Web 安全中的信任管理研究与进展

Vol.13,No.11©2002JournalofSoftware1000-9825/2002/13(11)2057-08Web,(,210093);(,210093)E-mail:xf@softlab.nju.edu.cn:Web;:TP393:AInternet,.Web,Web,.Web,,,(accesscontrollist,ACL),Web.ACL,.,.M.Blaze,ACLWeb[1]:(1),;(2),;(3),;(4),Web.,ACL,.,X.509,PGP,Web.R.Khare[2],:(1),;(2),,,;(3),.,,,,.Web.1996,M.BlazeInternet“(trustmanagement)”[3],,.Web.,A.Adul-Rahman,:2002-02-25;:2002-07-02:(60273034);(2001AA113110;2002AA116010);(BG2001012;BK2002203;BK2002409):(1975),,,,,,;(1960),,,,,,,,.2058JournalofSoftware2002,13(11),[4~7].,,,Web.,,.,,.1M.Blaze(securitypolicy)(securitycredential)(trustrelationship)[1].,:.“CrP”.Web,,,.,.,,.,M.Blaze(trustmanagementengine,TME),1.TME,,(r,C,P),.[3,8,9].TrustBoundaryActionrequestsResponseRequestdescriptLocalpoliciesSignedcredentialsApplicationCredentialsCompliancechereck(TME)LocalpolicydatabaseCredentialsystem,,,,,(),,,,.Fig.1Trustmanagementmodel1D.PoveyM.Blaze,A.Adul-Rahman[4~7],,(trustingintention)[10].,,.,,[11].,,.,,,,,.:Web2059.,..P.Herrmann“(trust-adaptedenforcementofsecuritypolicy)”,[12].2,.[1]:(1);(2);(3).PolicyMaker[3],KeyNote[8]REFEREE[9].2.1PolicyMakerPolicyMakerM.Blaze.PolicyMaker,,,.PolicyMaker,.(f,s),s(sourceofauthority),f.,sPOLICY.,.,s.,.PolicyMakerf,.,M.BlazeAWK,.PolicyMaker,.PolicyMaker:r.,..,.(fi,si),(i,si,Rij),.RijSi,r,.Rij,fiRij.,,r,..,M.Blaze(proofofcompliance,PoC)[13],PoC,PoC.PolicyMakerLBMAPoC.,,(negativecredential).,fO(nK).PolicyMaker,,.,,PolicyMaker.,.,.2.2KeyNoteKeyNoteM.Blaze2.PolicyMaker,KeyNote2060JournalofSoftware2002,13(11).,KeyNotePolicyMaker.,KeyNoteIpsec[14][15].,KeyNote,:KeyNote-version:1Authorizer:rsa-pkcs1-hex:“1023abcd”Licensees:dsa-hex:“986512a1”||rsa-pkcs1-hex:“19abcd02”Comment:AuthorizerdelegatesreadaccesstoeditorofthelicenseesConditions:($file==“/etc/passwd”&&$access==“read”){return“ok”}Signatures:rsa-md5-pkcs1-hex:“f00f5673”AuthorizerPolicyMakers,.Licensees,,,.Comment.Conditions,KeyNote,..KeyNote.[16].KeyNote..,ConditionLicensees.KeyNote,PolicyMaker,KeyNote,.,,.Policymaker,KeyNote,,KeyNotePoCPolicyMaker.KeyNote.KeyNote,.,KeyNote;,.2.3REFEREEREFEREEY.-H.ChuWeb.,.REFEREEPolicyMaker.REFEREE,,REFEREE,:(invoke“load-label”STATEMENT-LISTURL“”(EMBEDDED))(false-if-unknown(match((“load-label”*)(*((version“PICS-1.1”)*(service“”)*(ratings(RESTRICTs2)))))STATEMENT-LIST))STATEMENT-LIST,,.().:Web2061REFEREE,,.,REFEREE,.REFEREE,..,REFEREE.REFEREE,..3M.Blaze.,,D.Gambetta,A.Adul-Rahman,[4,11],,,,.:(1);(2)..3.1BethBeth,.Beth,,,.,.,.,.