| At present, the authorization systems in grid have the problem of static state that these systems don't provide feedback mechanism to feedback the use of permits by users. When a user or service which is creditable originally becomes unlikelihood, the authorization systems can't find this status in time to adjust the user's permits, so it is possible to destroy the grid system by malicious users. In fact, To build feedback mechanism in authorization and to adjust users' roles by their behavior dynamically are meaningful to the security of grid systems.This paper analyzed the characteristic of the authorization systems and trust models in grid, pointed out their shortcoming. This paper proposed feedback mechanism-based dynamic authorization model to solve static state of mechanisms in existence. This model improved on CAS, added trust degree account mechanism and feedback mechanism to CAS: Firstly, to implement trust degree account mechanism, this paper proposed a two-layer trust model based on behavior. This model proposed to distinguish important service and common service by using service weight, so it protected important service in grid and restrained the intent of improving trust degree by completing common service of malicious nodes time after time effectively; This paper used a new method to account trust degree between domains, solved the problem of dishonesty feedback. Secondly, by using two-layer trust model based on behavior to get the changes of trust degrees, feedback mechanism implemented to adjust users' roles by users' behavior. This paper described choice policy, service policy in the model, introduced the communication between modules, analyzed its security. At last, this paper designed a series of simulation such as validating the characteristic of new model, control to malicious nodes. These experiments validated the sensitivity, astringency, validity and rationality with behavior in the two-layer trust model based on behavior. |
PDF Full Text Request