【作者】 刘凤鸣；

【导师】 丁永生；

【作者基本信息】 东华大学 ， 控制理论与控制工程， 2008， 博士

【摘要】 P2P网络是一种动态、开放的分布式服务环境,其目标是充分利用Internet环境中各种可能的终端系统进行大规模的协作计算与资源共享。因此,由大规模自由节点匿名参与而形成的P2P服务网络,因其天生具有的系统自组织性、开放性、可扩展性等特性为P2P的发展与应用注入了无限的生机和活力。但是因为节点参与的自发性和自治性,而造成了节点之间缺乏足够的安全信任关系,产生了很多不确定因素而影响到系统安全,出现了不同程度的威胁与攻击。传统的安全技术由于依赖参与节点的正确安全操作而导致其安全机制更加不可靠,也无法解决多元化的互联网应用中匿名节点之间合作所面临的信任和激励问题。近几年,信任模型的研究为P2P网络的安全提供了理想的技术参考。信任模型通过对系统中的用户或资源进行评价来预测其未来行为,从而鼓励用户良性行为、打击用户恶意行为、辅助用户决策,已成为当前网络安全研究的热点之一。但是,信任建模和管理面临诸多挑战,如信任的合理形式化、信任在分布环境中的形成与传播、信任路径发现等等。本文基于社会网络的研究成果,辅之以博弈理论,从社会学、经济学、心理学和信息学等多学科的交叉,对信任定义进行了整体的把握理解,并针对P2P服务环境特点及其发展趋势,提出了P2P网络信任安全框架以及节点间信任关系的建立、传递、保持、验证和评估体系。(1)简要地分析了P2P服务环境特性及其所面临的安全挑战,阐述了社会网络中信任机制的研究以及信任机制在解决P2P服务环境安全问题的优势,介绍了论文研究的意义、研究内容和主要创新点,最后给出了论文的结构框架。(2)课题针对P2P网络与信任模型的研究进行了综述分析,提出了“信任计算”的研究体系。信任计算体现了信任的动态、自调整等特征,进一步明确了动态信任计算的研究思路。(3)基于社会网络的研究,结合P2P服务环境的特点及未来发展趋势,提出了基于信任计算的网络安全保障体系,并对体系模块进行了详细的功能分析与描述。(4)从生态进化的角度,基于社会网络的研究,以进化博弈理论为工具,对网络节点信任行为进行了动力学分析,提出了网络信任动力学和网络生态进化的理论思想。并进一步对信任的动力学方程进行了深入分析,运用复制动态原理分析了节点之间信任关系的演化趋势,进而揭示了信任的演化动力学规律和网络生态进化的稳定性。(5)依据信任是社会网络稳定的基础,并且人与人之间的信任关系会不断地更新和传递的原理,首先建立了节点信任的三维计算模型,给出了动态信任计算算法。基于生态网络的能量控制机制,给出了节点能量激励机制,从而可以提高网络安全和网络服务效率。(6)基于感知计算与流行病传播模型,从动力学角度分析了分布式网络信任的传播机制。从而为保障信息与网络的安全,提高网络实体之间的合作,促进分布、开放网络的无序、不合作向有序、合作进化奠定理论基础。(7)基于社会网络中人际关系的紧缩圈层模型提出了一种金字塔信任管理模型。在模型中,提出了基于小世界的节点聚类算法与金字塔形成算法,形成了类混合P2P网络拓扑结构,建立了金字塔信任管理模型。网络中具有高信任度的节点最终会成为金字塔的顶层结点,类似于“超级节点”的角色实施网络管理行为和接受节点信任委托任务,为目前的信任管理研究与应用提供了一个可参考模型。最后,总结了本文的研究工作,分析了研究中的不足,提出了下一步研究工作方向。P2P服务环境中基于社会网络的信任计算体系架构、方法、机制,进一步丰富了信任模型的研究框架及内容,为构建新型的网络安全保障体系给出了一个解决方案,所提出的信任计算安全保障体系和信任管理模型为P2P服务环境的应用安全提供了一个很好的理论研究和实际应用的模型环境,而且可以发展成为一种网络智能中间件嵌入到现有Internet网络体系结构中,从而可以保证网络的稳定性、可靠性和有效性。更多还原

【Abstract】 P2P network is a kind of dynamic,open and distributed services environment.It aims at large scale collaboration computation and resource sharing by making full use of all terminal systems in Interact.But,there some different degree of threats and attacks in interactions between peers will happen.They do not trust each other because of their characteristics of autonomy and spontaneity.The traditional technologies for security are not reliabile because they depend on the right operations of peers,and can not deal with the trust and incentive issues among cooperative anonymious peers in Interact.Recently,the trust model is becoming a hotspot of network security research.The research of trust provides the ideal technology to solve the security issues in P2P network. The trust model can forecast the behavior of peers by evaluating trustworthiness of peers or resources,and then encourage good behavior of peers and prevent bad behaviors of them. However,there are a lot of problems to be solved,such as the reasonably formalizing the trust, building and propagating the trust in distributed environment and finding the trust path,etc.In this thesis,we redefine the trust based on the social network by analyzing the researches of sociology,economics,psychology and informatics.We propose a trust framework for P2P network security and the system of evaluating,building,propagating, maintaining and validating based on the characters of P2P service environment and its development tendency.(1) We briefly overview the characteristic of P2P service environment and the security issues,and expatiate the research of trust in social network and the advantage of trust to solve the security problem in P2P network.Then,we introduce the significance,content,the main innovation and the contracture of our research.(2) We propose architecture of trust computing based on the demand of P2P service environment and the comprehensive analysis of trust models provided by some researchers. The trust computing reflects the characteristic of dynamicc and self-adjusting,Therefore,we make definitude of the research of trust computing.(3) We propose a security framework based on trust computing of P2P network.And,we detailly describe the functions of each module of the framework.(4) We make the dynamics analysis of trust by evolution game based on the evolution of ecological and social network.Then,we provide the theory of trust dynamics and ecological evolution of network.Furthermore,we deeply study the dynamics equations of trust and the evolution tendency of trust relationship among peers by replicator dynamics,and find the evolution law of the trust dynamics and the evolution stability of the network ecology.(5) We give an evaluation mechanism of dynamic trust based on the continuous updating and propagating of the trust among persons in social network.And,we propose an incentive model based on the control mechanism of energy in ecological network.With the application of those models,the network security can be enhanced and the service efficiency can be improved.(6) Based on the aware computing and the model of epidemics propagation,we analyze the propagation mechanism of trust in distributed networks by dynamics.This work is the foundation of safeguarding the network security,improving the cooperation among peers,and promoting the evolution of open network from out-of-order to order and from noncooperation to cooperation.(7) We propose a pyramidal model of trust management based on the model of Jin-Sou-Quan-Ceng in social network.First,we design the algorithms of node clustering based small world and formation of pyramid.By applying these algorithms,we get a topology which resembles the hybrid P2P.Those peers on the top of pyramid resemble the super-peer as managers of network.Therefore,this model takes advantage of centralized and entirely distributed structure of P2P topology.It is an efficient application model to apply in the network for security issues.Finally,we summarize the researches of this thesis,and propose the next work in the future.The framework,methods and models for trust computing based on the social network presented in this thesis enrich the research of trust model,and provide some novel concepts and methods for network security.The presented trust computing system not only provides a good project to apply in P2P service environment for enhancing the security,but also grows into a network middleware which can be embedded into the current Internet network architecture to promote the efficiency and quality of network services.更多还原