CN102801524A - Trust-theory-based trusted service system based on trusted authentication system - Google Patents

Trust-theory-based trusted service system based on trusted authentication system Download PDF

Info

Publication number
CN102801524A
CN102801524A CN2012101943066A CN201210194306A CN102801524A CN 102801524 A CN102801524 A CN 102801524A CN 2012101943066 A CN2012101943066 A CN 2012101943066A CN 201210194306 A CN201210194306 A CN 201210194306A CN 102801524 A CN102801524 A CN 102801524A
Authority
CN
China
Prior art keywords
service
trust
module
credible
trusted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2012101943066A
Other languages
Chinese (zh)
Other versions
CN102801524B (en
Inventor
田秀明
许光全
翟敏
李晓红
孙达志
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianjin University
Original Assignee
Tianjin University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianjin University filed Critical Tianjin University
Priority to CN201210194306.6A priority Critical patent/CN102801524B/en
Publication of CN102801524A publication Critical patent/CN102801524A/en
Application granted granted Critical
Publication of CN102801524B publication Critical patent/CN102801524B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention discloses a trust-theory-based trusted service system based on a trusted authentication system. The system is characterized by comprising four modules, namely a combined public key (CPK) identity authentication-based trusted authentication module, a trusted computing module in line with temporary service and rapid service reconfiguration, an intelligent agent technology-based autonomous trust negotiation module meeting requirements for service dynamics and an automation degree, and a fuzzy non-homogeneous Markov system and multivariate regression analysis-based service trusted prediction module. Compared with the prior art, the system has the advantages that software can be modeled in an early design stage of software development, and an alleviation scheme is made by unified threatening modeling driving software evaluation according to possible threats, so that the security of the software is greatly improved.

