| ¡¡ | Chinese Journal of Computers Full Text |
| Title | Grid Dynamic Authorization Model Based on Feedback Mechanism |
| Authors | LI Ming-Chu1) YANG Bin1) ZHONG Wei1) TIAN Lin-Lin1) JIANG He1) HU Hong-Gang2) |
| Address | 1)(School of Software, Dalian University of Technology, Dalian, Liaoning 116621) 2)(Laboratory of National Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100049) |
| Year | 2009 |
| Issue | No.11(2187¡ª2199) |
| Abstract & Background | Abstract There is a problem of static status in the existing authorization systems of grids that don¡¯t provide feedback mechanism to feedback the use of permission by users. When a user or a service with creditability at the past would become unlikelihood, the authorization systems could not find this status in time to adjust the user¡¯s permission, so that it is possible for malicious users to destroy the grid systems. Thus, building feedback mechanism in authorization to adjust users¡¯ roles by their behavior dynamically is necessary to the security of grid systems. In this paper, we analyze the characteristics of the existing authorization systems and trust models in grid, and point out their shortcomings. This paper proposes a new dynamic authorization model based on feedback mechanism to solve static state of mechanisms. This model improves the authorization system for CAS, and adds trust degree computing mechanism and feedback mechanism to CAS. This paper proposes a new trust model with two layers based on behavior in the trust degree computing mechanism to distinguish important services and common services by using service weight, so it effectively protects important services in grid from the attack of malicious nodes; This paper also use a new method to account trust degrees between domains to solve the problem of dishonesty feedback. By using two-layer trust model based on behavior to get the changes of trust degrees, the feedback mechanism can adjust users¡¯ roles by users¡¯ behavior. In this paper, a series of simulation experiments are designed such as validating the characteristic of new model, controlling to malicious nodes. These experiments validate the sensitivity, astringency, validity and rationality with behavior in the two-layer trust model based on these behaviors. Keywords feedback mechanism; CAS; trust model; dynamic authorization; grid computing Background The study of authorization model is an important research area in information security, and many authors are interested in the topic, and many results have been obtained. There is a problem of static status in the existing authorization systems of grids that don¡¯t provide feedback mechanism to feedback the use of permission by users. When a user or a service with creditability at the past would become unlikelihood, the authorization systems could not find this status in time to adjust the user¡¯s permission, so that it is possible for malicious users to destroy the grid systems. Thus, building feedback mechanism in authorization to adjust users¡¯ roles by their behavior dynamically is necessary to the security of grid systems. |