基于信任模型的防火墙群安全防范体系

文章的目标是为大型计算中心和信息服务机构提供一个较为全面的局域网安全防护体系。该文结合清华大学计算中心局域网安全防范工作和作者的一些研究工作,分析了主要的网络攻击模式,从防火墙群、IDS/NIDS、基于信任模型的安全系统管理模式以及内网防护这四个方面论述如何构建安全的网络与主机环境。文中所采用的方法和技术有一定的普适性,对于IDC、大型计算中心以及那些拥有大量服务器和微机用户的单位都有借鉴意义。     

普适计算的信任计算模型

信任和安全有紧密的联系,当前的安全技术都隐含地与信任相关.普适计算环境是一个开放的环境,相互合作的主体具有自发性和不可预知性.在互相不知道的主体之间进行交互,必须有足够级的信任.普适计算比传统计算更强调信任的作用.本文在分析普适计算的信任特征后给出了适合该环境的信任计算模型.证明了普适计算环境中的信任关系是偏序关系,根据信任Hasse图,我们给出了信任评估机制.最后分析表明该模型满足Lamsal的普适计算信任建模要求.     

多Agent系统中基于信任度评估模型的自动信任协商

在动态开放的系统中．由于Agent间交互存在着不确定性,安全成为一个重要问题。在现有的自动信任协商的基础上．考虑主观信任的作用．提出基于信任度评估模型的自动信任协商框架．详细介绍框架中的主要成分及其功能．着重讨论基于信任度评估模型的访问控制,以及在信任度评估模型基础上的两种协商对策：基于信任度评估模型的积极对策和基于信任度评估模型的谨慎对策。分别详细介绍采取上述两种对策的协商过程．并结合一应用实例说明基于信任度评估模型的积极对策的协商过程。     

VaR法在信息安全风险评估中的应用探讨

目前风险分析方法以定性分析为主。但是定性分析方法有很大的局限性:首先,定性的分析方法不是用数学或统计的工具将风险模型化,因此一次风险评估的成败与执行者的经验有很大的关系。其次,由于没有对影响大小给出具体的定量度量,因此使得对控制措施进行成本效益分析变得很困难。但是很多时候,做这种分析往往是必要的。本文讨论风险的定量测量VaR法在信息安全风险评估中的应用。     

基于推荐的网格计算的信任模型

明确给出了网格环境下信任的定义,详细分析了信任属性。根据网格的特点,提出了以域为单位的两层信任模型,包括域间信任关系和域内信任关系,着重介绍了域间信任的计算模型。在信任计算模型中,信任评估采用基于贝叶斯评估方法;对信任的推荐采用基于PageRank技术的全局推荐信任计算。最后给出了应用中综合评估信任度的策略。     

On security measures in distributed computer systems

Problems of data security are becoming increasingly acute. This study of these basic problems has been carried out in cooperation between scientists at the Department of Electrical Engineering at Linköping Institute of Technology and FOA 3 (Försvarets Forskningsanstalt Planeringsbyrån — Research Institute of National Defense, Operations Research Center).The situation considered is an office with individual work stations having desktop computers. These communicate among themselves and share a host computer of higher capacity including special purpose input/output equipment.Among questions discussed are:

• * problems related to the protection of data bases

• * ease of selectively designating addressees and authorisation to access data and messages; key distribution and protection

• * general requirements for equipment needed in such a local net environment.

No attempt has been made to predict when such distributed office computer systems will become commonly available in full scale. It does, however, seem clear that they are at least technically feasible already.     