Description

On the authentic authentication system basis based on trusting theoretical credible service system
Technical field
The present invention relates to the Network Security Service field of engineering technology; The trusted service platform that particularly relates to a kind of service-oriented computing.
Background technology
Service-oriented computing (Service-Oriented Computing; SOC); Also be called for short service compute (Service Computing); Its core concept is that the application component that is distributed on the network is assembled into one " service network ", its loosely-coupled characteristics can produce stride tissue and computing platform flexibly, dynamic operation flow and quick application.Service under the SOC can support fast, cheaply, application interoperable, extendible extensive distribution; These can both satisfy the needs of current computer application development; Also be that modern professional complexity improves constantly and the needs that dynamically develop; The developing direction of software engineering technology has especially been represented the latest development direction of Distributed Calculation and software development.
The service-oriented computing environment typically has following characteristic: (1) service has opening, sharing, dynamic, each branch's service possibility isomerism and typical distributed characteristic; (2) also have demand for services changeablely and personalized to differ greatly, serve and need dynamic real-time combination and service reorganization etc. fast; (3) also have automaticity high, partial dependency trust negotiation means; (4) in addition, often exist individual difference XOR space-time dynamic transition property, response speed in information imperfection and asymmetry, concept connotation essence ambiguousness or the understanding to require high between the service entities again.
Obviously, the These characteristics of service-oriented computing environment causes its credible problem to face great challenge.At present; Safety and credible problem to service mainly contain the additional standard that some web serve, like WS-Security, WS-Security Polic y, WS-Security Conversation, WS-Federation, security assertion markup language (SAML), the strategy that conveys a message (XACML), XML key management standard (XKMS), XML encryption and XML digital signature etc.The WS-Trust normalized definition how to send and exchanging safety property token; It provides some expansions to the WS-Security standard; Special disposal guarantees that about issue, renewing and the checking of safe tokens the participant's of each side interoperability is in the exchange secure data environment trusty.It has just defined the beginning of trusting relationship from interface, do not specify which kind of authentication mode to ensure credibility.
In fact, the trusted context under service-oriented computing environment be unable to do without the traditional rigid safe basic demand of bottom, and it needs a kind of advanced person's authentic authentication technology to make up the authentic authentication system of whole network environment; On the other hand, because the entity in the network of service-oriented computing all has some subjective factors of people, and the trust role in society is mutual as a kind of social capital of informal system is a core in the human society, also can not be substituted.Therefore, mutual between each entity under the service compute environment also must seriously rely on they self trust decisions
This shows; Any traditional safe practice means and hard safe way of method of only relying on; Perhaps only relying on based on trusting theoretical is the soft safe way of the modern credible safeguards technique of core, all is worthless, is difficult to satisfy its omnibearing credible demand.Satisfy credible end to end demand under the service compute environment, the credible safeguards technique to service-oriented computing environment unique characteristics then must be arranged.Only but the telecommunications services based on trusting theory on authentic authentication system basis is only feasible.
The present invention is directed to the essential characteristic of service under the service-oriented computing environment; But with telecommunications services is target; In conjunction with traditional information security technology and trust theory is the credible security technology of core, aims to provide a solution that can satisfy service providers and the omnibearing credible demand of consumer.
Summary of the invention
Problem based on above-mentioned prior art existence; The present invention proposes the credible service system on a kind of authentic authentication system basis based on the trust theory; To the unique characteristics of service-oriented computing environment, proposed to combine the credible platform of service of CPK bottom authentication techniques and modern advanced credible security technology, with guarantee open, under the dynamic environment; Can carry out quick, reliable, safe alternately between the entity, belong to security fields.
The present invention provides
Compared with prior art, the present invention can carry out modeling to software in the preliminary design phase of software development, and threatens the assessment of modeling drive software through unified, and then makes the mitigation scheme according to the threat that possibly exist, and has improved the fail safe of software greatly.
Description of drawings
Fig. 1 is of the present invention based on CPK ID authentication and modern credible service platform of trusting theory for the advanced trusted technology of core;
Fig. 2 is the quick trust conceptual model under the service-oriented computing network environment;
E1: the elapsed time-all space lengths after the space two-dimensional mapping; E2: service-conformance property;
E3: based on role's service interaction; E4: the voluntary and enthusiasm degree of service entities;
E5: the sharpening degree of service role; E6: the sensitiveness of service entities; E7: service response time;
E8: the reliability and the authenticity of the relevant information of service entities (comprising ISP, service user and network infrastructure);
E9: the degree of uncertainty under the special services environment;
E10: the resource intake and the degree of risk thereof of service action.
Fig. 3 is that the automated trust negotiation of service-oriented computing network environment is realized;
Fig. 4 is the credible Predicting Technique route of service.
Embodiment
Below in conjunction with accompanying drawing and preferred embodiment,, specify as follows according to embodiment provided by the invention, structure, characteristic and effect thereof.
