【作者】 司冠南；

【导师】 许静；

【作者基本信息】 南开大学 ， 计算机应用技术， 2012， 博士

【摘要】 存在于互联网各个节点上的主体化软件服务，通过多种机制进行协同、整合而形成的软件形态通称为网构软件。网构软件为有效进行异构资源整合、充分利用互联网上大量的软件服务提供了有效手段。但随着对网构软件功能需求的不断增加，系统的结构、体系变得日趋复杂，同时由于软件的运行环境从传统的“封闭、静态、可控”环境转变到了“开放、动态、难控”的互联网环境，对可信性保证的要求变得日益突出。但目前网构软件可信性保证技术在信任关系的约束机制、推荐信息的准确性、信任衰减参数的合理性、信任演化模型的系统化、可信性评估方法的切实性等方面还存在着不足。针对上述不足，本文在网构软件可信性保证关键技术方面进行了研究，具体研究内容与创新点包括：（1）在实体个体层面，研究网构软件的可信实体模型。提出了具有自省性、自明性、自主性特点的网构软件强可信智能实体模型。定义了实体可信情况形式化描述语言（EDSADL），使实体能够通过自省机制实时监控与保障自身的可信性水平，并向外界公布以供验证。设计了业务功能模块与可信性保障模块分离的系统结构，保证了实体在向外界公开可信保障机制的同时对自身业务细节的保密性。设计了“环境感知——策略调度——行为触发”的机制，使实体具有感知环境刺激而自主演化的能力，保证了实体在外界环境可信性发生变化时能够做出适时地响应。（2）在实体间协同的层面，研究网构软件实体间的信任约束机制。引入契约式设计思想，从服务使用者和提供者的角度出发，采用“承诺—评估”机制明确双方的权利和义务，为实体交互过程中的双边规范定义了从低层接口语义到高层可信性情况的约束。定义了信任契约中前置条件、后置条件和不变式3要素的描述方法，保证了服务使用者、提供者以及服务交互关系的可信性。为实体协同、合作和竞争提供了有力的评估依据。（3）对于信任传递参数，研究实体间信任传递衰减参数的计算方法。综合主观信任与客观评估的优点，提出了基于评估的信任衰减过程。在对实体环境进行可信性评估的基础上，通过逐级计算、信息合并来综合多个推荐者实体的推荐信息，使用对实体间传输可信性的评估结果来修正推荐信息，计算得到信任传递过程中的衰减参数。该方法充分考虑了外部环境、实体自身条件等情况对主观信任值的影响，使信任传递过程中信任衰减参数的计算更加客观、准确。（4）在系统层面，研究网构软件可信性演化模型。提出了一种对网构软件体系结构进行形式化的建模方法，建立了系统结构模型，并据此提出了基于分层Petri网的网构软件可信性演化模型。通过上层Petri网对实体之间的各种基本协同关系进行了建模，以此形成系统整体组成结构的描述，反映了实体间的信任关系的演化；通过下层Petri网对实体内部的契约协商策略进行了建模，设计了基于信任等级带有路径引导的信任契约协商方法。从系统整体的角度建立起动静结合、层次分明、描述统一的网构软件可信性演化模型。（5）在系统测试与可信性评估层面，研究网构软件系统可信性评估模型。提出了符合网构软件异构性、结构化、动态化特征的可信性评估方法。定义了基于贝叶斯网络的网构软件可信性评估体系，通过树形结构整合了传统的静态指标以及适用于网构软件的动态指标。提出了基于结构模式的可信性评估指标及其计算方法，在描述各实体之间结构关系、语义关系的基础上，涵盖了对网构软件系统整体及其组成实体可信性的评估。建立起不但能对系统进行评估，还能为用户选择最优化实体提供帮助的可信性评估模型。更多还原

