| The rapid development of network and information technologies has created tremendous data and enhanced information sharing scope, and created tremendous possibilities for the interoperability between applications in distributed environment. Interoperability provides a means for distributed applications to share resources and services, which improves performance and resource utilization. However, current digital information environment has the propertities of the distributed,anonymous,isomerous and dynamic of resources and systems. The administration of users is no longer in centralized,enclosed,controllable manner. It enhances the difficulty of authorization management in distributed environment, and brings security hidden-trouble to resource provider, produces the creditability and uncertainty or risk problem.Trust Management is a mechanism that used to resolve this kind of problems. It provides a security decision-making framework suitable for opening and dynamic of application systems. It has become one of key techniques for Internet-based Electronic Commerce, distributed application, system security.Having analysis of challenge be confronted with trust management and the shorting coming of related work, pay much attention on such problems as dynamic of trust and risk, times constraint, as well as integrate risk factor and so on, and process in-depth study.Aiming at dynamic and uncertainty of inter-domain trust relation in multidomain environment, this dissertation using ant colony algorithm to depict inter-domain trust measure, establish a dynamic, changing by time and affair changing trust model for multidomain environment. In this model, the inter-domain trust is determined by time and inter-domain interoperation recording. Give the algorithm of computing inter-domain trust relation in real time for multidomain currently environment based ant colony algorithm. While the local trust degree is changed, the global trust relation can be adjusting in good time by this algorithm. Simulated experiment has verified the establish process and changing process of the inter-domain trust relation.Aiming at current trust management systems hasn't considered the trust degree of interoperate entities while delegate permission. This dissertation proposes a lightweight peer certificates, the identity in the lightweight certificates is used to identify peer's identity in distributed system, prevents malice peers enter into network environment and creat security threat. The role information in the lightweight certificates is used to denote the peer's privileges, the peer's trust degree reflexes the peer's trust degree in this network, it will be dynamic changed by peer's history access recording, the more the peer's normal access times, the higher the trust degree it has. Otherwise, reverse. Further more, the system can revoke the peers' certificates whose trust degrees are too low by the trust degree field in the certificates. This is an important symbol to distinguish good peer from malice peer. The illegality of the vicious peers can be kept down availably. Simulated experiment verifies the efficiency of this method is better than traditional trust management model. And can implement role based access control model by the certificate. And resolve the peer identity confirm and peer privilege control problem in distributed system.The distributed, autonomous, dynamic, and anonymity properties bring security risk for multidomain interoperation, in order to reduce this interoperation risk, regard risk and trust as two basic factors of access control mechanism, thereby proposes a risk and trust based multidomain interoperation model. Comparing with traditional role based access control model, this model has the main merits such as: dynamic adjust subject's access privilege by access affair's risk degree, privilege control is based on role assignment and task and access affair history recording. This method both convenient for privilege management, and enhance authorization control power. Security theory analysis shows that: risk based dynamic access control model can reduce information exchanging security hidden trouble in multidomain environment in extent, and enhancing security obviously.Aiming at dynamic property of trust and risk, this dissertation proposes a distributed dynamic trust evaluation mechanism. Trust is a dynamic process, it doesn't changeless while building and transmitting process. The dynamic property of trust is determined by entities' natural attributes in trust relation. It determines that trust relation is change by time varying and contextual change, this is the hardest challenge for trust evaluation and reliability prognosticates. In distributed system, by research on trust from consume entities to service provider, aim at information exchange activity, proposes an enhanced dynamic trust evaluation mechanism, to evaluate the service providers' trust changing process in exchanging information exchange. Using this mechanism to analysis the relation of risk and trust in multidomain environment, and proposes information exchanging risk computing algorithm for multidomain.
|
PDF Full Text Request