Be illustrated in figure 1 as the system configuration sketch map of credible service system of the present invention.
This credible service platform is divided into four parts; But the trust computing module of promptly recombinating based on the authentic authentication module of Conbined public or double key CPK ID authentication, satisfied interim service and quick service; Satisfy that the service dynamic need requires with automaticity, based on the automated trust negotiation module of intelligent agent technology, based on the service credibility prediction module of fuzzy nonhomogeneous markov system and multiple regression analysis.
1, under the service-oriented computing environment based on the service authentic authentication module of CPK ID authentication
Service under the service-oriented computing environment has typical opening, distributed nature; Service entities has dynamic transition property etc.; Therefore; Want to set up the authentic authentication system under the service compute environment, all must consider the specific demand of service compute environment aspect credible aspect trusted logic and the ID certificate two.Trusted logic is to realize the theoretical foundation of authentic authentication system, and the ID certificate is a core component of realizing trusted logic.The present invention realizes the credible authentication of the service entities under the service-oriented computing environment through the portrayal of the service constraints on ID certificate and trusted logic.
(1) design of trusted logic, mainly with satisfying property of service implementing condition prove service entities on the identity with the data of transmission on credibility.The service implementing condition of intend considering comprises the dynamic change of authenticity, service environment of smoothness, the service data transfer of prestige degree need satisfaction property, communication for service to the influence of service execution, ability, the conflict of service interaction inter-entity and contradiction property or the like key element that service entities is accomplished part or all of calculation services, and the authentication meeting is according to carrying out at the integraty (Ti) of service registry property (Re), the credible proof of service entities and based in logic constraints aspect the property understood three of the transmission object (data or Additional Verification information etc.) of symmetric key.
(2) design of ID certificate, mainly within it structurally research is launched in aspects such as (being certificate body and expanded body), considers the particularity of service compute environment.On the immanent structure; Intend subjectivity and objective attribute and the relation they between of service entities in whole service execution life cycle (comprising all processes such as service registry property, services request, service response, service connection, service interaction and service evaluation) under the labor service compute environment, and it is carried out formalization stipulations and checking; And aspect expanded body, dynamically portray identification field, the security domain of service entities, service entities by the role of the grade classification of authority class, the service entities under the special services environment divide, main contents such as the private key of correspondence and relevant parameter.
But 2, satisfy the trust computing module of interim service and quick service reorganization
The quick trust that need satisfy interim service orchestration, dynamic Service combination and service reorganization fast produces the factor and excavates.Under the service-oriented computing network environment; For the credibility that satisfies interim service orchestration, dynamic Service combination and serve services such as reorganization fast; Except the real-time and dynamic that will guarantee response speed (possibly comprise the factor of system that service entities and network response speed etc. are comparatively complicated) and required service in the network environment; On the basis of the authentic authentication system that particularly crucial is sets up in front, realize the quick trust decisions between the service entities (comprising ISP, service user and network infrastructure).The computation model of this module is referring to Fig. 2.The present invention will set about from following aspect:
(1) on the one hand, research is based on the body interim service that drives and the credible formalization stipulations and the checking of serving reorganization fast.Analyze the ageing feature of interim service and quick service reorganization; Employing is based on time sequencing coding (Temporary Sequential Marker; TSM) time-space dynamic mapping techniques; The general Ontological concept collection of design service-oriented computing environment; Set up the derivation relationship between notion, this is an important prerequisite of setting up quick service response;
(2) on the other hand, the trusting relationship initial method of research service-oriented computing network environment and quick trust generation mechanism.That traditional trusting relationship initialization mainly relies on is directly mutual, recommendation, historical review etc., but in the face of quick trusting relationship, owing to extremely lack these information, and especially directly mutual and historical record, it is at a loss what to do just to seem.The present invention intends from the angle of social recognition and analyses in depth the theoretical research result of trusting at aspects such as uncertainty, fragility and risks; Excavate the initial method of quick trusting relationship and trust generation mechanism fast; Through the quick trust Ontological concept portrayal of service entities, make up the specific area Ontological concept of the quick trust in the service compute environment at last;
