北京航空航天大学学报 ›› 2006, Vol. 32 ›› Issue (03): 347-351.

• 论文 • 上一篇    下一篇

网格计算环境中的安全信任协商系统

张荣清, 李建欣, 怀进鹏   

  1. 北京航空航天大学 计算机学院, 北京 100083
  • 收稿日期:2005-06-24 出版日期:2006-03-31 发布日期:2010-09-20
  • 作者简介:张荣清(1978-),女,吉林辽源人,硕士生,zrq88888@sina.com.
  • 基金资助:

    国家自然科学基金资助项目(90412011)

Secure trust negotiation system for grid computing

Zhang Rongqing, Li Jianxin, Huai Jinpeng   

  1. School of Computer Science and Technology, Beijing University of Aeronautics and Astronautics, Beijing 100083, China
  • Received:2005-06-24 Online:2006-03-31 Published:2010-09-20

摘要: 网格技术促进了广域网络环境下的资源共享和协同工作.然而,在网格环境中,服务的提供方和请求方往往位于不同的安全域,如何为位于不同安全区域的陌生主体间动态地建立信任关系成为一项应用难题.基于信任管理基础设施,通过协作主体间信任证、访问控制策略的交互披露逐渐为各方建立信任关系,设计并实现了一个保护协商方隐私信息的安全信任协商系统.该系统采用一种基于属性的委托授权信任证、访问控制策略及一致性验证算法,实现策略的动态调整,从而生成满足访问控制策略的所有最小可满足信任证集,能够使理论上存在的信任关系得以自动建立.通过在CROWN平台中的应用,显示该系统能够满足网格应用中信任自动建立和敏感信息保护的需求.

Abstract: Grid technology promotes resource sharing and collaboration over wide area network. However, service providers and requestors are always located in different secure domains in grid environment. How to establish trust between strangers without prior relationship has become a pressing problem. A system named secure trust negotiation system was designed and implemented, which depends on the trust management infrastructure, establishes trust between strangers with iterative disclosure of credentials and access control policies and can protect participants’ private information. A sort of attributed-based authorization credential and access control policy was adopted. A novel algorithm for compliance checker of credentials and access policies was carefully designed, which can be used togenerate all the minimal satisfied sets of credentials, so that the trust relationship exsited in theory can be established automatically. During the process of trust negotiation using this system, secure transmission of credentials disclosed was ensured by other subsystems of CROWN. Through the application in CROWN grid, it shows contributions to the automated trust establishment and privacy protection.

中图分类号: 


版权所有 © 《北京航空航天大学学报》编辑部
通讯地址:北京市海淀区学院路37号 北京航空航天大学学报编辑部 邮编:100191 E-mail:jbuaa@buaa.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发