共查询到20条相似文献,搜索用时 15 毫秒
1.
基于信任模型的防火墙群安全防范体系 总被引:1,自引:0,他引:1
文章的目标是为大型计算中心和信息服务机构提供一个较为全面的局域网安全防护体系。该文结合清华大学计算中心局域网安全防范工作和作者的一些研究工作,分析了主要的网络攻击模式,从防火墙群、IDS/NIDS、基于信任模型的安全系统管理模式以及内网防护这四个方面论述如何构建安全的网络与主机环境。文中所采用的方法和技术有一定的普适性,对于IDC、大型计算中心以及那些拥有大量服务器和微机用户的单位都有借鉴意义。 相似文献
2.
普适计算的信任计算模型 总被引:4,自引:0,他引:4
信任和安全有紧密的联系,当前的安全技术都隐含地与信任相关.普适计算环境是一个开放的环境,相互合作的主体具有自发性和不可预知性.在互相不知道的主体之间进行交互,必须有足够级的信任.普适计算比传统计算更强调信任的作用.本文在分析普适计算的信任特征后给出了适合该环境的信任计算模型.证明了普适计算环境中的信任关系是偏序关系,根据信任Hasse图,我们给出了信任评估机制.最后分析表明该模型满足Lamsal的普适计算信任建模要求. 相似文献
3.
黄志艳 《电脑与微电子技术》2012,(17):3-6,24
在动态开放的系统中.由于Agent间交互存在着不确定性,安全成为一个重要问题。在现有的自动信任协商的基础上.考虑主观信任的作用.提出基于信任度评估模型的自动信任协商框架.详细介绍框架中的主要成分及其功能.着重讨论基于信任度评估模型的访问控制,以及在信任度评估模型基础上的两种协商对策:基于信任度评估模型的积极对策和基于信任度评估模型的谨慎对策。分别详细介绍采取上述两种对策的协商过程.并结合一应用实例说明基于信任度评估模型的积极对策的协商过程。 相似文献
4.
5.
6.
Problems of data security are becoming increasingly acute. This study of these basic problems has been carried out in cooperation between scientists at the Department of Electrical Engineering at Linköping Institute of Technology and FOA 3 (Försvarets Forskningsanstalt Planeringsbyrån — Research Institute of National Defense, Operations Research Center).The situation considered is an office with individual work stations having desktop computers. These communicate among themselves and share a host computer of higher capacity including special purpose input/output equipment.Among questions discussed are:
- • * problems related to the protection of data bases
- • * ease of selectively designating addressees and authorisation to access data and messages; key distribution and protection
- • * general requirements for equipment needed in such a local net environment.
7.
一种新型对等网信任模型研究 总被引:1,自引:0,他引:1
尹叶青 《数字社区&智能家居》2006,(8)
对等网提供了一种开放的、自由进行文件交换的环境,但随着网络的飞速发展,恶意文件泛滥,使得系统的稳定性和可用性受到了威胁。信任机制的建立将有助于解决这些问题。论文提出了一种基于证据理论的信任模型,来解决信任的传递与合成的不确定性问题。模型简单易行,而又有理论基础,能较好地满足文件共享网络中的信任需求。 相似文献
8.
尹叶青 《数字社区&智能家居》2006,(3):90-92
对等网提供了一种开放的、自由进行文件交换的环境,但随着网络的飞速发展,恶意文件泛滥,使得系统的稳定性和可用性受到了威胁。信任机制的建立将有助于解决这些问题。论文提出了一种基于证据理论的信任模型,来解决信任的传递与合成的不确定性问题。模型简单易行,而又有理论基础,能较好地满足文件共享网络中的信任需求。 相似文献
9.
10.
Baolin Ma Jizhou Sun Ce Yu 《通讯和计算机》2006,3(8):41-46
The security problem is a hot topic in grid research due to the dynamics and uncertainty of grid system. There are three entities defined as users, applications and resources in grid environment. In such situation, users are vulnerable to risk because of potential incomplete or distorted information provided by malicious resources, and as grid system grows tremendously in size, the possibility of users to attack the network by providing aggressive or vicious applications will increase greatly. Trust management is an effective method to maintain the credibility of the system and keep honesty of entities. This paper presents a trust model, which is used to compute and compare the trustworthiness of entities in the same autonomous and different domains. This model provides different methods to deal with the problems of users and related resources belonging to the same or different domains. Furthermore, a simulation experiment is provided to evaluate the trust model, and the simulation result shows it is effective to resolve the security problems in grid environment. 相似文献
11.
12.