(3) the specific area Ontological concept of the quick trust that draws towards the general Ontological concept collection of the space-time two-dimension mapping of interim service and service reorganization fast and in the cognitive frame reasoning of comprehensive front design; The two is carried out body integrates; Set up the quick trust conceptual model under the service-oriented computing network environment on this basis; As shown in Figure 2, the influence of setting up quick trust model relates to and belongs to the interdependency, the role that serve fragility and pay close attention to intensity and categoryization), belong to the probabilistic complex environment factor of service) and belong to the action of serving risk.The parameter that belongs to the sex factor that interdepends has: e1: the elapsed time-all space lengths after the space two-dimensional mapping; E2: service-conformance property; E3: the service based on the role is exchanged; E4: the voluntary and enthusiasm degree of service entities; Belonging to the parameter that the role pays close attention to intensity factor has: e 5: the sharpening degree of service role; e 6: the sensitiveness of service entities; The parameter that belongs to the category factor has: e 7: service response time; e 8: the reliability and the authenticity of the relevant information of service entities (comprising ISP, service user and network infrastructure); The parameter that belongs to the complex environment factor has: e 9: the degree of uncertainty of special services environment; The parameter that belongs to the intensity factor of taking action has e 10: the resource intake and the degree of risk thereof of service action.
(4) the Dempster-Shafer evidence theory is expanded to be applicable to quick trust reasoning; Quick trust conceptual model according to front foundation; Be arranged on the degree of belief initial value under several kinds of typical scenes by quick trusting relationship initial method; Considering that each is trusted fast produces factor influence mode in trusting fast, design one accurately and effectively match trust computing function fast, and adopt minimum some principle in the evidence theory to decide the weight allocation problem of each factor of influence; The computability that realization is trusted is fast designed quick trust algorithm and programming realization thus;
(5) the trusting relationship initial value that is provided with to the front designs a series of service network and trusts scene fast, but its feasibility and validity are confirmed in emulation and checking on final quick trust computation model made an experiment.
3, based on the automated trust negotiation module of intelligent agent technology
Under the service-oriented computing network environment; Because network environment and the service interaction partner's that faces property complicated and changeable; The behavior of service entities has characteristics such as dynamic modificability, complexity height; In most service scenarios, except need the automation means by software program, some need rely on trust negotiation.The present invention carries out formalized description analyzing the miscellaneous service flow process in detail on the basis of the personalized difference of aspects such as time-domain and background to the trust negotiation of serving, and replaces service entities itself to carry out the automated trust negotiation function with intelligent agent.The overall technology thinking is as shown in Figure 3.
Be implemented as follows:
(1) to the miscellaneous service flow process under the condition of constraint such as special time territory and background; From behavioural characteristic and the behavioral requirements analysis during this period of its service entities of many-sided analysis such as services request, service response, service and decision-making, service execution, service monitoring; And then by function automation desirability it is carried out type and cut apart; Part to wherein relying on trust negotiation adopts the formalized description that drives based on body; Then the Ontological concept in different specific transactions flow processs or field is integrated the body matter and the credible demand of strict portrayal automated trust negotiation.
(2) according to the construction design method of BDI+ ontology inference, design is applicable to the automated trust negotiation intelligent agent modular structure under the service-oriented computing environment, and then develops the intelligent agent that satisfies the demands.The BDI model lays particular emphasis on formal description conviction, hope (desire) and intention (intention), and wherein intelligent agent is made up of sensing module, inference machine, communication module, knowledge base, database, controller and effect module etc.; Its core inference machine is trusted correlation factor with the description of BDI model form, and utilizes the ontology inference method to carry out information processing and interpretation of result.
(3) in front on the basis of the authentic authentication of service entities, the intelligent agent of dynamically emerging in large numbers in the service compute is carried out authentic authentication, guarantee that it satisfies credible demand before carrying out automated trust negotiation.And after entering into the process of automated trust negotiation; Intelligent agent will be carried out man-to-man automatic reliable with the service entities (trust entity) of its representative and bound; Meanwhile, entrust entity that main contents, trusted policy, trust general knowledge or the axiom level trust knowledge etc. of trust negotiation, the chain of trust structure of real-time change and the item that should be noted that etc. are injected in the intelligent agent.
(4) be the unified interface of the open intelligent agent of service entities of all automated trust demands, realize the synchronism of automated trust negotiation and monitoring in real time through centralized management, to satisfy the huge demand of trust negotiation request quantity size.Might exist poor information, trust imperfection etc. to influence the factor of trust negotiation in addition between the service entities under the service-oriented computing environment; Intend the mode that adopts based on pre-activity (proactive) and stimulate each service entities relevant information exchange; At utmost satisfy the information availability of automated trust negotiation, and carry out automated trust negotiation as the main foundation of trust negotiation separately.
4. consider to trust the credible prediction module of service of ambiguity and dynamic
But safeguards technique research for telecommunications services; The credibility prediction of service-oriented computing network environment is a very complicated very big significant challenge of difficulty; Entirely accurate, absolutely Forecasting Methodology be impossible exist basically; This mainly is because the uncertainty of network environment is 100%; And the entity class that in the service interaction life cycle, relates to is various, structure inequality, subjectivity in essence and independence etc. make the behavior of these service entities be difficult to expect, sometimes or even have no rule.However, the ability of statistics lot of statistics method and autonomous learning is served credible transition trend and sometimes still can be predicted and obtain.The credibility that the present invention intends the state transitions method analog service entity that adopts the Markov random process changes; Simultaneously tendency, seasonality and the randomness etc. of credibility are carried out asymptotic match, thereby guides user is evaded the trust risk effectively based on multiple regression analysis.Credible Predicting Technique route is as shown in Figure 4, specific as follows:
