Please wait a minute...
J4  2010, Vol. 44 Issue (12): 2241-2250    DOI: 10.3785/j.issn.1008-973X.2010.12.003
陈珂, 胡天磊, 陈刚
浙江大学 计算机科学与技术学院,浙江 杭州 310027
Fast trust chain search in role-based credential overlay network
CHEN Ke, HU Tian-lei, CHEN Gang
College of Computer Science and Technology, Zhejiang University, Hangzhou 310027, China
 全文: PDF  HTML



Current research on trust chain discovery is based on the assumption that the credentials were stored centrally. Aiming at this limitation, a role-based credential overlay network (RBCON) was proposed. Every peer of RBCON can store rolebased credentials, by which trust chains can be established between each pair of peers based on role-based distributed Hash table. RBCON also introduces novel algorithms for RBCON generation, stabilization, trust chain search and present new distributed data structure for storing role-based credential keys. RBCON adapts efficiently as peers join and leave the system, and can execute trust chain search even if the system is continuously changing. The simulation results highlight the correctness and efficiency of this solution, especially the communication cost and the state maintained by each node scale logarithmically with the number of RBCON peers. The solution is very easy to implement and popularize.

出版日期: 2010-12-01
:  TP 309.2  


通讯作者: 胡天磊,男,副教授.     E-mail:
作者简介: 陈珂(1977—),女,河南郑州人,助理研究员,从事数据库、嵌入式软件和数据安全等的研究
E-mail Alert


陈珂, 胡天磊, 陈刚. 基于角色的信任证覆盖网络中高效信任链搜索[J]. J4, 2010, 44(12): 2241-2250.

CHEN Ke, HU Tian-lei, CHEN Gang. Fast trust chain search in role-based credential overlay network. J4, 2010, 44(12): 2241-2250.


[1] BLAZE M, FEIGENBAUM J, STRAUSS M. Compliancechecking in the policymaker trust management system [J]. Lecture Notes in Computer Science, 1998, 1465: 254-274.
[2] 徐锋,吕建. Web安全中的信任管理研究与进展 [J]. 软件学报, 2002, 13(11): 2057-2064.
XU Feng, LV Jian. Research and development of trust management in Web security [J]. Journal of Software, 2002, 13(11): 2057-2064.
[3] CLARKE D, ELIEN J E, ELLISON C, et al. Certificate chain discovery in SPKI/SDSI [J]. Journal of Computer Security, 2001, 9(4): 285-322.
[4] MAO Ziqing, LI Ning, WINSBOROUGH W H. Distributed credential chain discovery in trust management with parameterized roles and constraints [J]. Information and Communications Security, 2006, 4307: 159-173.
[5] NIKANDER P, VILJANEN L. Storing and retrieving Internet certificates [C]∥ Proceedings of the 3rd Nordic Workshop on Secure IT Systems. Trondheim, Norway: Elsevier, 1998: 1-13.
[6] STOICA I, MORRIS R, KARGER D, et al. Chord: a scalable peertopeer lookup protocol for Internet applications [C]∥ Proceedings of the 2001 ACM SIGCOMM Conference. San Deigo, CA: ACM, 2001: 149-160.
[7] LI Ning, WINSBOROUGH W H, MITCHELL J C. Distributed credential chain discovery in trust management [J]. Journal of Computer Security, 2003, 11(1): 35-86.
[8] AJMANI S, CLARKE D E, MOH C H, et al. Conchord: cooperative SDSI certificate storage and name resolution [C]∥ PeertoPeer Systems: 1st International Workshop. Ithaca, NY, USA: SpringerVerlag, 2002: 141-154.
[9] KARGER D, LEHMAN E, LEIGHTON F, et al. Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the world wide Web [C]∥ Proceedings of the 29th Annual ACM Symposium on Theory of Computing. Texas, United States: ACM, 1997: 654-663.
[10] CHEN Ke, HWANG K, CHEN Gang. Heuristic discovery of rolebased trust chains in peertopeer networks [J]. IEEE Transactions on Parallel and Distributed Systems, 2009, 20(1): 83-96.
[11] STEPHANOS A, DIOMIDIS S. A survey of peertopeer content distribution technologies[J]. ACM Computing Surveys, 2004, 36(4): 335-371.
[12] 罗杰文. Peer to peer综述[EB/OL]. [20051103].http:∥

[1] 马晨华, 王进, 裘炅, 陆国栋. 基于情景约束的工作流柔性访问控制模型[J]. J4, 2010, 44(12): 2297-2308.
[2] 余利华, 陈刚, 王伟, 陈柯, 董金祥. 一种基于容器的自组织存储模型[J]. J4, 2010, 44(5): 915-922.
[3] 江颉, 张杰, 陈德人. 基于推理的上下文感知RBAC模型设计和实现[J]. J4, 2009, 43(09): 1609-1614.
[4] 陈珂, 邵峰, 陈刚, 等. XML结构化匹配中的位图过滤加速法[J]. J4, 2009, 43(09): 1549-1556.