摘要
信任协商是一种通过逐步暴露数字证书而在陌生人之间建立信任关系的方法。当一个用户在访问资源被拒绝时,系统提供适当的信息反馈可以提高系统的可用性,尤其对于访问控制策略依赖于上下文相关信息的系统。然而,不加选择地提供反馈可能会泄露一些有价值的商业信息或个人隐私。本文通过分析访问控制中存在的问题,将Bayesian条件概率测量方法引入到信任协商中,提出了一种基于Bayesian概率的信任协商模型。该模型通过实时概率计算来给予反馈信息,以提高访问成功的几率。该方法既保护了系统的敏感信息,又提高了系统的可用性。
Trust negotiation (TN) is an approach to establishing trust between strangers through iterative disclosure of digital credentials. Providing relevant feedback enhances system usability when a user is denied access to a resource during a trust negotiation process, especially in systems where permissions change in unpredictable ways due to contextual informa- tion. However, providing feedback unconditionally may leak valuable business information or jeopardize individuals ' privacy. Based on the analysis of the existing problems in access control, this paper introduces the Bayesian probability measurement method to trust negotiation, and presents a Bayesian--based trust negotiation model (BBTN). The mechanism provides feedback information by computing the probability to enhance the probability of successful access. The method not only protects the system's sensitive information, but also enhances the system usability.
出处
《计算机工程与科学》
CSCD
2007年第10期105-107,共3页
Computer Engineering & Science
