一种基于主观逻辑的动态信任关系评估方法  被引量：1

作　　者：施光源[1] 刘毅[1,2] 

机构地区：[1]北京工业大学北京市可信计算重点实验室,北京100124 [2]海军计算技术研究所,北京100841

出　　处：《计算机应用与软件》2011年第11期161-166,共6页Computer Applications and Software

基　　金：国家高技术研究发展计划(2006AA01 Z440;2009AA012437);国家重点基础研究发展计划(2007CB311100);中国博士后科学基金(20100480173)

摘　　要：现有的复杂网络计算环境中安全问题日益严峻。如何在不同实体间建立信任关系是建立可信计算环境的关键所在。利用可信证明技术能够为信任关系的建立和维护提供证据,但是,现有的可信证明方法存在证据获取不够及时的问题,并且依据证明方法建立信任关系的理论研究不足,针对这些问题提出一种基于主观逻辑的动态信任关系评估方法。首先,建立基于行为证明的信任关系评估模型;然后利用确定下推自动机DPDA(Deterministic Push Down Automata)描述程序的预期行为,通过虚拟机内省技术动态验证程序的实际行为是否与预期行为保持一致,从而判断程序的可信性;最后,根据证明结果进行信任关系评估。通过实验表明该方法能够动态验证程序的行为,使得信任评估更加准确。In the present complex network computing environment, the security question is increasingly severe. How to establish a trust relationship among different entities is the key to building a trusted computing environment. The use of trustworthiness attestation technology can provide evidence to build and maintain trust relationships; however, there are such problems in existing trustworhiness attestation methods as being unable to acquire evidences timely and so forth, whereas there still lacks theoretical researches on establishing trust relationships according to attestation methods. To solve these problems, the article proposes a subject logic based on dynamic trust relationship assessment method. First of all, it establishes a behavior attestation based trust relationship assessment model; then it uses DPDA （ Deterministic Push Down Automata） to describe the expected behavior of a program and dynamically verifies, through virtual machine introspection technique, whether the program＇s actual behavior complies with the expected behavior in order to judge the credibility of the program; finally, according to verification results it carries out trust relationship assessment. Through experiments it is shown that the method Can dynamically verify program behavior so that the trust assessment tends to be more exact.

关 键 词：可信计算 可信证明 信任评估 安全 

分 类 号：TP301[自动化与计算机技术—计算机系统结构]