Study On Fuzzy Trust Model And National PKI System

With the rapid development of Internet's application, the network has already become people's necessary tool in the information ages;the information security has also become the focus to which people pay attention. At present, in the open style network, PKI is the most feasible and effective technology, which safeguards security of the network and information system;it can facilitate people secret communication with anybody at anytime and anywhere;it lays the foundation on which electronic commerce and electronic government widely carry out;and it is also basic guarantee for new service and product based on the network application safely develops.As the secure infrastructure of information society, PKI's core is solving trust, guarantying the uniqueness, the authenticity and the validity of action entity (including organization and individual) of each economical, military and administrative, and protecting interests of each entity in the network and the information system. At present, our country has already established dozens of CA, but each CA is independent of each other, has become "isolated island of trust", and has caused to lack "inter-operability" between various certificates, which has seriously hindered development of PKI.In the open style network, because the trust relationships between various entities are dynamically changing, the valuation of trust relationship involves to a lot of contents: collecting information that the coordination relationships between various entities and the trust valuation needs, the valuation and the standard of trust relationships, monitoring and reevaluating the trust relationships which has existed, and so on. But each existed trust system lacks in the mechanism that monitors and reevaluates the trust relationships. Therefore, establishing a reliable trust management model is the key task that the PKI system should solve in the open style network. But trust between various entities (i.e., subjective trust) shows the characteristics of subjectivity, fuzziness and the dynamics, which are unable to precisely describe and confirm subjective trust. Therefore, we must seek a new solution to quantitatively describe trust relationships between entities.In order to solve the above problems having mentioned, this paper mainly researches the following contents:(1) In order to solve the subjectivity and the fuzziness of trust relationships between entities, this paper studies trust management model and the mathematical model of fuzzy synthetic appraisal based on the fuzzy set theory, which have solved how to create the fuzzy trust model and the appraisal of subjective trust vector(degree) between various entities.(2) In order to solve security of interactive information between entities, this paper proposes an agent-based subjective trust coordination model. This model regards some operations between entities as a coordination process, namely trust relationships between entities are a trust coordination process.(3) In order to solve the basis of trust valuation, this paper proposes a dynamic definition mechanism of trust class based on fuzzy clustering.(4) On the base of the fuzzy trust model, agent-based subjective trust coordination model and dynamic definition mechanism of trust class based on fuzzy clustering, this paper proposes a trust valuation model based on the subjective trust coordination, produces rationally the concrete formula of direct trust valuation and recommendation trust valuation, and discusses the other correlation solutions, which have solved the valuation of subjective trust.(5) In order to solve the dynamics and the fuzziness of subjective trust, this paper proposes the model of fuzzy autonomous trust establishment based on the open network. Trust establishment strategy, the mechanism and condition of establishing a fully trusted network are studied in this paper. The fuzziness and the dynamics of subjective trust is solved, and analyzes and confirms theoretically the feasibility and rationality of model of fuzzy autonomous trust establishment.(6) By the aid of the fuzzy trust model, a trust valuation model based on the subjective trust coordination, the model of fuzzy autonomous trust establishment, and the specific request of constructing national PKI system, this paper proposes a national PKI system of secure authentication. The frame construction of national PKI system, the concrete designs and workflow of national cross certification of BCA are produced.(7) The popularity of using PKI is taken as a major goal that we study, the realization mechanism of a PnP-PKI (Plug-and-Play-PKI) is analyzed and studied in this paper. The PnP-PKI proposed in this paper enlightens a new way for the popularity of using PKI.