Research on Subject Trust Evaluation Based on Fuzzy Theory

Trust management is now one of the interesting research topics in the field of web security. Firstly, several existing trust models are analyzed. Aiming at flaws of these models, the subject trust model based on fuzzy comprehensive evaluation is proposed, thus solving the evaluation problem of subjects trust degree in trust model. An effective evaluation strategy for trust degree vector of subject trust model is given. Finally, a concrete example is provided and has proved the rationality and feasibility of the model.


Introduction
Along with the development of network technology, network service is developing from closed, being familiar with target users and static relatively service model to opened, public accessing and highly dynamic service model. A set of new network technology becomes the hot investigation direction, like Web service, P2P, and grid calculation technology. The appearance of the new technology makes the security issue more complex. Open to the outside world of the network and different identities of main bodies in the network make the trust relationship between main bodies cannot be guaranteed, cheating is common occurrence on network. It is emergent to establish a secure and trustful relationship among main bodies. The traditional security authority mechanism, like access control list and public key certificate system, are no longer fit for the network security issues. In such background, a more flexible security mechanism should be established; this security mechanism is based on trust. In mid of 90's in the 20th century, M.Blaze, who are the first time introduced the trust management [1] to network security.
Currently, research on the trust relationship includes two aspects [2,3] : one is objective trust relationship, like certificate in PKI; ACL in access control, etc. These objects provide strict trust relationship. The relationship between the objects can be fully verified according to appropriate evidences, it is an evidence-based, and can be accurately described, reasoning and verification; the other is subjective trust relationship, Trust principal is individuals or groups and it consists of person or a mixture of person and object. Subjective trust (or trust) is a human cognitive phenomenon; it is a subjective judgment of specific characteristics or specific levels of behavior, it is essentially a faith-based, it is subjective, that is fuzziness, randomness and uncertainty, and can not be described accurately and verified. In this paper, study aims at trust degree of trust model. The subject trust model is proposed based on fuzzy comprehensive evaluation to overcome shortcomings of existing trust model, and give effective assessment strategies of trust degree vector of subject trust model on the basis of this model.

Related Research Work
In the process of studying security issues for open network environment, a number of scholars propose their own trust evaluation model based on different research.
T．Beth et al. Propose a trust evaluation model based on experience and probability statistical interpretation [4] , and apply this model to research on security authentication issue for open networks. This model introduces the concept of experience to express and measure trust relationship, the trust is divided into direct trust and recommendation trust, and the formula that used trust degree leading and integrated calculation is given, which is derived by experience recommendation. In Beth model, the trust is described as the possibility to complete a collaborative by the precision probability value, the randomness and uncertainty of trust is equivalent to the concept, and the trust itself fuzzy features are ignored.
Jφ sang et al. propose trust model based on subjective logic [5,6] , they introduce the concept of evidence space and opinion space to describe and measure trust relationship, and provide a set of subjective logic operator that used to derivation and integrated computation of trust degree. Compared with the Beth model, Jφ sang model defines trust more liberal, and measure trust using both positive events and negative events in the evidence space. But J φ sang model also see random and subjective uncertain of trust, even if opinion space is introduce, the model can also represent trust by statistical event of evidence space.
The computation model based on Bayesian theory records trust evaluation result by posterior probability Beta density function which is used to describe two events (satisfied/dissatisfied), which can be described as ) , Beta( β α , where α and β respectively represents positive and negative assessment number in trust evaluation. Trust degree can generally be expressed probability expectation of probability Beta density function [7,8] . The size of trust value and satisfactory service probability is provided by target node, and they express a certain quality of service which is provided by target node in network. Y Wang [9] builds trust model under different conditions using Bayesian network. Bayesian theory provides a reliable theoretical basis for trust calculation. Yu and Singh [10] express trust (reputation) value by using D-S evidence theory; the model assumes two possible results. Let trust as ) . According to historical records, predefined threshold of trust and distrust behavior and Dempster rule, then come to trust value.
D.W.Manchala [11] and Sabater et al. Proposes REGRET [12] that build trust model using fuzzy set. Trust will be represented as fuzzy linguistic variables in trust model based on fuzzy set. These linguistic variables characterize trust degree which is subjective and difficult to quantitatively describe. Each linguistic variable L is associated with a fuzzy set, whose members function describes trust degree. Fuzzy logic provides inference rules for fuzzy measure.
In open networks, subjective trust as a cognitive phenomenon, is a subjective belief, is subjective judgments to specific characteristics or behavior particular level of subject. The nature of trust has great subjectivity and fuzziness, and can not be accurately described and verified. The main difficulty of subjective trust research is how to model for this fuzziness.