“PQ(),PQ”.Q,Q,PQ.Beth:()pzpvα−=1,PQ,pαQ.Q[0,1].“PQ,PQ”.Beth.:elseif,0,1),(npnpvnpr−=−α,PQ.np,Beth,.,.,.Beth,.ABV1,BCV2,BDV3,AC1V()12211VV−−=V.ADV31V⋅.Beth:∑==niiVnV1com1.V,V.,V,i1=com),...,(miPi,*iiP2062JournalofSoftware2002,13(11)()∏∏==−−=minjjiiiVnV11,com11..,,.Beth,.,,.3.2JøsangJøsang(evidencespace)(opinionspace),(subjectivelogic)[17~20]..(positiveevent)(negativeevent).JøsangBeta(binaryevent),pcdf,.θ,rs,pcdf()()()()().0,0,10,1112,|≥≥≤≤−++++=srsrsrsrsrθθθΓΓΓθϕ.{}udb,,=ω.:{}3]1,0[,,,1∈=++udbudb,b,d,u.Jøsangωrs:++=++=++=1111srusrsdsrrb,ωpcdf,.Jøsang,.(cojunction)(consensus)(recommendation)..()3....[18].Beth,Jøsang,.,.,,Beth..4,WebWeb.Web,.Web,:(1),Web,;(2),,,;(3),Web:Web2063,;(4),,;(5),Web,.Web,:(1),,;(2),,,Web;(3),,.,,.,,Web,..,:(1),,;(2),;(3),,.5,,.Web,Web.,Web.,.,.References:[1]Blaze,M.,Feigenbaum,J.,Ioannidis,J.,etal.Theroleoftrustmanagementindistributedsystemssecurity.In:SecureInternetProgramming:IssuesforMobileandDistributedObjects.Berlin:Springer-Verlag,1999.185~210.[2]Khare,R.,Rifkin,A.TrustmanagementonWorldWideWeb.WorldWideWebJournal,1997,2(3):77~112.[3]Blaze,M.,Feigenbaum,J.,Lacy,J.Decentralizedtrustmanagement.In:Dale,J.,Dinolt,G.,eds.Proceedingsofthe17thSymposiumonSecurityandPrivacy.Oakland,CA:IEEEComputerSocietyPress,1996.164~173.[4]Abdul-Rahman,A.,Hailes,S.Adistributedtrustmodel.In:Proceedingsofthe1997NewSecurityParadigmsWorkshop.Cumbria,UK:ACMPress,1998.48~60.~kuhlen/VERT01/abdul-rahman-trust-model1997.pdf.[5]Abdul-Rahman,A.,Hailes,S.Usingrecommendationsformanagingtrustindistributedsystems.In:ProceedingsoftheIEEEMalaysiaInternationalConferenceonCommunication’97(MICC’97).KualaLumpur:IEEEPress,1997.[6]Yahalom,R.,Klein,B.,Beth,T.Trustrelationshipsinsecuresystems——adistributedauthenticationperspective.In:Proceedingsofthe1993IEEESymposiumonResearchinSecurityandPrivacy.IEEEPress,1993.50~164.[7]Beth,T.,Borcherding,M.,Klein,B.Valuationoftrustinopennetwork.In:Gollmann,D.,ed.ProceedingsoftheEuropeanSymposiumonResearchinSecurity(ESORICS).Brighton:Springer-Verlag,1994.3~18.[8]Blaze,M.,Feigenbaum,J.,Keromytis,A.D.Keynote:trustmanagementforpublic-keyinfrastructures.In:Christianson,B.,Crispo,B.,William,S.,etal.,eds.Cambridge1998SecurityProtocolsInternationalWorkshop.Berlin:Springer-Verglag,1999.59~63.2064JournalofSoftware2002,13(11)[9]Chu,Y.-H.,Feigenbaum,J.,LaMacchia,B.,etal.REFEREE:trustmanagementforWebapplications.WorldWideWebJournal,1997,2(2):127~139.[10]Povey,D.Dev