关键词: 信任, 风险, 安全评估, 风险量化, trust, security evaluation, security evaluation, risk quantification

Abstract: Risk and trust are key factors impacting on the security decision-making in the distributed and dynamic environments. According to information risk evaluation theory, the author proposed a method for trust computation based on behavior risk evaluation. The proposed method described risk quantification method by identifying and quantifying the significance of assets and the criticality of threats from the behaviors of entities, and designed trust computation methods based on the quantified risk. Experimental results show that the proposed method can correctly identify the changing risk implied in the behaviors of entities, and compute trust based on the changing risk. It can provide objective reference for the system to correctly control the follow-up behaviors of entities.