In order to study the trust attack problem in complicated trust environment, the object-oriented trust attack graph model is put forward. In the model, the rule take, grant and pervade are used to describe trust level escalating, trust relation transiting, pervading and spreading resulting from utilization of vulnerabilities existing in attributes of trust entity objects, therefore a longer attack reachable distance can be reached. The model carries the attack complexity and harmfulness index which are used to determine the attack threat index, the vulnerability utilizing rules and trust relation embezzling rules are used to establish the trust relation transitive closure generating algorithm with polynomial time complexity, based on which a trust risk propagating algorithm is established. Through an experiment based on modeling real vulnerabilities for a system, the model is proofed to be correct.%针对信任环境系统中存在的信任攻击问题,设计基于面向对象的信任攻击图模型.利用Take规则、Grant规则和Pervade规则,描述信任主体对象属性弱点导致的信任级别的提升、信任关系的传递、渗透与扩散问题,使攻击可达距离更大.根据弱点利用规则和信任关系盗用规则,提出多项式时间复杂度信任关系传递闭包生成算法及基于信任关系传递闭包的信任风险传播算法.实验结果证明了该模型的正确性.
展开▼
