Dynamic accesses control method based on trust model
Technical field
The present invention a kind ofly carries out the solution of trust evaluation to trusted entities under the open grid environment, and be mainly used in and solve the problem how user filters out trusted node in the grid, and then the submission task.Belong to Distributed Calculation safe practice field.
Background technology
Grid computing has developed into a key areas of computer industry, the difference of this field and Distributed Calculation is, grid computing concentrates on resource-sharing and collaborative work and high performance location more, is devoted to solve the problem of relevant resource-sharing between a plurality of individualities or the tissue.The appearance of grid computing and rise, make software systems just from towards sealing, know well user group and relative static form to the addressable and transformation of service mode highly dynamically that open more, public.This transformation makes that the safety analysis of computing system is complicated, while is owing to the extensive property of grid computing environment, isomerism, distributivity, characteristics such as dynamic and opening, traditional safe practice or measure can not well satisfy the needs of grid application.Safe practice and means based on the traditional software system configuration, especially safety certification and licensing scheme, as Access Control List (ACL) (Access ControlList is called for short ACL), some traditional public key certificate systems etc., no longer be applicable to solve the grid computing safety problem.
Traditional certificate system based on public key cryptosyst, as X.509, PGP etc., can not satisfy the demand of grid computing safety well:
(1) authentication center only assures individual marking in general sense, do not go to confirm individual ability or give its authority, just just user's identity is differentiated, and and do not know that whether this user has the ability or authority is operated, this can't guarantee the fail safe of system equally;
(2) rely on authentication center fully, the oneself who has weakened individual trusts, and the authentication center in blindly trusting on a large scale then often can't solve the conflict of interest between individuality;
(3) be difficult to the centralized maintenance certificate revocation list, certificate is abused probably.In addition, rely on individual public key certificate system of carrying out authentication and recommendation,, do not have concentrated trust agent, be applicable to a fairly large user group it is difficult to though have very big flexibility.
Therefore, people press for by the security strategy of grid computing is carried out the research of specialized system, propose a kind of brand-new can adaptive mess calculating etc. the security model of open network environment, and new method and thinking are proposed at the new demand of grid computing.1996, the artificial safety problem that solves the service of Internet network such as M.Blaze has been used the notion of " trust management (trust management) " first, its basic thought is to recognize that the imperfection of security information in the open system, and the security decision of system need rely on the trust third party that additional security information is provided.Trust management is with in the conventional security research, and especially implicit trust concept extraction comes out in the security certificate Mechanism Study, and is studied as the center, for the safety problem that solves application form new in the grid computing environment provides new thinking.Meanwhile, scholars such as A.Adul-Rahman are the notion from trusting then, divides trusting content and trusting degree, and is used for trust evaluation from the subjectivity of the trusting Mathematical Modeling that provides trust of starting with." trust (Trust) ", also can be referred to as " trust and rely property (Trustworthiness) ", be meant a kind of ability that can attentively cause in the legal expectation of finishing other people, trust is the part of morals, also is the crucial precondition of any social being.The authentication mechanism of trusted domain supplementary biography system, traditional authentication is mainly used in the proof identity, illustrate that the entity that has this certificate or token is a legal entity, and this is not equal to (having the ability to carry out fraud can not occur in mutual and the reciprocal process) that this entity of explanation is exactly a trust.But trusting with authentication model is closely to link to each other, and for general reciprocal process, carries out authentication usually earlier, passes judgment on mutual the other side's degree of belief again in conjunction with trust model, authorizes for the other side accordingly according to the other side's trusting degree then.This trusting relationship that is similar in the community network can be good at adapting to open network environment, and the trust model of research network gridding computation environment has become the focus of grid security research.
The proposition of " trust " notion has caused the very big interest of academia and business circles, and in academia, the numerous and confused research that launches trust model of people has proposed various trust models, wherein influence is bigger have two classes: BBK-Scheme and
Trust model.
Summary of the invention
Technical problem: the objective of the invention is to propose a kind of dynamic accesses control method based on trust model, solution is under grid computing environment, the cooperative cooperating of the grid entity in grid user and this Virtual Organization and the inter-entity of other Virtual Organization, the fail safe and the dynamic problem of shared resource make up the Security Architecture of in the grid computing environment user being authorized.Utilize trust model and trust evaluation controlling mechanism that resource provider in the grid community and Resource consumers are implemented safeguard protection and it is submitted to the quality assurance of task.