一种新型对等网信任模型研究

对等网提供了一种开放的、自由进行文件交换的环境,但随着网络的飞速发展,恶意文件泛滥,使得系统的稳定性和可用性受到了威胁。信任机制的建立将有助于解决这些问题。论文提出了一种基于证据理论的信任模型,来解决信任的传递与合成的不确定性问题。模型简单易行,而又有理论基础,能较好地满足文件共享网络中的信任需求。     

一种新型对等网信任模型研究

对等网提供了一种开放的、自由进行文件交换的环境，但随着网络的飞速发展，恶意文件泛滥，使得系统的稳定性和可用性受到了威胁。信任机制的建立将有助于解决这些问题。论文提出了一种基于证据理论的信任模型，来解决信任的传递与合成的不确定性问题。模型简单易行，而又有理论基础，能较好地满足文件共享网络中的信任需求。     

基于网格系统的信任量化研究

安全性是网格计算系统研究的主要热点之一,在资源管理中结合信任机制能够有效地提高网格实体交互的可靠性。考虑到信任的不确定性,主要研究如何对信任概念进行量化,提出了一种基于网格系统的全局信任量化计算引擎,对其计算方法进行了重点讲述。通过实验与现有的信任计算引擎进行了比较,结果表明了该计算引擎的性能优势。     

Reputation-based Trust Model in Grid Security System

The security problem is a hot topic in grid research due to the dynamics and uncertainty of grid system. There are three entities defined as users, applications and resources in grid environment. In such situation, users are vulnerable to risk because of potential incomplete or distorted information provided by malicious resources, and as grid system grows tremendously in size, the possibility of users to attack the network by providing aggressive or vicious applications will increase greatly. Trust management is an effective method to maintain the credibility of the system and keep honesty of entities. This paper presents a trust model, which is used to compute and compare the trustworthiness of entities in the same autonomous and different domains. This model provides different methods to deal with the problems of users and related resources belonging to the same or different domains. Furthermore, a simulation experiment is provided to evaluate the trust model, and the simulation result shows it is effective to resolve the security problems in grid environment.     

基于行为的网格虚拟组织安全信任模型研究

与传统的安全授权机制相比,信任管理是一种更具表达力,更直接、高效、完善的分布式授权方式,可以适应网格及其应用发展的安全需要。该文研究了信任管理系统中的关键部分――信任模型,对基于行为的网格信任模型,即基本网格行为信任模型和信任中介者模型进行了研究剖析,分析了其优点和不足,并对网格信任模型的未来进行了展望。     

基于XML的安全管理平台中信任管理机制的研究和实现

本文分析了当今安全管理系统暴露出的诸多问题,并且在基于XML的安全管理平台中引入了信任管理机制。在传统的信任模型中,信任主体是单一的,这不能满足提高基于XML的安全管理信任的要求。为了解决这个问题,时传统的信任模型进行了一些必要的改进。首先,双向的信任被提出来,用以解决服务嚣与客户端的相互信任问题;其次,增加了一个局域的信任库,以提高管理员的整体分析能力和基于历史声誉的信任度评估能力。     

基于多木桶模型的信息安全量化评估方案*

信息安全量化评估由于涉及因素较多, 其算法方案设计一直比较困难. 木桶理论是信息安全的重要原则, 但在目前的信息安全评估方案中都未有实现.本文首先提出基于木桶模型的信息安全评估方案, 再考虑现实安全系统的逻辑结构对信息评估方案设计影响, 进一步提出了基于多木桶模型的信息评估方案, 经实例验证,所获得的评估方案更符合现实情况、能更准确地反映安全水平.     

Extracting trust information from security system of a service

The issue of trust is a research problem in emerging open environments, such as ubiquitous networks. Such environments are highly dynamic and they contain diverse number of services and autonomous entities. Entities in open environments have different security needs from services. Trust computations related to the security systems of services necessitate information that meets needs of each entity. Obtaining such information is a challenging issue for entities. In this paper, we propose a model for extracting trust information from the security system of a service based on the needs of an entity. We formally represent security policies and security systems to extract trust information according to needs of an entity. The formal representation ensures an entity to extract trust information about a security property of a service and trust information about whole security system of the service. The proposed model is applied to Dental Clinic Patient Service as a case study with two scenarios. The scenarios are analyzed experimentally with simulations. The experimental evaluation shows that the proposed model provides trust information related to the security system of a service based on the needs of an entity and it is applicable in emerging open environments.     