(1) adopt the method for optimizing inquiry from trust and credit database, to retrieve the credible essential information of entity to be predicted; And they are sorted according to time sequencing; The time series string of structure research object; Analyze this time series, confirm the basic parameter (comprising the parent parameter and the basic parameter that determine transition probability) of nonhomogeneous Markov system, nonhomogeneous Markov system and transition probability matrix thereof that structure is satisfied the demand.
(2) research and analyse the causality that influences service entities trust and prestige dynamic change under the service compute network environment; Excavate the element of service that causes this variation; And combine to trust the general knowledge that changes, as a series of fuzzy inference rules that are used for state exchange of main foundation design.
(3) key element (independent variable) of the credible transition of service in the analysis of history record and the graph of a relation between the service credible (dependent variable) are confirmed the quantitative relation formula between these key elements, adopt least square method to estimate unknown parameter wherein.Intend the total regression method that adopts, the initial setting significance level assisting down of SPSS software, is confirmed the coefficient and the linear correlation order of each independent variable under given significance level of regression equation, determines the weight of each comfortable credible forecast model in view of the above.
(4) The reasoning results of comprehensively fuzzy nonhomogeneous Markov system and the result of multiple regression analysis; Weight according to each factor is different then; Adopt the mode of fuzzy reasoning and convex combination that the result is realized merging stack, so just realized the credibility prediction of practical requirement.In order to check the significant degree of credible prediction, analysis meter is calculated the error of credible prediction and The actual running results, and the method for employing dynamical feedback predicts the outcome to credibility and recall correction, progressively realizes the error minimization.
The consumer of service is divided into: interim nonregistered user and registered user.Service providers is the registered user.The authentic authentication module of this system of the present invention is used for the identification of inter-entity and the reliable transmission of data for all registered users distribute trusted certificate.
Suppose the consumer ClientA of service; Service-seeking functional inquiry through platform goes out the set of service CollectionA (relevant parameters such as price that comprise each service) that can realize function FunctionA; The credible prediction module of the service of platform simultaneously is according to the nonhomogeneous Markov of the information structuring of set of service CollectionA system; Confirm the coefficient of regression equation and the linear correlation order of each independent variable, determine the weight of each comfortable credible forecast model in view of the above.The The reasoning results of comprehensive fuzzy nonhomogeneous Markov system and the result of multiple regression analysis; Weight based on each factor is different then; Adopt the mode of fuzzy reasoning and convex combination that the result is realized merging stack; Obtain the credible predicted value of each service among the CollectionA, supply ClientA to select.
ClientA is selected satisfied from CollectionA to pre-pay mutual service ServerA, and the supplier ServerA through authentic authentication module and ServerA connects;
Whether the authentic authentication module detects ClientA is the registered user, if A be interim nonregistered user then the authentic authentication module be that ClientA distributes a temporary credentials, be used for setting up between ClientA and the ServerA and reliably be connected.But the credibility that the quick trust computing module of while platform is concluded the business based on foundation between quick trust evaluation of algorithm ServerA and the ClientA is used to ServerA and ClientA provides decision support.
If ClientA is the registered user; Then the automated trust negotiation module of platform provides intelligent agent and ClientA and ServerA to bind one to one; Meanwhile, ClientA and ServerA are injected into main contents, trusted policy, trust general knowledge or the axiom level trust knowledge etc. of trust negotiation, the chain of trust structure of real-time change and the item that should be noted that etc. in the intelligent agent separately.The intelligent agent of ClientA and the intelligent agent of ServerA communicate through the unified interface of intelligent agent, for it carries out trust negotiation, for the foundation of both trusting relationships provides decision support.
Make up software systems sketch plan, decompose these three common models of realizing of Key Asset of software systems, recognition software system can the helper applications analysis and the designer understand main Stakeholder, Key Asset, Solution Architecture, the system functional model of software systems in the early stage design phase of SDLC.Identification and modeling software threaten can the helper applications analysis and the designer understand the relation of the software security that produces in the reciprocal process of software systems between threatening in the early stage design phase of SDLC, this has established solid foundation for follow-up security evaluation.Can find the threat that software is potential effectively based on attack path assessment software safety; Result according to the software security assessment formulates the mitigation scheme and confirms its priority then; Use the mitigation scheme and improve System Software, relax software and threaten, strengthen the fail safe of software systems.
Through the work of above six parts, can carry out modeling to software in the preliminary design phase of software development, and threaten the assessment of modeling drive software, and then make the mitigation scheme based on the threat that possibly exist through unified, improved the security of software greatly.