Technical scheme: method of the present invention is a method that can extensively be suitable for and have in the open network environments such as high efficiency grid.Come trust model the design studies grid computing environment from the angle of the history window of using recommendation trust, calculate the degree of belief of entity according to the trust model algorithm, and then when entity during as the resource node in the grid Virtual Organization, organize authorization service mechanism dynamically to be its scheduling and distribution subtask, and its implementation is monitored according to entity trust degree.Its target is to solve how to filter out the resource node that meets the grid user requirement, finishes the job task problem that the user submits to.
Provide the several notions in this model below:
Trust (Trust): be assessment the confidence level of an entity identities and behavior, relevant with reliability, sincerity and the performance of this entity, trust is a subjective concept, depends on experience, we represent the height of reliability rating with trust value, and trust value is dynamic change with the behavior of entity.
Directly trust (Direct Trust): being meant once had directly transaction between two entities, set up a kind of direct trusting relationship between them, and trust value derives from the direct experience that the transaction situation according to both sides draws.
Recommendation trust (Recommended Trust): be meant and do not carry out directly transaction between two entities, but a kind of trusting relationship of setting up according to the recommendation of other entities that the trust value between them is the result that the assessment according to other entities draws.
Directly trust and recommendation trust such as Fig. 4 show.
Autonomous territory (Autonomous Domain): grid is divided into several independently autonomous territories, and each autonomous territory comprises the plurality of grids entity, and management strategy, the security strategy of oneself arranged, and connects by network between the autonomous territory
Trust model algorithm (Algorithm of Trust Model): the evaluation feedback that entity obtains is carried out the employed algorithm of statistical computation.
Estimate main body (Subject of Evaluation): promptly needing other entities are carried out the entity that degree of belief is estimated, also is the user of trust model.
Estimate object (Object of Evaluation): promptly estimate main body and prepare to carry out the evaluation object that degree of belief is estimated, estimating object n is n evaluation object.
Dynamic accesses control method based on trust model of the present invention is that trust model is applied in the access control mechanisms, utilizes the problem of trust model solution dynamic assignment grid user submit job, and is specific as follows:
One, architecture
Fig. 2 is the autonomous domain model dendrogram of the grid of certain user subject, and this dendrogram is divided into 4 layers, and practical structure is more than this routine complexity, and cycle represents the height set.The user be in ground floor be tree root (cycle=1) by that analogy, be cotyledon up to cycle=4.Come for oneself provides service if the user wants to find in the grid all to meet the resource node that oneself requires, then will travel through one by one as destination node, filter out enabled node then with all nodes.
In order to filter out the reliable resource node that meets customer requirements more accurately, this model has been introduced Several Parameters, they are: bang path limit for length, recommendation factor limit, direct trust weight value, recommendation trust weighted value, confidence level limit value, sizes of history window provide specific description below:
Bang path limit for length: when an entity need be known the trust value of another entity in he is to the territory, if two entities have direct trusting relationship then directly to adopt this trust value, if there is not direct trusting relationship, then seek the nominator one by one up to the trust value that finds the entity acquisition recommendation of direct trusting relationship is arranged with it by the height of recommendation grade, according to the community network experience, when trust link long more, the final recommendation trust that then obtains is unreliable more, the recommendation trust value of recommended node all is 0.9 in the middle of supposing, after then recommending through 8 times, the link recommendation value that obtains is 0.9
8=0.43, such recommendation just is difficult to make the requestor believe final result, thereby need limit linkage length.The bang path limit for length of this model sent server to by the user before submit job.
Recommend the factor (limit value): do not have under the contacted prerequisite mutual both sides, entity all tends to use some intermediate entities of oneself relatively trusting to pass judgment on mutual the other side as the nominator, these nominators' recommendation ability can represent that then popularity (Reputation) is defined as an entity can be exercised ability, honesty and the reliability of recommendation activities to another entity a kind of subjective the judge by their popularity.The size of popularity recommends the factor big more, then easy more gaining credit with recommending factor representation usually.Over a period to come, the recommendation factor of entity is presented as metastable usually, thereby can represent by enough mathematical formulaes.
