计算机科学 ›› 2015, Vol. 42 ›› Issue (Z6): 378-381.
李健利,邓潇,王艺谋,谢悦
LI Jian-li, DENG Xiao, WANG Yi-mou and XIE Yue
摘要: 自动信任协商是分布式环境中陌生结点建立信任的有效方法。协商过程中,协商结点既要隐藏自身敏感信息,又要相互暴露信息以增强彼此信任,这种矛盾的局面使得效率和安全成为研究者主要关注的问题。提出了一种新的协商模型,在传统模型的基础上加入了信任票证库和信任评估模块。其中,信任票证用于记录历史协商的信息,信任评估模块用于评估结点的相互信任等级。在协商时,首先判断双方是否存在直接可用的信任票证,若存在,则直接通过验证信任票证而省略数字证书的交换过程。反之,则利用票证中记录的协商双方的成功协商次数和失败协商次数,以此评估协商双方的信任等级。信任等级的提高降低了双方数字证书对对方的敏感性,进而减少了协商过程中访问控制策略和数字证书交换的次数,缩短了整个协商消耗的时间,从整体上提高了协商的效率。由在TrustBuilder2上的实验可知,提出的模型能有效地提高协商的效率,通过分析可知,利用记录的协商失败时间信息,可以有效地防止恶意结点对服务方的拒绝服务攻击,从而证明了该模型是高效安全的。
[1] Winsborough W H,Seamons K E,Jones V E.Automated trust negotiation[C]∥Proceedings DARPA Information Survivability Conference and Exposition,2000(DISCEX’00).IEEE,2000,1:88-102P [2] Winslett M.An introduction to trust negotiation[M]∥TrustManagement.Springer Berlin Heidelberg,2003:275-283 [3] Harrison M A,Ruzzo W L,Ullman J D.Protection in operating systems[J].Communications of the ACM,1976,19(8):461-471 [4] Bell D E,LaPadula L J.Secure computer systems:Mathematical foundations[R].Mitre Corp Bedford MA,1973 [5] Ferraiolo D,Kuhn D R,Chandramouli R.Role-based access control[M].Artech House,2003 [6] Sandhu R S,Coyne E J,Feinstein H L,et al.Role-based access control models[J].Computer,1996,29(2):38-47 [7] Blaze M,Feigenbaum J,Lacy J.Decentralized trust management[C]∥Proceedings.,1996 IEEE Symposium on Security and Privacy,1996.IEEE,1996:164-173 [8] Bertino E,Ferrari E,Squicciarini A C.Trust-𝒳;:a peer-to-peer framework for trust establishment[J].IEEE Transactions on Knowledge and Data Engineering,2004,16(7):827-842 [9] Liu B,Lu H.A peer-to-peer framework for accelerating trust establishment[C]∥International Conference on Multimedia Information Networking and Security,2009(MINES’09).IEEE,2009,1:135-139 [10] Liu B,Lu H,Zhao Y,et al.A Framework:Trust Establishment for E-services[C]∥International Conference on e-Education,e-Business,e-Management,and e-Learning,2010(IC4E’10).IEEE,2010:141-145 [11] Jianli L.Multi-negotiation targets in Automated Trust Negotiation over TrustBuilder framework[C]∥2012 8th International Conference on Computing Technology and Information Management(NCM and ICNIT).2012,1:101-105 [12] 廖振松.虚拟组织中自动信任协商研究[D].武汉:华中科技大学,2008 |
No related articles found! |
|