In P2P Grid computing systems, the authorization decision is often tackled by two different trust management meth- ods: policy-based approach, where authorization are built on logi- cal rules and verifiable properties encoded in signed credentials, and reputation-based approach, based on collecting, aggregating and disseminating reputation among the peers. However, the overhead caused by proof of compliance on authorization and the absence of certifying authorities may negate the strong and objec- tive security advantages of policy-based approach, whilst vague- ness, complexity and inaccurate characterization caused by reputa- tion evolution may eliminate the quantitative and flexible advan- tages of reputation-based approach. We propose an adaptive trust management framework, which combines the merit of policy proof and reputation evolution such that authorization is aware of not only the strong and objective security traits, but also the cal- culability and the availability security traits. Finally, the frame- work of system is proposed.
展开▼