We use Trust
a(b) represent the trust value of a to b, dir
a(b) expression a is to the direct trust value of b, rec
x(y) be the recommendation factor of x to y, the trusting degree of the recommendation information that expression x provides y, wherein y is the nominator of x.
Because recommending factor value is between [0,1], and is related to the final trust value of a to b,, filter out resource node trusty so recommend the factor should satisfy the final trusted entities that certain limit value just can reach customer requirements.
Direct trust weight value (recommendation trust weighted value): in our model, each grid entity is abstracted into a grid node.Each node maintenance trusting relationship table has comprised all the territory interior nodes contacted directly had taken place with it in the table, also comprised his all recommended nodes.We may arrive by a more than paths when the ferret out node, in these paths, there is direct trust path that the recommendation trust path is also arranged, but being user subject, final result a trust value to be arranged to destination node, this merges these paths with regard to direct trust weight value of needs and recommendation trust weighted value, obtains the final trust value of a node.
M represents direct trust weight value, dir
a(b) expression a is to the direct trust value of b, and N represents the recommendation trust weighted value, and i represents i bar recommendation paths, rec
x(y) be the recommendation factor of x to y.
The confidence level limit value: the assessment entity needs it is assessed and screens after the final trust that obtains for evaluation object.The method that this system adopts is to set a confidence level limit value t. for the trust that obtains through union operation for the entity that will finish the work each time
If
Then entity thinks that evaluation object meets collaborative demand, can participate in collaborative activities; Otherwise entity will be refused evaluation object and work in coordination with.Confidence level limit value size has reflected the strict degree of user for the credible demand of collaboration objects.In Internet software collaboration environment, software entity must have the ability of perception environment and the ability that co-operation is made an appraisal.When a software entity is crossed low being on the hazard owing to the confidence level limit value, must in time improve limit value; Otherwise if limit value is too high, software entity has been refused the collaborative request of most of entity, then should corresponding downward modulation limit value, and make legal collaborative requestor can call service as much as possible.The size of t value and software entity participate in collaborative wish and are inversely proportional to.T is more little, and the easy more participation of entity is collaborative, and its credible guarantee is low more simultaneously; Vice versa.Choosing suitable limit value is one of key factor of software entity operate as normal.Limit value is relevant with concrete application, need be determined on a case-by-case basis.
Sizes of history window: upgrade recommendation trust, can not only depend on the information that the nominator is provided in current collaborative activities, the nominator is carried out the historical information of recommendation activities and also should be used.Different historical informations is different for the influence that the recommendation trust renewal process is produced, the near more influence that historical information produced should be big more, this model uses sliding window to simulate this process. and entity writes down that it provides the situation of recommendation information in nearest n the ω class cooperating process, the principle of employing FIFO first in first out for each nominator among certain class cooperating process ω introduces a sliding window.As Fig. 5, the weights that native system is got each window are respectively
Two, method flow
This method applies to trust model in the access control mechanisms, utilizes the trust evaluation model to solve how to filter out the resource node that meets the grid user requirement, finishes the job task problem that the user submits to, and is specific as follows:
Step 1). the client at first generates a local certificate to be signed and issued in this locality, submit certificate to authentication center then, and request is authorized;
Step 2). authentication center judges that the client has lack of competence visit gridding resource, if have authority then authentication center sign the local certificate of sending from client with its private key, if client's lack of competence authentication center then refuses to be its private key signature, and judged result is returned to the user;
Step 3). after the client receives the certificate of having signed and issued, register, and additional own digital certificate is to server to this autonomous domain server;
Step 4). autonomous domain server checking digital certificate, by after Customer ID and password can be kept in the service database of autonomous territory, the client just becomes grid user;
Step 5). when grid user has task to submit to, land autonomous domain server earlier;
Step 6). single sign-on, avoid the user when the cross-domain services request, to land other autonomous domain servers once more;
Step 7). the user submits the trust requirement to the gridding resource node to, comprises weighted value, recommendation factor limit, the trust degree limit value of reliability rating, history window, bang path limit for length, the weighted value of directly trusting, recommendation trust;
Step 8). above-mentioned parameter being submitted to autonomous territory service database, opening the trust record of this user node in database, is target with all resource nodes of autonomous territory, is the source with user, the search trust path;
