In Grid-systems, the key idea is the joint use of resources, therefore there is a need for mutual trust between users and resource providers. In small grid systems, all participants are in a relationship of complete trust. For example, in the Ukrainian Academic Grid segment, all participants belong to the National Academy of Sciences of Ukraine, and on this basis there is complete trust. But in larger Grid-systems, participants may often not be directly connected to each other, and there is a risk that one of the participants will turn out to be unscrupulous and malicious. Trust mechanisms are designed to reduce these risks. The main purpose of security mechanisms is to provide protection against malicious users and groups of persons. Traditional security methods usually protect resources from malicious influences by restricting access to authorized users. However, in most cases there is a need to protect the system and its components from those who provide resources and services within heterogeneous computing systems. Thus, there are a large number of problems in the field of security that cannot be solved within the framework of traditional approaches. Information providers can, for example, commit fraud by providing false and unreliable information, and traditional security mechanisms are unable to protect against this type of threat. On the other hand, systems of reputation and trust can provide protection against these risks. The distinction between these two approaches to information security was first described by Rasmussen and Jansson (1996), who used the term hard security to refer to traditional mechanisms such as authentication and access control, and the term soft security to refer to what they called public control mechanisms. in general, exemplified by reputation and trust systems.
Read full abstract