?erif Bahtiyar Mehmet Ufuk Ça?layan 《Journal of Network and Computer Applications》2012,35(1):480-490
The issue of trust is a research problem in emerging open environments, such as ubiquitous networks. Such environments are highly dynamic and they contain diverse number of services and autonomous entities. Entities in open environments have different security needs from services. Trust computations related to the security systems of services necessitate information that meets needs of each entity. Obtaining such information is a challenging issue for entities. In this paper, we propose a model for extracting trust information from the security system of a service based on the needs of an entity. We formally represent security policies and security systems to extract trust information according to needs of an entity. The formal representation ensures an entity to extract trust information about a security property of a service and trust information about whole security system of the service. The proposed model is applied to Dental Clinic Patient Service as a case study with two scenarios. The scenarios are analyzed experimentally with simulations. The experimental evaluation shows that the proposed model provides trust information related to the security system of a service based on the needs of an entity and it is applicable in emerging open environments. 相似文献
13.
14.
基于XML的安全管理平台中信任管理机制的研究和实现 总被引:1,自引:0,他引:1
本文分析了当今安全管理系统暴露出的诸多问题,并且在基于XML的安全管理平台中引入了信任管理机制。在传统的信任模型中,信任主体是单一的,这不能满足提高基于XML的安全管理信任的要求。为了解决这个问题,时传统的信任模型进行了一些必要的改进。首先,双向的信任被提出来,用以解决服务嚣与客户端的相互信任问题;其次,增加了一个局域的信任库,以提高管理员的整体分析能力和基于历史声誉的信任度评估能力。 相似文献
15.
一种基于多域安全信任的访问控制模型 总被引:1,自引:0,他引:1
访问控制是一种可同时服务于用户与资源的安全机制。安全域通过使用访问控制机制为用户访问资源提供方便,同时亦对用户行为进行监视与控制。然而,由于P2P网络缺乏集中控制,现有的访问控制技术无法对P2P网络的网络节点进行控制,特别是网络中节点行为缺乏指导和约束。基于当前P2P网络访问控制中存在的不足,提出一种基于多域安全信任的访问控制模型:MDTBAC。MDTBAC模型通过扩展多级安全机制来实现访问控制,将信任算法计算所得的节点信任度作为访问级别划分标准,根据各个节点的信任度来分配相应的访问控制级别,不同的访问控制级别拥有不同的权限。 相似文献
16.
保障信息网络的安全是一项复杂的系统工程,有必要运用系统控制的观点,研究新的安全控制体系和控制模型。根据信息网络的特点和安全需求,提出了基于组件的安全控制思想和体系结构,以及基于信任域的安全控制模型,实现了信息网络安全控制系统,并对安全控制管理框架的结构,安全控制组件的类型、功能和传播方式,基于信任域的安全控制思想和实现方法进行了论述,最后对该控制系统的特点进行了归纳。 相似文献
17.
18.
Current reliable strategies for information security are all chosen using incomplete information. With standards, problems resulting from incomplete information can be reduced, since with standards, we can decrease the choices and simplify the process for reliable supply and demand decision making. This paper is to study the certification of information security management systems based on specifications promulgated by the Bureau of Standards, Metrology and Inspection (BSMI), Ministry of Economic Affairs in accordance with international standards and their related organizations. And we suggest a certification requirement concept for five different levels of “Information and Communication Security Protection System” in our country, the Republic of China, Taiwan. 相似文献
19.
Asma Adnane Christophe Bidan Rafael Timóteo de Sousa Júnior 《Computer Communications》2013,36(10-11):1159-1171
The trust is always present implicitly in the protocols based on cooperation, in particular, between the entities involved in routing operations in Ad hoc networks. Indeed, as the wireless range of such nodes is limited, the nodes mutually cooperate with their neighbors in order to extend the remote nodes and the entire network. In our work, we are interested by trust as security solution for OLSR protocol. This approach fits particularly with characteristics of ad hoc networks. Moreover, the explicit trust management allows entities to reason with and about trust, and to take decisions regarding other entities.In this paper, we detail the techniques and the contributions in trust-based security in OLSR. We present trust-based analysis of the OLSR protocol using trust specification language, and we show how trust-based reasoning can allow each node to evaluate the behavior of the other nodes. After the detection of misbehaving nodes, we propose solutions of prevention and countermeasures to resolve the situations of inconsistency, and counter the malicious nodes. We demonstrate the effectiveness of our solution taking different simulated attacks scenarios. Our approach brings few modifications and is still compatible with the bare OLSR. 相似文献
20.
在开放的数据网格中,动态反映资源可信度是一个主要安全问题。本文提出了一种新的信任模型,动态评估资源的信任值,从而提高教育资源网格的安全性和可扩展性。该模型根据实体访问资源的推荐信任值、资源的被访问频率以及资源所在域的信任度综合评估资源信任度。通过和目前流行的针对行为的信任评估模型的实验对比,本文提出的信任模型具有更低的时间复杂度,信任度的评估也更可靠。实验结果表明,该信任模型可作为一种有效的手段,不但可以为数据网格中对资源的信任决策提供支持,防止恶意资源破坏的扩散,同时还能提高资源检索的可靠度。 相似文献