Step 9). merge directly trust and recommendation trust by weight after finding all satisfactory nodes, calculate the final trust value of all nodes; For same node direct trust may mulitpath be arranged, recommendation trust is also arranged,
Step 10). the trust degree limit value parameter of submitting to according to the user filters out all trusted node that meet customer requirements, has only degree of belief just to satisfy requirement more than or equal to the node of confidence level limit value, and this result is returned to the user;
Step 11). service operations options such as user's selection is only readable, write only, can revise, service zero-time, termination time, whether the IP matching addresses to be, according to these service request generation strategy documents of user's submission;
Step 12). the generation strategy document, carry out strategy matching, the user submits to autonomous domain server with statement, and by local policy, autonomous domain server judges whether to provide service to the user;
Step 13). the user submits to autonomous domain server with task requests;
Step 14). server is a cpu performance according to the performance of trusted node, operation is divided into the experimental process operation distributes to each trusted node and finish;
Step 15). the result is returned to the user, and task is finished;
Step 16). the user with each resource node carry out mutual after, can produce one this node estimated accordingly, all evaluations all are submitted to autonomous territory service database;
Step 17). according to reliability rating and history window parameter, the final trust value of evaluation calculation resource node, and upgrade the user to this node trusting relationship record, use during for next task requests;
Step 18). upgrade the evaluation accuracy of recommended node in the service database of autonomous territory, promptly recommend the factor; So far, the specific implementation process based on the access control method of trust evaluation model finishes.
The user is the trust requirement to the gridding resource node in the step 7, the weighted value, recommendation factor limit, the trust degree limit value that comprise reliability rating, history window, bang path limit for length, the weighted value of directly trusting, recommendation trust are submitted to autonomous territory service database, in database, open the trust record of this user node, with all resource nodes of autonomous territory is target, with user is the source, the search trust path, concrete steps are as follows:
Step 71. is opened the trust record of user node, if the user is to the direct trust number=num of other resource node, looking for user from record is all resource node targets in source, the search trust path, be positioned at the ground floor of search tree this moment, represent the level set with cycle, this moment cycle=1;
Step 72. is searched all related with it resource nodes, if not have record then give tacit consent to it be 0.5 to the trust value of all nodes in the grid to this node of num=0, recommending the factor also is 0.5, and traversal finishes;
If step 73. numi=0 then has trust record, represent it is which node in the record with i, require i<=num, begin to judge from i=1 the node that writes down whether this node is destination node; If, recommendation paths and recommendation trust value or direct trust value are noted, continue this destination node in other paths of traversal;
Step 74. judges then that if not destination node this node has or not further trust object, if having, enters down the step judgement;
Whether the recommendation factor of this node of step 75. is greater than recommending limit value, if enter down the step judgement; If not, judge further then whether the i of this node equals num, i+1 node do not searched for, finish, return upper layer node and continue traversal if mean this layer range traversal if just do not wait;
Whether step 76. bang path length if not, enters down step judgement greater than the path limit for length; Whether equal num if then further judge the i value of this node, i+1 node do not searched for, finish, return upper layer node and continue traversal if mean this layer range traversal if just do not wait;
Whether this node of step 77. has appeared in the bang path, if not, enters down the step judgement; Whether equal num if then further judge the i value of this node, i+1 node do not searched for, finish, return upper layer node and continue traversal if mean this layer range traversal if just do not wait;
Recommended node in the middle of this node of step 78. can be used as is searched all related with it resource nodes, enters lower floor's traversal, cycle=cycle+1;
If after having any one condition not satisfy in step 79. step 74~step 77 all to turn back to the upper strata, enter the continuation traversal of next record node; All nodes all travel through one time in grid, EP (end of program);
Step 710. may mulitpath at each node in the grid, direct trust is arranged, recommendation trust is also arranged, it is integrated, merge directly trust and recommendation trust path by direct trust weight value and recommendation trust weighted value, draw the final trust value of user after the weighted average this node;
Step 711. and then filter out the node that meets the demands according to the confidence level limit value, the trust degree limit value parameter of submitting to according to the user filters out all trusted node that meet customer requirements, have only the confidence level of resource node just to satisfy requirement, and this result is returned to the user more than or equal to the confidence level limit value.