【Abstract】 Active and autonomic software services which are distributed on the nodes of Internetcan collaborate with each other in various manners. It forms a new software paradigmcalled Internetware. Internetware provides an effective means for integration ofheterogeneous resources, and helps people to make full use of the large number ofsoftware services on Internet. And system architecture of Internetware becomesincreasingly complex with the increasing of functional requirements. Therequirements of ensuring trustworthiness have become increasingly prominentbecause that the running environment of Internetware transfers from the traditional"closed, static, controllable" environment to "open, dynamic and decentralized"Internet environment. However, there exist some shortcomings in currentInternetware trustworthiness assurance techniques, such as, the constraint mechanismof trust relationship, accurate recommendation trust information, rational trustinformation attenuation parameters, systematic for trust evolution model, propertrustworthiness assessment, etc. To address the above issues, the thesis has studiedtrustworthiness assurance techniques of Internetware. The main contributions andinnovations are as follows:(1) In aspect of individual entities, the thesis studies trustworthy entity model ofInternetware. A strong trustworthy intelligent Internetware entity model which isintrospective, self-evident and autonomous is proposed. Formal entity dependabilitydescription Language (EDSADL) is defined, so that entities can protect their owntrustworthiness level through introspection mechanism and send announcements forverification. System structure of separating business function modules andtrustworthiness protection module is designed, which ensures the confidentiality ofthe entities’ own business details while giving publicity to their trustworthinessprotection mechanisms to the outside world.“Context-aware--strategy scheduling--behavior trigger "mechanism is designed, so that entities have the ability to perceivestimulation of environment and evolve autonomously. The mechanism ensures that entities can response properly at the time of external environment trustworthinesschanging.(2) In aspect of collaboration among entities, the thesis studies constraint mechanismof trust among Internetware entities. Design by contract ideas are introduced to clearthe rights and obligations of both collaboration sides by “commitment–assessment”mechanism starting from the perspective of service users and providers. It definesconstraints for bilateral specification of collaboration among entities from low-levelinterface semantics to high-level trustworthiness. Description methods ofpre-condition, post-condition and invariant of a trust contract is defined, which ensuretrustworthiness of service users, providers and service interactions. It provides astrong assessment basis for collaboration, cooperation and competition of entities.(3) In aspect of trust transfer parameter, the thesis studies calculation of trust transferattenuation parameters among entities. Process of trust attenuation based onassessment is proposed by integrating advantages of subjective trust and objectiveassessment. Recommendation trust information from entities is integrated throughstep by step calculations and information merging on the basis of trustworthinessassessment of entity environment. Trust transfer attenuation parameter is calculatedby amending the integrated recommendation trust information by use of assessmentsresults of the inter-entity transfer trustworthiness. The method gives full considerationto the impact of external environment and entities conditions to subjective trust value,which makes calculation of trust transfer attenuation parameters among entities moreobjective and accurate.(4) In aspect of the whole system, the thesis studies Internetware trustworthinessevolution model. A formal Internetware architecture modeling method is proposed.An Internetware system structure model is established by structure analysis. AnInternetware trustworthiness evolution model based on hierarchical Petri nets ispresented according to the Internetware system structure model. All kinds of basiccollaboration relationships among entities are modeled in the upper Petri net, whichcomposites the description of the overall system structure and reflects the evolution oftrust relationship among entities. Contract negotiation strategy within entities is modeled in the underlying Petri net. Trust contract negotiation with path guiding isdesigned based on trust level. So that, an Internetware trustworthiness evolutionmodel is established from the perspective of the overall system with combining staticand dynamic, clear structure, and unified description.(5) In aspect of system test and trustworthiness evaluation, the thesis studiesInternetware trustworthiness evaluation model. A trustworthiness evaluation methodwhich suite heterogeneous, structural, dynamic Internetware is proposed. AnInternetware trustworthiness evaluation system is defined, which integrates traditionalstatic metrics and dynamic metrics for Internetware by tree structure. Trustworthinessassessment metrics and its calculation method based on the structural model isproposed, which covers assessment for trustworthiness of Internetware system and itsentities according to description of structual relationship and semantic relationshipamong entities. The model not only is able to evaluate the whole system, but alsohelps users to select optimal entities.更多还原