中文摘要：

网格现有的授权系统存在静态性问题，表现为没有提供机制来反馈用户对授予的权限的使用情况．当一个本来可信的用户或服务变成不可信时，授权系统不能及时发现，对其权限进行调整可能导致恶意用户对网格系统的破坏．因此，在授权系统中建立反馈机制，根据用户的行为动态地调整用户角色，对于网格系统的安全具有重大意义．文中分析了网格中现有的授权系统及信任模型的特点，指出它们存在的不足．在此基础上提出一种基于反馈机制的动态授权新模型，很好地解决了现有授权系统的静态性的缺点．该模型是对CAS授权系统的改进，增加了反馈机制和信任度计算机制．其中，信任度计算机制中提出的基于行为的分层信任新模型较以往的信任模型相比，使用服务权值来区分重要服务和普通服务，从而保护了网格中的重要服务并且能有效地抑制恶意节点的行为；文中提出了一种新的更加精确地计算域间推荐信任度的方法，从而解决了不诚实反馈的问题．反馈机制则利用基于行为分层信任模型给出的用户信任度的变化，实现了根据用户的行为动态调整他的角色．文中还设计了三组模型实验，分别验证新模型的特点、对网格中恶意实体行为的抑制情况，从不同的角度对模型进行了实验，对基于行为的分层信任模型对行为的敏感性、收敛性、有效性及合理性加以了证明．

英文摘要：

There is a problem of static status in the existing authorization systems of grids that don＇t provide feedback mechanism to feedback the use of permission by users. When a user or a service with creditability at the past would become unlikelihood, the authorization systems could not find this status in time to adjust the user＇s permission, so that it is possible for malicious users to destroy the grid systems. Thus, building feedback mechanism in authorization to adjust users＇ roles by their behavior dynamically is necessary to the security of grid systems. In this paper, we analyze the characteristics of the existing authorization systems and trust models in grid, and point out their shortcomings. This paper proposes a new dynamic authorization model based on feedback mechanism to solve static state of mechanisms. This model improves the authorization system for CAS, and adds trust degree computing mechanism and feedback mechanism to CAS. This paper proposes a new trust model with two layers based on behavior in the trust degree computing mechanism to distinguish important services and common services by using service weight, so it effectively protects important services in grid from the attack of malicious nodes; This paper also use a new method to account trust degrees between domains to solve the problem of dishonesty feedback. By using two-layer trust model based on behavior to get the changes of trust degrees, the feedback mechanism can adjust users＇ roles by users＇ behavior. In this paper, a series of simulation experiments are designed such as validating the characteristic of new model, controlling to malicious nodes. These experiments validate the sensitivity, astringency, validity and rationality with behavior in the two-layer trust model based on these behaviors.