Beneficial effect: the inventive method has proposed a kind of the trust evaluation theory to be applied to new method in the access control, be mainly used in the problem that the user controls the gridding resource node visit in the grid community that solves, the method that the application of the invention proposes can be avoided the entity deceptive practices and realize dynamic, can effectively reach in the grid community purpose to the access control of resource node, be a kind of high efficient and convenient new method.Below we provide specific description.
Reliability: the trust model that uses in the inventive method is reliably, can prevent the entity deceptive practices.In grid computing environment, there is the behavior of a kind of forgery entity, entity oneself is registered some entities and oneself is carried out alternately, and gives very high evaluation to these behaviors, improves the degree of belief evaluation of oneself whereby.In this model, only estimate the degree of belief that could improve the opposite end entity from the front of the high entity of degree of belief, because the client submitted to one to recommend limit value before submit job earlier, nominator in the middle of the recommendation factor of having only entity just can be used as during greater than this limit value, and after finishing alternately, user and resource node to do the evaluation accuracy to nominator in the middle of these, the general entity of accuracy is to the almost not influence of degree of belief of opposite end entity, and the very low entity of accuracy estimates even can reduce the degree of belief of end entity to the front of opposite end entity.In this model, the initial trust degree of registering entities is set to 0.5, recommending the factor also is 0.5, the evaluation that this means these entities is little for the influence of other entities, and gap widens gradually along with increasing of interaction times between the node, therefore reliable more node trust value can be more and more higher, and the node trust value that has the malice deceptive practices can be more and more lower, by registering entities and to forge the entity behavior be invalid in this trust model.
Dynamic: according to grid user and the mutual result of resource node, the user can make evaluation to each node, the situation that resource node is finished the work is submitted to autonomous domain server, server is according to reliability rating and history window parameter, calculate the final trust value of estimating object n, and upgrade the evaluation accuracy (the recommendation factor) of user entity trusts relation record and reference entity, and then, the user can grasp the situation of gridding resource dynamically, timely, filters out the adequate resources node.
Reasonability: when introducing feedback information, not only front evaluation and negative evaluation are all introduced in the trust model, and considered feedback information supplier's trust degree in this access control method, make feedback information more reasonable.Along with increasing transaction, this model is also more and more accurate to the assessment of trust value.
Description of drawings
Fig. 1 is the frame diagram of autonomous territory authorization service.
Fig. 2 is the autonomous domain model dendrogram of the grid of a user subject.
Fig. 3 is the trust link figure that search obtains.
Fig. 4 directly trusts and recommendation trust.
Fig. 5 is N sliding window.
Fig. 6 is an overall process flow chart of the present invention.
Fig. 7 is the flow chart of access control method of the present invention.
Embodiment
1, grid user request access resources
If unregistered client, at first should generate a local certificate to be signed and issued in this locality, submit certificate to the CA of authentication center (Certification authority) then, request is authorized, authentication center judges that the client has lack of competence visit gridding resource, if have then authentication center signs the local certificate of sending from client with its private key, and return to the user, after the client receives the certificate of having signed and issued, register to this autonomous domain server, and it sends the digital certificate of oneself, autonomous domain server checking digital certificate, by after Customer ID and password can be kept in the service database of autonomous territory, the client just becomes grid user;
When grid user has task to submit to, land autonomous domain server earlier, single sign-on then, purpose is to avoid the user to land other autonomous domain servers once more when the cross-domain services request, the user submits the trust requirement to the gridding resource node to, comprise reliability rating, history window, bang path limit for length, the weighted value of directly trusting, recommendation trust weighted value, recommend factor limit, trust degree limit value etc., the gridding resource server determines whether providing service promptly to respond the user by checking user's policy statement.
2, screening grid node
Above-mentioned parameter being submitted to autonomous territory service database, opening the trust record of this user node in database, is target with all resource nodes of autonomous territory, one by one traversal.With user is the source, begins to search for trust path; With Fig. 2 is example, and this process is elaborated:
This dendrogram is divided into 4 layers, and cycle represents the height set.The user be in ground floor be tree root (cycle=1) by that analogy, be cotyledon up to cycle=4.Come for oneself provides service if the user wants to find in the grid all to meet the resource node that oneself requires, then will travel through one by one as destination node, filter out enabled node then with all nodes.
