| In a global computing environment, principals (called as authorizor) need to autonomously make decisions about potential collaborators (called as requestor) in the absence of complete information about their behaviour. In such environment, no a central authority being trusted, not getting all information about requestors, being unknown with requestors, the outcome of granting requestors may be harmful, then results in trustworthiness and uncertainty or risk. Trust management can facilitate the required security decision making. It provides a security decision framework adaptive for open, distributed and dynamic applications.The researches on trust management focus on credential-based and evidence-based trust management. In credential-based trust management systems, trust relationship is achieved by credentials or credential chain which represent the propagation of trust between principals. If a credential chain is not discovered, the trust relationship does not exist and access cannot be granted. If the trust relationship exists, a principal is fully trust another principal without doubtly, revoking credentials will cancel trust relationship. Credential-based model has no consideration of risk or uncertainty and trust evolution, and does not consider trust as a subjective concept. Evidence-based trust management model has full consideration about subjectivity, uncertainty and evolution of trust. Evidence enables formation, evolution and exploitation of trust relationships based on the outcomes of past interactions. Most of evidence-based model evaluate trust level by probability method, no computing formula for initial trust value and trust value evolution, combining multi trust path using arithmetically averaging method and having no consideration of individual trust evaluation.This thesis combined credential-based and evidence-base together, proposed a trust management model which could grant access to having established trust relationship satisfying trust value requirement based on credential chain and manage trust lifecycle, i.e. the process of trust formation, trust evolution and trust exploitation. This model introduced risk or uncertainty, expressed trust value domain and trust information structure of principals, explained the relationship between trust and risk or uncertainty by trust decision-making rule, made some investigation about risk.The main research contents of this thesis are as follows:(1) A trust management model combined credential-based and evidence-based together, trust information structure, trust value domain representation and trust...
|
PDF Full Text Request