基于社会学信任理论的软件可信性概念模型

doi:10.3969/j.issn.0372-2112.2019.11.016

电子学报 ›› 2019, Vol. 47 ›› Issue (11): 2344-2353.DOI: 10.3969/j.issn.0372-2112.2019.11.016

基于社会学信任理论的软件可信性概念模型

杨曦, 罗平, 贾古丽

清华大学软件学院信息系统安全教育部重点实验室, 北京 100084

收稿日期:2018-09-11 修回日期:2019-03-25 出版日期:2019-11-25
- 作者简介:
- 杨曦女,1977年2月出生,福建福州人.2005年云南大学软件工程专业硕士毕业,其后在福州大学从事教学、科研工作.2014年考入清华大学博士,研究方向为软件系统与理论、信息安全及软件可信性等.E-mail:x-yang14@mails.tsinghua.edu.cn;罗平男,1959年6月出生,湖南溆浦人.清华大学软件学院教授.研究方向:密码算法设计与密码分析,漏洞分析与攻击,数据库漏洞与安全,木马利用技术,图像安全.负责和参加国家自然科学基金项目4项,国家科技部973和"十一五"科技攻关项目4项,部委和学校项目6项,横向课题6项.其中作为项目负责人16项.
- 基金资助:
- 国家自然科学基金重点项目 (No.90818021); 核高基重大专项 (No.2012zx01039-004-46); 国家发改委信息安全专项 (No.2012-1424)

The Concept Model of Software Trustworthiness Based on Trust-Theory of Sociology

YANG Xi, LUO Ping, GUL Jabeen

The Key Laboratory for Information System Security, Software School, Tsinghua University, Beijing 100084, China

Received:2018-09-11 Revised:2019-03-25 Online:2019-11-25 Published:2019-11-25
- Supported by:
- Key Program of National Natural Science Foundation of China (No.90818021); National Science and Technology Major Project (NSTMP) Program Kernal Electronic Devices, High-end General Application Chips, Fundamental Software Products (No.2012zx01039-004-46); National Development and Reform Commission Information Security Special Program (No.2012-1424)

摘要/Abstract

摘要： 可信性作为软件的一种复杂的高复合概念，几十年间都未能取得实质性进展和突破.本文在对可信性权威定义分析的基础上，论证了这些定义所涉范围彼此矛盾且不相容，进一步说明从本质出发研究软件可信性概念模型的重要性和必然性."可信"一词源于社会学，所以应该从社会学的信任理论出发来探讨软件可信性的本质.本文在上百篇经典社会学信任理论文献上构建出信任体系模型STM，并与软件的信任体系进行了对比和映射，提出基于社会学信任理论的软件可信性概念模型STCM.在STM和STCM的基础上给出软件可信性概念模型的定义系统.最后通过度量评估实验验证了模型是可行的、有效的，为软件可信性的发展提供了新的研究方向.

关键词: 软件可信性, 信任理论, STM, STCM, 可靠性, 安全性

Abstract: As a complex high-composite software concept, the trustworthiness research has failed to make substantial progress and breakthroughs during these decades. After analyzing the authority definitions of trustworthiness, this paper demonstrates that the scope of them is contradictory and incompatible. It further illustrates that the research of software trustworthiness conceptual model from its essence is very important and necessary. The term "trustworthiness" originates from sociology; so we should discuss the essence of software trustworthiness based on trust-theory of sociology. This paper constructs a trust system model STM based on hundreds of classical sociological literature on trust-theory. After comparing and mapping with software trust system, the paper proposes a software trustworthiness conceptual model STCM based on trust theory of sociology. Based on STM and STCM, a complete concept definition system of software trustworthiness is presented. Finally, STCM is proved to be feasible and effective by the measurement and evaluation experiment, which provides a new research direction for the advancement of software trustworthiness.

Key words: software trustworthiness, trust-theory, STM, STCM, reliability, security

中图分类号:

TP311

杨曦, 罗平, 贾古丽. 基于社会学信任理论的软件可信性概念模型[J]. 电子学报, 2019, 47(11): 2344-2353.

YANG Xi, LUO Ping, GUL Jabeen . The Concept Model of Software Trustworthiness Based on Trust-Theory of Sociology[J]. Acta Electronica Sinica, 2019, 47(11): 2344-2353.