Claims (2)

  1. On the authentic authentication system basis based on trusting theoretical credible service system; It is characterized in that; This system comprises four modules; But the trust computing module of promptly recombinating based on the authentic authentication module of Conbined public or double key CPK ID authentication, satisfied interim service and quick service; Satisfy that the service dynamic need requires with automaticity, based on the automated trust negotiation module of intelligent agent technology, based on the service credibility prediction module of fuzzy nonhomogeneous markov system and multiple regression analysis, wherein:
    The authentic authentication module is used for the identity authentic authentication of service entities, the authentic authentication of transmission data and the dynamic stability maintenance of service, is the authentication foundation with the trusted logic and the service ID certificate of serving,
    But trust computing module; Be used for interim service orchestration; The quick trust of dynamic Service combination and service reorganization fast produces the factor and excavates; Concrete operations in this module comprise: the trusting relationship initialization; Quick trust generation mechanism based on cognition; The quick trust conceptual model that body drives; Comprise based on the time-space dynamic mapping of time sequencing coding and set up the generic service Ontological concept collection of service-oriented computing environment and the derivation relationship between notion; Be based upon the quick trust specific area body that the cognitive frame reasoning draws; Comprehensive generic service Ontological concept collection noted earlier and trust the specific area Ontological concept fast; The two is carried out body integrate, set up the quick trust conceptual model under the service-oriented computing network environment on this basis;
    The automated trust negotiation module, the behavior that be used for the service behavior signature analysis, relies on trust negotiation is cut apart, the design of extraction and ontology describing, body integration, intelligent agent and realization, based on the automated trust negotiation of pre-activity; Concrete operations in this module comprise:
    Service entities is analyzed at the behavioural characteristic and the behavioral requirements of specific background and incident; Part to wherein relying on trust negotiation adopts the formalized description that drives based on body; Then the Ontological concept in different specific transactions flow processs or field is integrated the body matter and the credible demand of strict portrayal automated trust negotiation;
    According to the method for BDI+ ontology inference, design is applicable to the automated trust negotiation intelligent agent modular structure under the service-oriented computing environment, and then develops the intelligent agent that satisfies the demands;
    On the basis of the authentic authentication of service entities, the intelligent agent of dynamically emerging in large numbers in the service compute is carried out authentic authentication in front, guarantee that it satisfies credible demand before carrying out automated trust negotiation; And after entering into the process of automated trust negotiation; Intelligent agent will be carried out man-to-man automatic reliable with the service entities of its representative and bound; Meanwhile, entrust entity that main contents, trusted policy, trust general knowledge or the axiom level trust knowledge etc. of trust negotiation, the chain of trust structure of real-time change and the item that should be noted that are injected in the intelligent agent;
    Employing stimulates each service entities relevant information exchange based on the mode of pre-activity; In advance to existing the factor that influences trust negotiation to take trusted to consult between the service entities under the service compute environment; At utmost satisfy the information availability of automated trust negotiation, and carry out automated trust negotiation as the main foundation of trust negotiation separately with this.
    Serve credible prediction module, realize that the concrete operations of this module are following to the credibility prediction towards the service compute network environment:
    Adopt the credible essential information of method retrieval entity to be predicted from trust and credit database of optimizing inquiry; And they are sorted according to time sequencing; Make up the time series string of research object; Analyze this time series; Confirm the basic parameter of nonhomogeneous Markov system; Comprise the parent parameter and the basic parameter that determine transition probability, make up the nonhomogeneous Markov system and the transition probability matrix thereof of satisfying the demand;
    Research and analyse the causality that influences service entities trust and prestige dynamic change under the service compute network environment; Excavate the element of service that causes this variation; And combine to trust the general knowledge that changes, design a series of fuzzy inference rules that are used for state exchange on this basis;
    The key element of the credible transition of service in the analysis of history record and the graph of a relation between the service credibility are confirmed the quantitative relation formula between these key elements, adopt least square method to estimate unknown parameter wherein; Intend the total regression method that adopts, the initial setting significance level assisting down of the SPSS of statistical software, is confirmed the coefficient and the linear correlation order of each independent variable under given significance level of regression equation, determines the weight of each comfortable credible forecast model in view of the above; The The reasoning results of comprehensive fuzzy nonhomogeneous Markov system and the result of multiple regression analysis; Weight according to each factor is different then; Adopt the mode of fuzzy reasoning and convex combination that the result is realized merging stack, so just realized the credibility prediction of practical requirement; Analysis meter is calculated the error of credible prediction and The actual running results, and adopts the method for dynamical feedback that credibility is predicted the outcome and recall correction, progressively realizes the error minimization.
  2. 2. on the authentic authentication system as claimed in claim 1 basis based on trusting theoretical credible service system; It is characterized in that; Said ID certificate comprises certificate body and expanded body; Aspect the certificate body, subjectivity and objective attribute and the relation they between of service entities in whole service execution life cycle under the Analysis Service computing environment, and it is carried out formalization stipulations and checking; And aspect expanded body, dynamically portray identification field, the security domain of service entities, service entities is by the grade classification of authority class, role's division of the service entities under the special services environment, corresponding private key and relevant parameter.
CN201210194306.6A 2012-06-13 2012-06-13 Trust-theory-based trusted service system based on trusted authentication system Expired - Fee Related CN102801524B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210194306.6A CN102801524B (en) 2012-06-13 2012-06-13 Trust-theory-based trusted service system based on trusted authentication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210194306.6A CN102801524B (en) 2012-06-13 2012-06-13 Trust-theory-based trusted service system based on trusted authentication system

