The cross-trust domain environment in which heterogeneous identity alliances are located often does not have a completely trusted centralized trust root, and different trust domains and entities also have specific security requirements. In view of the above problems, we believe that trust measurement of cross-domain identities based on risk assessment is an effective method to achieve decentralized proof of user identities in heterogeneous cyberspace. There are various risk assessment models. We choose the more mature attack graph theory in the existing research to apply to the new field of cross-trust domain management of heterogeneous identities. We propose an attribute attack graph evaluation model to evaluate cross-domain identities through risk measurement of attributes. In addition, heterogeneous identity alliances also have architectural risks, especially the risk of decentralized underlying structures. In response to this problem, we identify the risk of the identity alliance infrastructure, and combine the risk assessment and presentation system design to verify the principle.

中文翻译：

---

基于风险评估的异构身份信任管理方法

异构身份联盟所在的交叉信任域环境通常没有完全信任的集中信任根，并且不同的信任域和实体也有特定的安全要求。鉴于上述问题，我们认为基于风险评估的跨域身份信任度量是在异构网络空间中实现用户身份去中心化证明的有效方法。有多种风险评估模型。在现有研究中，我们选择较为成熟的攻击图理论，以应用于异构身份交叉信任域管理的新领域。我们提出了一种属性攻击图评估模型，以通过对属性进行风险度量来评估跨域身份。此外，异构身份联盟也存在架构风险，尤其是底层结构分散的风险。针对此问题，我们确定了身份联盟基础架构的风险，并将风险评估与演示系统设计相结合以验证其原理。