Pervasive Computing Environment, Trust-based Adaptive Fuzzy Access Control Model And Its Application

The development of mobile computing and distributed computing promotes and accelerates the emergence and development of ubiquitous computing pattern. In ubiquitous computing environment, computing equipments, sensor nodes and others integrate with the environment seamlessly and provide intelligent services, anywhere, anytime. Ubiquitous computing involves commercial areas, infrastructure and personal interests, and the security-related attacks probably use the loopholes such as network protocols and cryptographic algorithms to cause threats, so security research in ubiquitous computing area is vital. To ensure the security of ubiquitous computing, the information confidentiality, data integrity, availability and other security services need to be provided. In order to solve the security issues brought by the dynamic and uncertainty in ubiquitous computing environment, trust is introduced to the ubiquitous computing access control. When the entities can not be identified by the circumstances, the access control is implemented according to the entity's trust degree instead of their identity.To initialize the relationship of trust between the entities and determine the trust degree as well as the change trend of the entities, the trust evaluation model needs to be introduced to ubiquitous computing system. However, trust is fuzzy, and because of the lack of a clear logic between the intuition, experiences, method of the experts and the heuristic logic in information system, it is very difficult for the experts in this area to express their knowledge and the mutual relations clearly, so vague language is often used to describe the knowledge.In this paper, the interval-valued fuzzy set theory is introduced to describe the fuzzy language, and it accords with human natural language description better. On the basis of deep analysis and comparison to the existing trust models, after inheriting the advantages, discarding the limitations, and fully considering the characteristics of ubiquitous computing environment, the trust access control model based on interval-valued fuzzy theory (RTBAC) is proposed. In this model, the trust degree of the subject is evaluated according to the interval-valued fuzzy theory and the access control strategy is made by the corresponding trust levels of the subject.The subjects with high trust degree and reliability are classified into higher trust levels, a trust level is assigned to a role of the role sets, thus implement the assignation from subjects to roles. The main research achievements are outlined as follows:(1)According to the fuzzy and uncertainty of trust itself and the dynamic self-adaptive characteristic of ubiquitous computing, the interval-valued fuzzy theory is introduced and implement the dynamic division to the trust level and solve the problem of causing greate (2)Interval-valued fuzzy sets based trust assessment model is proposed, It is closer to each object's objective and real situation using interval to represent the attributes of each object, so that information can be saved to greater extent and the trust ambiguity between entities can be reflected. We study direct trust and initialize and update the latest trust degree and the process of calculating the trust degree is given in details.(3)Classic access control model RBAC is analyzed in this paper, and combined with the characteristics of ubiquitous computing, the interval-valued fuzzy set based trust access control model(RTBAC) is proposed. Also the definition of the elements, operating rules and the corresponding restraints of this model are given and the access control frame based on trust is established.(4)Based on the previous research, a trust based cascade service model is proposed; the trust degree is evaluated dynamically from multi-angle through direct and indirect (as a third recommended) method and find the service that meet the user's requirements from a number of optional services in cascade-service manner. It overcomes the disadvantage that the equipment in ubiquitous computing switch frequently and a single service can't meet the service request completely.