Publications (2)

Publication Number Publication Date
CN102801524A true CN102801524A (en) 2012-11-28
CN102801524B CN102801524B (en) 2015-01-21

Family

ID=47200498

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210194306.6A Expired - Fee Related CN102801524B (en) 2012-06-13 2012-06-13 Trust-theory-based trusted service system based on trusted authentication system

Country Status (1)

Country Link
CN (1) CN102801524B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106161036A (en) * 2016-08-18 2016-11-23 福建联迪商用设备有限公司 The mobile station (MS) state transition method of a kind of credit and system
CN107659654A (en) * 2017-09-29 2018-02-02 清华大学 The efficient method and device of calling to account of cloudy data integrity damage based on prestige
CN108521405A (en) * 2018-03-20 2018-09-11 咪咕文化科技有限公司 A kind of risk management and control method, device and storage medium
CN111797431A (en) * 2020-07-07 2020-10-20 电子科技大学 Encrypted data anomaly detection method and system based on symmetric key system
CN114021857A (en) * 2021-12-03 2022-02-08 武汉绿色网络信息服务有限责任公司 Agent-based self-trust negotiation prediction method, system and device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101714100A (en) * 2009-11-27 2010-05-26 东南大学 Trust negotiation constructing method for internetware main body system under dynamic interaction network environment

