CISSP與資訊安全基礎技術，台北，資策會。
[2]吳倩萍，（2006），政府機關個人資訊安全認知與行為之探討，國立臺北大學公共行政暨政策學系碩士論文。
[3] Computer Security Institute (CSI). The 15th 2010/2011 Computer Crime and Security Survey. CSI Survey, 2011.
[4] R. Sandhu and P. Samarati. Access Control: Principles and Practice. IEEE Communications Magazine, Sep, pp. 40-48, 1994.
[5] Shon Harris. CISSP All-in-one Exam Guide 6th Edition. McGraw-Hill Osborne Media, 2012.
[6] M. Schumacher. (2003). Security Engineering with Patterns, LNCS 2754.
[7] M. Schumacher, E. Fernandez-Buglioni, D. Hybertson, F. Buschmann, P. Sommerlad. (2006). Security Patterns: Integrating Security And Systems Engineering. Baker & Taylor Books.
[8] J. Yoder and J. Barcalow. (1997) Architectural Patterns for Enabling Application Security. In Proceedings of PLoP '97.
[9] ISO/IEC. Information technology - security techniques - information security management systems - requirements. ISO/IEC 27001:2005 International Standard, 2005.
[10] ISO/IEC. Information technology - security techniques - information security management systems - Code of practice for information security management. ISO/IEC 27002:2005 International Standard, 2005.
[11] 查士朝，角色導向存取控制模型的簡介及挑戰，網路資訊雜誌，2006 年 12 月資訊安全增刊
[12] Bill Parducci, Hal Lockhart, and Rich Levinson. eXtensible Access Control Markup Language (XACML) Version 3.0. OASIS Committee Specification 01, http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cs-01-en.pdf, 2010.
[13] T. Barton, J. Basney, T. Freeman, T. Scavo, F. Siebenlist, V. Welch, R. Ananthakrishnan, B. Baker, M. Goode, and K. Keahey. Identity federation and attribute-based authorization through the globus toolkit, shibboleth, gridshib, and myproxy," Proceedings of the 5th Annual PKI R&D Workshop, 2006.
[14] S. Farrell and R. Housley. An internet attribute certificate profile for authorization. RFC 3281, April 2002.
[15] United States Department of Defense. Trusted Computer System Evaluation Criteria. DoD Standard 5200.28-STD. 1985.
[16] Dorothy E. Denning. A lattice model of secure information flow. Communications of the ACM, Volume 19 Issue 5, May 1976.
[17] R. W. Baldwin. Naming and Grouping Privileges to Simplify Security Management in Large Database. In Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy, April 1990, pp. 184-194.
[18] D. J. Thomsen. Role-based Application Design and Enforcement. In Database Security, Ⅳ: Status and Prospects, 1991, pp. 151-168.
[19] D. Ferraiolo and D. R. Kuhn. Role-based Access Control. In Proceedings of the NIST-NSA National Computer Security Conference, 1992, pp. 554-563.
[20] R. Sandhu et al.. Role-based Access Control Models. IEEE Computer, Vol. 29, No. 2, Feb, 1996.
[21] National Institute of Standards and Technology. Proposed Standard for Role-based Access Control. http://csrc.nist.gov/rbac/rbacSTD-ACM.pdf.
[22] G. Neumann and M. Strembeck. A Scenario-Driven Role Engineering Process for Functional RBAC Roles. Proceedings of the 7th ACM Symposium on Access Control Models and Technologies (SACMAT 2002), Monterey, CA, June 3–4, 2002, pp. 33–42.
[23] Gail-Joon Ahn and R. Sandhu. Role-based authorization constraints specification. ACM Transactions on Information and System Security, Vol. 3, No. 4, pp. 207-226.,November 2000.
[24] L. Zhang, G. Ahn, and B. Chu. A rule-based framework for role-based delegation and revocation. ACM Trans. Inf. Syst. Secur, Vol. 6, No 3, pp. 404-441, 2003.
[25] E. Bertino, P. A. Bonatti, and E. Ferrari. TRBAC: A temporal role-based access control model. ACM Trans. Inf. Syst. Secur., Vol. 4, No. 3, pp. 191-233, 2001.
[26] J. B. Joshi, B. Shafiq, A. Ghafoor, and E. Bertino. Dependencies and separation of duty constraints in GTRBAC. In Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies, Como, Italy, pp. 51-64, 2003.
[27] E. Coyne, R. Kuhn, T. Weil. Adding Attributes to Role-Based Access Control. IEEE Computer (June) 43 (6), 2010.
[28] E.J. Coyne. Role-Engineering. Proc. ACM Workshop Role-Based Access Control (RBAC' 95), pp. 15-16, 1995.
[29] Edward J. Coyne and John M. Davis. Role Engineering for Enterprise Security Management. Artech House, 2008.
[30] Edward J. Coyne, Timothy R. Weil, Rick Kuhn. Role Engineering: Methods and Standards. IEEE IT Professional November/December, 2011.
[31] Radu Constantinescu. V-Model Role Engineering. Informatica Economică vol. 13, no. 1, 2009.
[32] Anne Baumgrass, Mark Strembeck, and Stefanie Rinderle-Ma. Deriving role engineering artifacts from business processes and scenario models. In SACMAT '11: Proceedings of the 16th ACM symposium on Access control models and technologies, 2011.
[33] M. Kuhlmann, D. Shohat, and G. Schimpf. Role Mining—Revealing Business Roles for Security Administration Using Data Mining Technology,” Proc. Eighth ACM Symp. Access Control Models and Technologies (SACMAT '03), pp. 179-186, 2003.
[34] Dana Zhang, Kotagiri Ramamohanarao, and Tim Ebringer. Role Engineering using Graph Optimization. In Proceedings of ACM SACMAT' 07, June 20-22, 2007, Sophia Antipolis, France.
[35] I. Molloy, N. Li, T. Li, Z. Mao, Q. Wang, and J. Lobo. Evaluating Role Mining Algorithms. In Proc. 14th ACM Symp. Access Control Models and Technologies (SACMAT ’09), pp. 95-104, 2009.
[36] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, and Nino Vincenzo Verde. Visual Role Mining: A Picture Is Worth a Thousand Roles. IEEE Transactions on Knowledge and Data Engineering , Volume 24 Issue 6, 2012.
[37] Shon Harris. CISSP All-in-one Exam Guide 6th Edition. McGraw-Hill Osborne Media, 2012.
[38] ISO/IEC. Information technology -- Security techniques -- Information security risk management. ISO/IEC 27005:2008, 2008.
[39] Paul Harmon. Business Process Change: A Guide for Business Managers and BPM and Six Sigma Professionals. Morgan Kaufmann Publishers, 2007.