1) at first open user's trust record, if search earlier have the resource node of direct trusting relationship not have direct trust record with the user in the default mesh trust value of all nodes be 0.5, recommending the factor also is 0.5; There is direct trusting relationship in this routine user with (1,2,3) three resource nodes, earlier from node 1, is the source with this 1 node again then if not destination node, carries out degree of depth traversal;
2) decision node 1 has or not further trusting relationship, carries out range traversal, (be cycle=2, return last layer cycle=1) if nothing is then returned last layer.In this example, node 1 has further trusting relationship;
3) whether the recommendation factor of decision node 1 as if less than limit value then this node do not can be used as in the middle of nominator, gets rid of this path greater than recommending limit value, returns the upper strata and continues traversal, otherwise enter next step;
4) whether decision node 1 appears in the bang path, if then cancel this path, avoids deadlock; If recommended node not then in the middle of can be used as continues to search related with it resource node, enter lower floor traversal, cycle++;
5) finish back (find cycle=4 9 till) up to degree of depth traversal and just carry out range, promptly horizontal traversal turns back to the cycle=2 layer, searches node 2, if not destination node, and does not have trust record, then forward to layer next node 3;
6) carry out degree of depth traversal again, all travel through one time EP (end of program) up to all nodes.
7) may mulitpath at each node in the grid, direct trust arranged, recommendation trust is also arranged, it is integrated, merge directly trust and recommendation trust path by direct trust weight value and recommendation trust weighted value, draw the final trust value of user after the weighted average this node.
8) filter out the node that meets the demands and then according to the confidence level limit value.The trust degree limit value parameter of submitting to according to the user filters out all trusted node (more than or equal to parameter value) that meet customer requirements, and this result is returned to the user.
3, submit to task requests and result to return
The user selects service option, comprise servicing rights as: read, write, retouching operation, service time is as zero-time, termination time, whether the IP matching addresses, thereby generation strategy document, carry out strategy matching, the user submits to autonomous domain server with policy statement, pass through local policy, autonomous domain server judges whether to provide service to the user, if by would respond user's request, the user submits to autonomous domain server with task requests, server is according to the performance (as cpu performance) of trusted node, operation is divided into the experimental process operation to be distributed to each trusted node and finishes, after task was finished, all resource nodes returned to autonomous domain server with the result, and server sends to complete results of user after each height result is integrated.
Specific as follows:
Step 1). the client at first generates a local certificate to be signed and issued in this locality, submit certificate to the CA of authentication center (Certification authority) then, and request is authorized;
Step 2). authentication center judges that the client has lack of competence visit gridding resource, and authentication center signs the local certificate of sending from client with its private key if having then, and returns to the user;
Step 3). after the client receives the certificate of having signed and issued, register, and it sends the digital certificate of oneself to this autonomous domain server;
Step 4). autonomous domain server checking digital certificate, by after Customer ID and password can be kept in the service database of autonomous territory, the client just becomes grid user;
Step 5). when grid user has task to submit to, land autonomous domain server earlier;
Step 6). single sign-on, avoid the user when the cross-domain services request, to land other autonomous domain servers once more;
Step 7). the user submits the trust requirement to the gridding resource node to, comprise reliability rating, history window, bang path limit for length, the weighted value of directly trusting, recommendation trust weighted value, recommend factor limit, trust degree limit value etc.;
Step 8). above-mentioned parameter being submitted to autonomous territory service database, opening the trust record of this user node in database, is target with all resource nodes of autonomous territory, is the source with user, the search trust path;
Step 9). after finding all satisfactory nodes (for same node may mulitpath as shown in Figure 3, direct trust arranged, recommendation trust is arranged also), merge directly trust and recommendation trust by weight, calculate the final trust value of all nodes;
Step 10). the trust degree limit value parameter of submitting to according to the user filters out all trusted node (more than or equal to parameter value) that meet customer requirements, and this result is returned to the user;
Step 11). the user selects service option, comprises servicing rights as reading and writing, retouching operation, service time as: zero-time, termination time, whether the IP matching addresses to be;
Step 12). the generation strategy document, carry out strategy matching, the user submits to autonomous domain server with statement, and by local policy, autonomous domain server judges whether to provide service to the user;
Step 13). the user submits to autonomous domain server with task requests;
Step 14). server is according to the performance (as cpu performance) of trusted node, operation is divided into the experimental process operation distributes to each trusted node and finish;
Step 15). the result is returned to the user, and task is finished;
Step 16). the user with each resource node carry out mutual after, can produce one this node estimated accordingly, all evaluations all are submitted to autonomous territory service database;
Step 17). according to reliability rating and history window parameter, calculate the final trust value of estimating object n, and upgrade the user, use during for next task requests the entity trusts relation record;
Step 18). upgrade the evaluation accuracy (the recommendation factor) of reference entity in the service database of autonomous territory; So far, the specific implementation process based on the access control method of trust evaluation model finishes.
