检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:文珠穆[1] 卢正鼎[1] 唐卓[1] 辜希武[1]
机构地区:[1]华中科技大学计算机科学与技术学院,武汉430074
出 处:《计算机科学》2008年第6期32-36,共5页Computer Science
基 金:国家自然科学基金项目(项目编号:60403027);湖北省自然科学基金项目(项目编号:2005ABA258);软件工程国家重点实验室开放基金项目编号:SKLSE05-07)
摘 要:P2P网络的匿名性和动态性带来了许多安全问题,传统的分布式访问控制模型以及信任管理模型并不能很好地适应对等网络环境。本文提出了一种信任管理加权限控制的双重验证方法来实现P2P网络环境中的节点协作和资源访问等安全互操作。节点用户通过本文中的轻量级身份证书,不仅可以验证其合法身份,同时也可以通过该证书中用户的相关角色信息来获取对资源的访问控制权限。而且通过证书中的信任度字段,系统可以吊销低信任度的节点的证书,能有效地遏制恶意节点的非法行为。本文重点介绍了用户信任度的计算,以及用户节点身份证书的获取以及权限验证。最后,通过相关的实验,验证了本方法在效率上要优于传统的信任管理模型。The anonymity and dynamics of the P2P network bring many security problems. The traditional access control models and trust management models can not satisfy the P2P environment commendably. This paper proposes a double validation method employing trust management and privilege control to implement the security inter-operations which includes the nodes' cooperation and accessing resources. Through the lightweight peer certificates, the peers can be validated their legal identities and also can acquire their privileges for the resources according to the role information in the lightweight certificates. Further more, the system can revoke the peers' certificates whose trust degrees are too low by the trust degree field in the certificates. The illegality of the vicious peers can be kept down availably. This paper focuses on the calculations of the trust of the peers, the acquirement and the validation of the lightweight certificates. Finally, to prove the feasibility of the proposed ideas, the examination system is implemented and their scalability and performance are evaluated.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.3