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101714100A (en) * 2009-11-27 2010-05-26 东南大学 Trust negotiation constructing method for internetware main body system under dynamic interaction network environment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
许光全,冯志勇,李晓红,陈锦言: "基于时间顺序标码的可计算的信任评价模型", 《计算机应用》 *
陈洁,许光全: "可信软件系统中基于模糊集理论的信任推理模型研究", 《天津师范大学学报(自然科学版)》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106161036A (en) * 2016-08-18 2016-11-23 福建联迪商用设备有限公司 The mobile station (MS) state transition method of a kind of credit and system
CN106161036B (en) * 2016-08-18 2019-04-23 福建联迪商用设备有限公司 A kind of mobile station (MS) state transition method and system of credit
CN107659654A (en) * 2017-09-29 2018-02-02 清华大学 The efficient method and device of calling to account of cloudy data integrity damage based on prestige
CN107659654B (en) * 2017-09-29 2019-08-09 清华大学 The efficient method and device of calling to account of cloudy data integrity damage based on prestige
CN108521405A (en) * 2018-03-20 2018-09-11 咪咕文化科技有限公司 A kind of risk management and control method, device and storage medium
CN108521405B (en) * 2018-03-20 2020-12-11 咪咕文化科技有限公司 Risk control method and device and storage medium
CN111797431A (en) * 2020-07-07 2020-10-20 电子科技大学 Encrypted data anomaly detection method and system based on symmetric key system
CN114021857A (en) * 2021-12-03 2022-02-08 武汉绿色网络信息服务有限责任公司 Agent-based self-trust negotiation prediction method, system and device

Also Published As

Publication number Publication date
CN102801524B (en) 2015-01-21

Similar Documents

Publication Publication Date Title
Deebak et al. Privacy-preserving in smart contracts using blockchain and artificial intelligence for cyber risk measurements
Moradi et al. An earned value model with risk analysis for project management under uncertain conditions
Hsiao et al. Employing blockchain technology to strengthen security of wireless sensor networks
Azhar Security, privacy and risks within smart cities: Literature review and development of a smart city interaction framework
Liao et al. Securing collaborative environment monitoring in smart cities using blockchain enabled software-defined internet of drones
CN102801524A (en) Trust-theory-based trusted service system based on trusted authentication system
Wang et al. Integrating edge intelligence and blockchain: What, why, and how
Kaur et al. Neuro fuzzy—COCOMO II model for software cost estimation
CN115438873A (en) Power dispatching method based on block chain and deep reinforcement learning
EP3614326A1 (en) System and method for mapping a virtual building model
Gawas et al. An integrative approach for secure data sharing in vehicular edge computing using Blockchain
Yahaya et al. A secure and efficient energy trading model using blockchain for a 5G-deployed smart community
Amini et al. A fuzzy logic based risk assessment approach for evaluating and prioritizing risks in cloud computing environment
Lee et al. Energy consumption prediction system based on deep learning with edge computing
Kayikci et al. Blockchain meets machine learning: a survey
Selvarajan et al. SCBC: Smart city monitoring with blockchain using Internet of Things for and neuro fuzzy procedures.
Kedir et al. Application of System Dynamics in Construction Engineering and Management: Content Analysis and Systematic Literature Review
Embarak Explainable artificial intelligence for services exchange in smart cities
Li et al. Multi-level delegations with trust management in access control systems
Alsina et al. A neural network approach to find the cumulative failure distribution: Modeling and experimental evidence
Eisele et al. SolidWorx: A resilient and trustworthy transactive platform for smart and connected communities
CN116455550A (en) Intelligent contract-based power data security uplink method and system
Huai et al. Construction of Social Security Fund Cloud Audit Platform Based on Fuzzy Data Mining Algorithm
Krishnamoorthy et al. Integration of blockchain and artificial intelligence in smart city perspectives
Chatzidimitriou et al. Enhancing agent intelligence through evolving reservoir networks for predictions in power stock markets

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20150121

Termination date: 20210613