The user is the trust requirement to the gridding resource node in the step 7), comprise reliability rating, history window, bang path limit for length, the weighted value of directly trusting, recommendation trust weighted value, recommend factor limit, trust degree limit value etc. to be submitted to autonomous territory service database, in database, open the trust record of this user node, with all resource nodes of autonomous territory is target, with user is the source, the search trust path, concrete steps are as follows:
1) open the trust record of user node, establish the direct trust number=num of user to other resource node, looking for user from record is all resource node targets in source, the search trust path, be positioned at the ground floor of search tree this moment, represent the level set with cycle, this moment cycle=1;
2) search all related with it resource nodes, if not have record then give tacit consent to it be 0.5 to the trust value of all nodes in the grid to this node of num=0, recommending the factor also is 0.5, and traversal finishes;
3) if num!=0, trust record is then arranged, with i represent be the record in which node, require i<=num, from the record i=1 node begin the judgement, whether this node is destination node; If, recommendation paths and recommendation trust value or direct trust value are noted, continue this destination node in other paths of traversal;
4) if not destination node, judge that then this node has or not further trust object, if having, enter down the step judgement;
5) whether the recommendation factor of this node is greater than recommending limit value, if enter down the step judgement; If not, judge further then whether the i of this node equals num, i+1 node do not searched for, finish, return upper layer node and continue traversal if mean this layer range traversal if just do not wait;
6) whether bang path length if not, enters down step judgement greater than the path limit for length; Whether equal num if then further judge the i value of this node, i+1 node do not searched for, finish, return upper layer node and continue traversal if mean this layer range traversal if just do not wait;
7) whether this node has appeared in the bang path, if not, enters down the step judgement; Whether equal num if then further judge the i value of this node, i+1 node do not searched for, finish, return upper layer node and continue traversal if mean this layer range traversal if just do not wait;
8) recommended node in the middle of this node can be used as is searched all related with it resource nodes, enters lower floor's traversal, and cycle=cycle 10;
9) if step 4)~7) in have any one condition not satisfy all to turn back to the upper strata after, the continuation traversal that enters next record node; All nodes all travel through one time in grid, EP (end of program);
10) may mulitpath at each node in the grid, direct trust arranged, recommendation trust is also arranged, it is integrated, merge directly trust and recommendation trust path by direct trust weight value and recommendation trust weighted value, draw the final trust value of user after the weighted average this node;
11) filter out the node that meets the demands and then according to the confidence level limit value, the trust degree limit value parameter of submitting to according to the user filters out all trusted node that meet customer requirements, have only the confidence level of resource node just to satisfy requirement, and this result is returned to the user more than or equal to the confidence level limit value.
In this process, the user may carry out alternately with tens even up to a hundred resources, the probability that each resource entity has malice is different, behind each mutual end, two mutual entities have corresponding an evaluation to the other side, all evaluations all are submitted to autonomous territory service database, according to reliability rating and history window parameter, estimate the final trust value of object n according to corresponding evaluation calculation by autonomous domain server, and upgrade the user to the entity trusts relation record, use during for next task requests; Also to upgrade the evaluation accuracy (the recommendation factor) of reference entity in the service database of autonomous territory; So far, the specific implementation process based on the access control method of trust evaluation model finishes.