Trust Evaluation Based on Fuzzy Theory
Trust evaluation uses fuzzy comprehensive evaluation method. Because trust of subject is affected by many factors, need to make this comprehensive evaluation, to select a credible subject.
With factor set , then (W,V,R,U) form a fuzzy comprehensive evaluation model, W, V, R, U is four elements of this model. Where W is weight distribution set of each factors, that represents relative importance of all factors in comprehensive evaluation; Evaluation set V describes different levels judgment of a subject, the grade of evaluation is n-level (and corresponding with level of trust set); Factor evaluation matrix R expresses all kinds of possibilities for each factor m x (such as ij r represents j v evaluation possibility to i x ); Factor set U is all properties that constitute trust types. " " is generalized fuzzy transformation operator, its operation process is as follows. " " has many choice ways, weighted average is more common choose. This algorithm a major factor in the impact of trust, but also retains all the information of a single factor, more in line with actual situation, but can not eliminate the impact of malicious recommendation, so it is not handled by weighted average method. The general process for fuzzy comprehensive evaluation is as follows.
Step 1: determine evaluation factors set Step 2: set up assessment level 1 2 { , , , } Step 3: according to grade index in evaluation level, carrying out fuzzy evaluation to each factor of U, and get judgment matrix , where ij r expresses membership degree from factor i x to assessment level j v . (U, V, R) constitutes a fuzzy comprehensive evaluation model. In open networks, trust relationships is complex between agents, many factors are taken consider for comprehensive evaluation to each agent trust degree. In order to make full use of various factors as possible, to get comparative accurate trust evaluation, we can use two level fuzzy comprehensive evaluations to evaluate degree of each agent: factors that constitute trust are divided into two levels, and to specify the weight of each branch factors, each factor judgment matrix can be considered as the son of below level comprehensive evaluation factors obtained by the trust vector's synthesis, it can eventually get all kinds of trust vector. Two levels fuzzy comprehensive evaluation model evaluation procedures is as follows: Step 1: Factor sets Step 3: First layer fuzzy comprehensive evaluation. Write weight of each factor in first level factor set as

Case Study
This paper uses an e-commerce platform to expatiate the application of the above trust evaluation model. Evaluation factors constituted by the six parameters, U＝{ Recent Reputation, History Reputation, Fault Record, Social Identity, Social Status, Social Reputation }, weight W={0.25, 0.05, 0.30, 0.15, 0.15, 0.10}, evaluation set V＝{excellent, good, medium, poor}. After statistics and data processing, get evaluation indexes as shown in table 1.  After the above treatment, we can get trust degree vector of agent.

Conclusions
Trust has inherent subjectivity and uncertainty properties, making it difficult to describe by precise mathematical model, combining the advantages of fuzzy set theory, we improve availability of trust evaluation model. Because trust relationship between subjects is more complex in open networks, factors which affect each subject and the influence degree to each subject is not identical also, when judging, weight of each factor be should accord actual application situation, on the other hand, judgment is divided two levels, simplified calculation and convenient processing. Therefore, using two level fuzzy comprehensive evaluations to get trust degree vector of each subject has its rationality and feasibility.