基于软件行为的检查点风险评估信任模型

doi:10.3969/j.issn.1001-2400.2012.01.032

Abstract

Abstract:

In the credible research on current software, risk factors are often ignored. For improving the accuracy and reasonableness of the credible research, by insetting a number of checkpoints into the software behavior tracks, we propose a trust model called (CBRA-TM) which is based on checkpoint behavioral risk assessment. This model can determine the credibility of the software behavior by using risk assessment strategies to determine a suspected risk checkpoint, accumulate multiple checkpoints which are suspected and calculate the credibility of software behavior through the reward or punishment mechanism. Simulation results show that the model can identify potential risks and calculate the credibility accurately, which verifies the validity and feasibility of the model.

Key words: trust model, software behaviors, risk evaluation, check point

CLC Number:

TP393

LIU Yuling;DU Ruizhong;FENG Jianlei;TIAN Junfeng. Trust model of software behaviors based on check point risk assessment[J].J4, 2012, 39(1): 179-184+190.

References

［1］沈昌祥, 张焕国, 王怀民, 等. 可信计算的研究与发展［J］. 中国科学, 2010, 40(2): 139-166.
Shen Changxiang, Zhang Huanguo, Wang Huaimin, et al. Research on Trusted Computing and Its Development［J］. Science China, 2010, 40(2): 139-166.
［2］ Lo D, Cheng H, Han J W. Classification of Software Behaviors for Failure Detection: a Discriminative Pattern Mining Approach［C］//Proc 2009 ACM SIGKDD Int Conf on Knowledge Discovery and Data Mining. New York: ACM, 2009: 557-566.
［3］ Wang H M, Tang Y B, Yin G, et al. Trustworthiness of Internet-Based Software［J］. Science in China-Series F: Information Sciences, 2006, 49(6): 759-773.
［4］陈火旺, 王戟, 董威. 高可信软件工程技术［J］. 电子学报, 2003, 31(12A): 1933-1938.
Chen Huowang, Wang Ji, Dong Wei. High Confidence Software Engineering Technologies［J］. Chinese Journal of Electronics, 2003, 31(12A): 1933-1938.
［5］ Lu J, Xu F, Wang Y. Trust Management Based Software Confidence Assurance in Open Environment［J］. Communications of the CCF, 2007, 3(11): 26-34.
［6］ Diakov K, Batteram J, Zandbelt H. Monitoring of Distributed Component Interactions［C/OL］. ［2011-01-15］. http://doc.utwente.nl/66764/1/8-awentenkov.pdf.
［7］ Li J. Monitoring and Characterization of Component-Based Systems with Global Causality Capture［C］//Proc of the 23rd International Conference on Distributed Computing Systems (ICDCS 2003). Washington: IEEE Computer Society, 2003: 422-433.
［8］ Mariani L, Pezze M. A Technique for Verifying Component Based Software［J］. Electronic Notes in Theoretical Computer Science, 2005(116): 17-30.
［9］ Chen F, Grigore R. Mop: an Efficient and Generic Runtime Verification Framework［C］//Proc of the 22nd Annual ACM SIGPLAN Conference on Object-Oriented Programming Systems and Applications. New York: ACM, 2007: 569-588.
［10］古亮, 郭耀, 王华. 基于TPM的运行时软件可信证据收集机制［J］. 软件学报, 2010, 21(2): 373-388.
Gu Liang, Guo Yao, Wang Hua. A Runtime Software Trustworthiness Evldence Collection Mechanism Based on TPM［J］. Journal of Software, 2010, 21(2): 373-388.
［11］ Jфsang A, St'ephane L P. Analyzing the Relationship between Risk and Trust［C/OL］.［2011-01-25］. http://eprints.ecs.soton.ac.uk/8769/1/risktrust.pdf.
［12］ Robert A O. Trust as Risk and the Foundation of Investment Value［J］. The Journal of Socio-Economic, 2008, 37(6): 2189-2200.
［13］赵冬梅, 马建峰, 王跃生. 信息系统的模糊风险评估模型［J］. 通信学报, 2007, 28(4): 51-56.
Zhao Dongmei, Ma Jianfeng, Wang Yuesheng. Model of Fuzzy Risk Assessment of the Information System［J］. Journal on Communications, 2007, 28(4): 51-56.
［14］范红, 冯登国, 吴亚非. 信息安全风险评估方法与应用［M］. 北京: 清华大学出版社, 2006.
［15］范红, 冯登国. 信息安全风险评估实施教程［M］. 北京: 清华大学出版社, 2007.
［16］ Jфsang A, Bradley D, Knapskog S J. Belief-Based Risk Analysis［C］//Proc of the 2nd Workshop on Australasian Security, Data Mining and Web Intelligence, and Software Internationalization. Australia: Australian Computer Society, 2004: 63-68.
［17］张吉军. 模糊层次分析法(FAHP)［J］. 模糊系统与数学, 2000, 14(2): 80-88.
Zhang Jijun. Fuzzy Analytical Hierarchy Process(FAHP) ［J］. Fuzzy Systems and Mathematics, 2000, 14(2): 80-88.
［18］覃志东, 熊光泽. 高可信软件可靠性和防危性测试和评价理论研究［D］. 四川: 电子科技大学, 2005.
［19］骆正清, 杨善林. 层次分析法中几种标度的比较［J］. 系统工程理论与实践, 2004(9): 51-60.
Luo Zhengqing, Yang Shanlin. Comparative Study on Several Scales in AHP［J］. Systems Engineering Therory and Practice, 2004(9): 51-60.

[1]	SUN Peng-gang1;QUAN Yi-ning1;LIU Jun-ping2. Task scheduling based on trust mechanism of the L-fuzzy set in grid computing [J]. J4, 2008, 35(1): 110-115.
[2]	WEN Hao-yu;REN Xiao-long;XU Guo-hua. A D-S evidence theory based trust model for the P2P network [J]. J4, 2005, 32(3): 400-402.

Trust model of software behaviors based on check point risk assessment

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 2

Metrics

Comments

Recommended 0