【作者】 陶利民；

【导师】 黄德才；

【作者基本信息】 浙江工业大学 ， 控制理论与控制工程， 2013， 博士

【摘要】 目前,随着开放网络技术的快速发展,其网络服务模式随之也发生了重大转变,网络环境从面向封闭的、熟识用户群体、相对静态的形式转变为开放的、公共可访问的、高度动态的。开放网络环境下的网络应用越来越多,与传统网络环境相比,相应的安全需求也层出不穷,对此传统的基于注册、认证和授权的安全机制已经力所不能及。为此,迫切需要解决的问题是：对该网络环境中众多参与者的可信度进行评估,以及对其所提供的服务能力、服务水平进行判断。这就需要采用一种新的、更加灵活的安全机制,这就是基于信任的安全机制。基于信任的安全机制主要有两种类型：基于客观信任的安全机制及基于主观信任的安全机制。本文研究基于主观信任的安全机制。根据所使用数学工具的不同,可将当前主观信任模型分为两类：基于概率理论的信任模型及基于模糊集合理论的信任模型。目前大多数信任模型在研究过程中,考虑到的只是信任的主观性,使用一种基于概率的方法来计算信任,自然而然地,信任的模糊性就被忽略了。并且由于把信任的研究看作是一种静态的过程,因此导致信任的动态性被忽略了。即使有些研究者已经认识到了信任的模糊性,也展开了某些研究。但是,研究过于简单不够深入,并且模糊理论只在信任模型的某一部分研究得到应用,而没有全面展开应用。然而开放网络环境中的主观信任关系是一种不确定关系,兼具模糊性和不确定性的双重特征。因此,在进行主观信任管理时要兼顾这两种特征。而目前众多研究者提出的基于概率理论及模糊集合理论的主观信任模型并没有做到这一点。为此,本文将将新的研究不确定性的理论集对分析及云模型引入到主观信任研究中,以解决信任表达中的模糊性和不确定性难题,并提出适合开放网络环境的基于不确定性理论的信任模型。本文主要工作和研究成果如下：1.对众多研究者在信任模型研究方面的经验与不足展开了充分的分析,在此基础上,明确了开放网络环境下信任的定义,信任的分类,影响信任的具体因素,信任所具有的主要特征,信任关系建立双方的特点,分析了开放网络环境下信任模型面临的难点及所需要解决的问题。2.针对信任的表示。本文利用信任联系数来表示节点间的信任关系,能全面地反映开放网络中节点间信任的主观性,不确定性、动态性等本质特征,对今后开放网络环境中的信任问题研究做出了最基础的研究。3.针对信任的主观性特征。本文提出了基于云模型的多维信任模型,理论分析及仿真实验说明,该模型是在随机数学和模糊数学的基础上推导而来的,具有坚实的理论基础和合理的语义解释。因此,能够有效处理信任的主观性问题。4.将集对分析理论引入信任模型的研究中。提出了一种基于联系数的P2P网络抗攻击信任模型,经仿真实验分析,该模型具有较好的抗攻击性。另外,将多元联系数引入到开放网络主观信任的评估与决策中,能较好地解决信任的多语言变量的评估与决策问题。同时,通过分析及仿真实验说明,引入联系数的信任模型能够有效处理开放网络环境下主观信任的不确定性问题。5.将云模型引入到信任模型的研究中。提出了一种基于云模型的网格多维信任模型,较好地解决了网格信任的多属性描述、传递、合并、更新、评估及决策,有效地抑制和消除了开放网络中的服务欺诈行为,提高了服务的质量和可靠性,达到了提高整个系统可用性的目的。更多还原

【Abstract】 With the rapid development of open network technology, network services model along also undergone a major shift, network environment from the closed-oriented, the familiar user groups and relatively static form into open, public, height dynamic. In the open network environment emerging more and more network applications, compared to traditional network environment, security needs are endless, traditional security mechanisms based on registration, authentication and authorization is incompetent for this. To this end, there is a problem that urgent need be to address, that is, to assess the credibility of the many participants in the network environment, as well as its service capabilities, service level judge. This requires the use of a new, more flexible security mechanism, which is security mechanism based on trust. There are two main types of trust-based security mechanisms:objective trust-based security mechanisms and security mechanisms based on the subjective trust. This study is the subjective trust-based security mechanisms.According to the mathematical tools used, the current subjective trust model is divided into two categories:trust model based on probability theory and trust model based on fuzzy set theory. In the course of the study of most of the existing trust model, taking into account only the subjectivity of trust, using a probability-based method to calculate the trust, naturally, the vagueness of the trust is ignored. And because of the trust as a static process, and therefore lead to the dynamic nature of the trust is ignored. Even though some researchers have come to realize the trust vagueness also started some research. However, the study is too simple and not deep enough, and fuzzy theory has been applied only in a trust model application without full swing.However, the subjective trust relationship in the open network environment is an uncertain relationship to the dual characteristics of both ambiguity and uncertainty. Therefore, during the subjective trust management need balance between these two features. The subjective trust model based on probability theory and fuzzy set theory was put forward by many researchers did not do it. To this end, the new uncertainty analysis theory that is set pair analysis and cloud model is introduced into the study of subjective trust, in order to solve the ambiguity and uncertainty problem in the trust expression, and propose a trust model based on uncertainty theory which is suitable for open network environment.The main contributions of the work are as follows:1. The main features of experience and lack on trust model of number of researchers carried out a full analysis. On this basis, clearing definition of trust, the classification of the trust, the specific factors influence trust, the main features of trust, the characteristics of both sides of trust relationship in open network environment, analysis the difficulties faced by the trust model, and the need to address problems.2. In order to express trust, the trust contact number was use to represent the trust relationship between the nodes, can fully reflect the subjectivity, uncertainty, and dynamic etc. essential characteristics between nodes in open network, the most basic research was made for in the future trust research in open network environment.3. For subjective characteristics of trust, a multi-dimensional trust model based on cloud model was proposed. The model is derived from random mathematics and fuzzy mathematics and has a solid theoretical foundation and reasonable semantic interpretation through theoretical analysis and simulation. Therefore, we can effectively deal with the subjectivity problem of trust.4. Set pair analysis theory was introduced into the research of trust model, a P2P network anti-attack trust model based on contact numbers was proposed. By analysis of simulation experiments, the model has a good resistance to aggressive. In addition, the multivariate connection number was introduced into subjective trust evaluation and decision-making in open network, the evaluation and decision-making of multi-language variables of trust can better be solved. Meanwhile, through analysis and simulation experiments show that the trust model based on contact number can effectively deal with the uncertainty of subjective trust in the open network environment.5. The cloud model was introduced into a trust model, and a multi-dimensional grid trust model based on cloud model was proposed, can solve the grid trust multi-attribute description, transfer, merger, update, assessment and decision-making, suppress and eliminate the open network services fraud, improve the quality and reliability of the service, and achieve the purpose to improve the overall system availability.更多还原