3.5信任模型综合分析
    新的信任模型将TCG推出的可信计算技术引入P2P网络，通过强的认证保证数据源的可靠，使得通过信任评估建立的信任关系更加可信。实现安全的P2P信任模型，现实意义重大，能够消减服务提供方和服务使用者间的信息不对称行，可以很好地服务于P2P电子商务、P2P文件共享以及分布式计算等应用，能更好地预防欺诈。该P2P信任模型的安全性重点在于TPM的设计。TPM作为信任模型的信任根，TPM的安全性要求唯一标识其身份的EK私钥不能泄露到TPM外部。若TPM是安全的，则信任模型的安全强度取决于平台认证过程中所使用的密码协议，文献^[16]中描述的DAA协议，在Random Oracle模型下，它的安全性基于DDH假设和强RSA假设。

4 结束语
    本文将TCG推出的可信计算技术与信任评估技术融合到 网络中，基于DAA协议提出了一种P2P网络数字身份创建和管理策略，进而构建了一个能有效抵御Pseudospoofing和Pseudostheft攻击的 信任模型。理论分析表明，该 信任模型具有强匿名性以及高安全性，具有更广泛的应用场景和工程可行性。

References:
    [1] Thomas Beth, Malte Borcherding, Birgit Klein. Valuation of trust in open networks. In: Proceedings of the 3rd European Symposium on Research in Computer Security, p3-18. 
    [2] DK Sepandar, TS Mario, GM Hector. The EigenTrust Algorithm for Reputation Management inP2P Networks. In: Proceedings of the 12th international conference on World Wide Web, Budapest, Hungary, p640-651. 
    [3] Chen R, Yeager W. Poblano: A distributed trust model for P2P networks. Technical Report,TR-14-02-08, Palo Alto: Sun Microsystem, 2002. 
    [4] Xiong, L., Liu, L. (2004). Peertrust: Supporting reputation-based trust in peer-to-peer communities. IEEE transactions on knowledge and data engineering (TKDE), Special issue on peer-to-peer based data management. 
    [5] N. Daswani, H.Garcia-Molina, and B.Yang. Open problems in data-sharing peer-to-peer systems. In Proceedings of the 9th International Conference on Database Theory. Siena, Italy. 2003 
    [6] D. S. Wallach. A survey of peer-to-peer security issues. In M. Okada , B. C. Pierce, A. Scedrov, H. Tokuda, and A. Yonezawa, editors, Software Security – Theorise and Systems, International Symposium,ISSS 2002, volume 2609 of LNCS, pages 42-57,Springer,2003. ISBN 3-540-0070803. 
    [7] International Organization for Standardization. ITU-T Rec. X.800-ISO 7498-2, Information processing systems-open systems interconnection – basic reference model – part2: security architectures. ISO/ITU, 7498-2 edition, 1989. 
    [8] L. Detweiler. The Snakes of medusa -- internet identity subversion, 1993. Cypherpunks mailing lists. 
    [9] E. Damiani, S. De Capitiani di Vimercati, S. Paraboschi, P.Samarati, and F. Violante. A reputation-based approach for choosing reliable resources in peer-to-peer networks. In V. Atluri, editor, Proceedings of the 9th ACM conference on Computer and Communications Security, Pages 207-216. ACM Press, 2002. ISBN 1-58113-612-9. 
    [10] Trusted Computing Group. TCG Specification Architecture Overview. https:// www.trustedcomputinggroup.org/ groups/ TCG_1_4_Architecture_Overview.pdf 
    [11] Trusted Computing Group. TCG TPM Specification Version 1.2 Revision 62 https://www.trustedcomputinggroup.org/specs/TPM/ 
    [12] Abe, M., Fujisaki, E., 1996. How to date blind signatures, Advances in Cryptology--Asiacrypt 1996. LNCS 1163, Springer-Verlag, pp. 244-251 
    [13] D. Chaum. Zero-knowledge undeniable signatures. Advances in Cryptology -- EUROCRYPT ’90, volume 473 of LNCS, pages 458–464. Springer-Verlag, 1991. 
    [14] Camenisch J, Stadler M. Efficient group signatures for large groups. In Proc. Crypto'97, Santa Barbara, CA, USA, LNCS 1294, Springer-Verlag, 1997, pp. 410-424. 
    [15] A .Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signatures problems. In A.M. Odlyzko, editor, Advances in Cryptology — XRYPTO’86, Volume 263 of LNCS, pages 186-194. Springer Verlag 1987. 
    [16] Brickell Ernie, Camenisch Jan,Chen Liqun. Direct Anonymous Attestation. Proceedings of the ACM Conference on Computer and Communications Security, Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, Pages132-145 
    [17] J. Camenisch and A. Lysyanskaya. A signature scheme with efficient protocols. In SCN, volume 2576 of LNCS, pages 268--289. Springer, 2002. 
    [18] A. Lysyanskaya. Signature schemes and applications to cryptographic protocol design. PhD thesis, Massachusetts Institute of Technology, Cambridge, Massachusetts, Sept. 2002. 
    [19] Shane Balfe, Amit D. Lakhani, Kenneth G. Paterson. Trusted Computing: Providing Security for Peer-to-Peer Networks. Proceding of the fifth IEEE International Conference on Peer-to-Peer Computing(P2P’05).

(责任编辑：adminadmin2008)