一种基于多域安全信任的访问控制模型

访问控制是一种可同时服务于用户与资源的安全机制。安全域通过使用访问控制机制为用户访问资源提供方便,同时亦对用户行为进行监视与控制。然而,由于P2P网络缺乏集中控制,现有的访问控制技术无法对P2P网络的网络节点进行控制,特别是网络中节点行为缺乏指导和约束。基于当前P2P网络访问控制中存在的不足,提出一种基于多域安全信任的访问控制模型：MDTBAC。MDTBAC模型通过扩展多级安全机制来实现访问控制,将信任算法计算所得的节点信任度作为访问级别划分标准,根据各个节点的信任度来分配相应的访问控制级别,不同的访问控制级别拥有不同的权限。     

基于组件及信任域的信息网络安全控制

保障信息网络的安全是一项复杂的系统工程,有必要运用系统控制的观点,研究新的安全控制体系和控制模型。根据信息网络的特点和安全需求,提出了基于组件的安全控制思想和体系结构,以及基于信任域的安全控制模型,实现了信息网络安全控制系统,并对安全控制管理框架的结构,安全控制组件的类型、功能和传播方式,基于信任域的安全控制思想和实现方法进行了论述,最后对该控制系统的特点进行了归纳。     

一种P2P信任管理安全性协议

通常是通过建立相应的信任管理机制来遏制P2P网络中的节点的自私与欺作行为,但对信任管理机制本身存在的安全性问题关注则很少,使信任管理系统无法有效应付针对信任信息管理机制的安全攻击。针对这一问题,提出了确保信任管理安全性的安全协议(简称为SPRI)。分析及仿真实验表明,SPRI可以有效地遏制针对信任管理中的身份伪造及信息篡改的攻击,并且效率高,普适性强。     

Paper: a study on the certification of the information security management systems

Current reliable strategies for information security are all chosen using incomplete information. With standards, problems resulting from incomplete information can be reduced, since with standards, we can decrease the choices and simplify the process for reliable supply and demand decision making. This paper is to study the certification of information security management systems based on specifications promulgated by the Bureau of Standards, Metrology and Inspection (BSMI), Ministry of Economic Affairs in accordance with international standards and their related organizations. And we suggest a certification requirement concept for five different levels of “Information and Communication Security Protection System” in our country, the Republic of China, Taiwan.     

Trust-based security for the OLSR routing protocol

The trust is always present implicitly in the protocols based on cooperation, in particular, between the entities involved in routing operations in Ad hoc networks. Indeed, as the wireless range of such nodes is limited, the nodes mutually cooperate with their neighbors in order to extend the remote nodes and the entire network. In our work, we are interested by trust as security solution for OLSR protocol. This approach fits particularly with characteristics of ad hoc networks. Moreover, the explicit trust management allows entities to reason with and about trust, and to take decisions regarding other entities.In this paper, we detail the techniques and the contributions in trust-based security in OLSR. We present trust-based analysis of the OLSR protocol using trust specification language, and we show how trust-based reasoning can allow each node to evaluate the behavior of the other nodes. After the detection of misbehaving nodes, we propose solutions of prevention and countermeasures to resolve the situations of inconsistency, and counter the malicious nodes. We demonstrate the effectiveness of our solution taking different simulated attacks scenarios. Our approach brings few modifications and is still compatible with the bare OLSR.     

教育资源网格中的一种信任评估模型

在开放的数据网格中,动态反映资源可信度是一个主要安全问题。本文提出了一种新的信任模型,动态评估资源的信任值,从而提高教育资源网格的安全性和可扩展性。该模型根据实体访问资源的推荐信任值、资源的被访问频率以及资源所在域的信任度综合评估资源信任度。通过和目前流行的针对行为的信任评估模型的实验对比,本文提出的信任模型具有更低的时间复杂度,信任度的评估也更可靠。实验结果表明,该信任模型可作为一种有效的手段,不但可以为数据网格中对资源的信任决策提供支持,防止恶意资源破坏的扩散,同时还能提高资源检索的可靠度。