参考文献

[1] 刘克,单志广,王戟,等."可信软件基础研究"重大研究计划综述[M].北京:中国科学基金,2008.145-151.
[2] Department of Defense.Department of defense trusted computer system evaluation criteria[S].Department of Defense 5200.28-STD,1985.
[3] 汤永新,刘增良.软件可信性度量模型研究进展[J].计算机工程与应用,2010,46(27):12-16.
[4] Sagasti F R,Mitroff I I.Operations research from the viewpoint of general systems theory[J].OMEGA,1973,1(6):695-709.
[5] Singleton R,Jr Straits B C,Straits M M,et al.Approaches to Social Research[M].New York:Oxford University Press,1988.
[6] ISO/IEC 14598-1.Information technology-software product evaluation-Part 1:General overview[S].ISO/IEC,1999.
[7] Rousseau D M,Sitkin S B,Burt R S,et al.Not so different after all:A cross-discipline view of trust[J].The Academy of Management Review,1998,23(3):1-12.
[8] Schoorman F D,Mayer R C,Davis J H.An integrative model of organizational trust:Past,present,and future[J].The Academy of Management Review,2007,32(2):344-354.
[9] Mcknight D H,Chervany N L.What trust means in e-commerce customer relationships:An interdisciplinary conceptual typology[J].International Journal of Electronic Commerce,2001,6(2):35-59.
[10] Mcknight D H,Carter M,Thatcher J B,et al.Trust in a specific technology:An investigation of its components and measures[J].ACM Transactions on Management Information System,2011,2(2):1-25.
[11] Kee H W,Knox R E.Conceptual and methodological considerations in the study of trust and Suspicion[J].The Journal of Conflict Resolution,1970,14(3):357-366.
[12] Lewicki R J,Bunker B B.Developing and maintaining trust in work relationships[J].In Trust in Organizations:Frontiers of Theory and Research,1996:114-139.
[13] Coleman J S.Foundations of Social Theory[M].Cambridge,MA:Harvard University Press,1990.
[14] Colquitt J A,Brent S A,LePine J A.Trust,trustworthiness,and trust propensity:A meta-analytic test of their unique relationships with risk taking and job performance[J].Journal of Applied Psychology,2007,92(4):909-927.
[15] ISO/IEC FDIS 9126-1:2001.Information technology-Software product quality-Part 1:Quality Model[S].ISO/IEC,2001.
[16] ISO/IEC 2382-14:1997.Information technology-Vocabulary-Part 14:Reliability,maintainability and availability[S].ISO/IEC,1997.
[17] IEEE 610.12:1990.Standard glossary of software engineering terminology[S].IEEE,1990.
[18] Becker S,et al.Trustworthy software systems:a discussion of basic concepts and terminology[J].ACM Sigsoft Software Engineering Notes,2006,31(6):1-18.
[19] 王克,邹嘉,戴一奇.基于软件实名认证的系统安全机制[J].清华大学学报(自然科学版),2008,(07):1169-1172.
[20] Yang X,Jabeen G,Luo P,et al.A unified measurement solution of software trustworthiness based on social-to-software framework[J].Journal of Computer Science And Technology,2018,33(3):603-620.

基于社会学信任理论的软件可信性概念模型

The Concept Model of Software Trustworthiness Based on Trust-Theory of Sociology

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	田晖, 严艳, 汤莉莉, 吴俊彦, 王慧东, 全韩彧. 基于分数基音延迟动态搜索的语音隐写算法[J]. 电子学报, 2023, 51(1): 67-75.
[2]	赵静萌, 黄宁, 朱杰, 张欣. 多参数关联的机载系统空战业务可靠性评估方法[J]. 电子学报, 2022, 50(9): 2060-2067.
[3]	赵耿, 马英杰, 陈磊, 董有恒, 侯艳丽. 基于扰动时空混沌系统的动态S盒设计[J]. 电子学报, 2022, 50(8): 2037-2042.
[4]	胡文文, 周日贵. 基于d维单个量子态的半量子密钥分发方案[J]. 电子学报, 2022, 50(5): 1025-1032.
[5]	张浩, 胡昌华, 杜党波, 裴洪, 张建勋. 多状态影响下基于Bi‑LSTM网络的锂电池剩余寿命预测方法[J]. 电子学报, 2022, 50(3): 619-624.
[6]	周刘飞, 邵贤杰, 陈旭, 王海宏, 王保平. 高可靠性InGaZnO薄膜晶体管集成栅极驱动电路的研究[J]. 电子学报, 2022, 50(12): 3014-3020.
[7]	郑秋华, 胡程楠, 崔婷婷, 申延召, 曾英佩, 吴铤. 一种基于概率分析的DHR模型安全性分析方法[J]. 电子学报, 2021, 49(8): 1586-1598.
[8]	支婷, 刘颖, 周华春, 张宏科. 智慧标识网络服务机理研究进展及安全性分析[J]. 电子学报, 2021, 49(8): 1653-1664.
[9]	徐川, 胡渝, 韩珍珍, 熊郑英, 赵国锋. 基于链路效用的3D-VANET可靠路由算法[J]. 电子学报, 2021, 49(5): 872-878.
[10]	刘焕淋, 胡会霞, 马敬, 陈勇, 王展鹏. 光路可靠性和频谱整合因子感知的虚拟光网络生存性映射[J]. 电子学报, 2021, 49(4): 744-749.
[11]	欧庆于, 罗芳, 吴晓平, 杨鹏. 基于电压毛刺故障扰动的分组密码安全性度量方法研究[J]. 电子学报, 2021, 49(3): 417-423.
[12]	汪榆淋, 窦家维. k-min问题安全多方计算方案及应用[J]. 电子学报, 2021, 49(11): 2256-2260.
[13]	刘焕淋, 蒲欣, 陈勇, 王展鹏. 链路可靠性感知的差异保护虚拟光网络映射[J]. 电子学报, 2020, 48(5): 946-952.
[14]	魏铎, 高海英. 一种支持算术张成程序的密文策略属性加密方案[J]. 电子学报, 2020, 48(10): 1993-2002.
[15]	宋云. 基于GHZ态局域测量的量子秘密共享[J]. 电子学报, 2019, 47(7): 1443-1448.