仅仅提供用户身份认证的安全控制已不能完全适应云计算等新型计算机网络应用,必须结合提供动态的行为可信的安全措施。该文借鉴社会信任的特性和计算机对信任评估的要求,提出较全面的评价用户行为信任的基本原则。然后给出一种基于行为证据的双滑动窗口的行为信任的量化评估机制。通过对滑动窗口的初始化,通过窗口的大小、窗口滑动的条件、过期信任和不信任记录在窗口位置的确定以及窗口内容的更新与替换来保证用户行为信任评估的可信性和可扩展性。最后根据信任的评估标准,用数据和理论分析证明了评估机制的可信性和可扩展性。与已有的主要信任评估算法相比较,该评估方法粒度细,信任评估对象不是服务提供者而是终端用户。 Security controls that provide only user authentication are no longer fully adaptable to new computer network applications such as cloud computing, and must be combined to provide dynamic and actionable security measures. The article draws on the characteristics of social trust and computer requirements for trust assessment and puts forward a more comprehensive evaluation of the basic principles of user trust. Then a quantitative evaluation mechanism of behavioral trust in dual sliding windows based on behavioral evidence is given. The credibility and scalability of user behavior trust assessment can be ensured through the initialization of the sliding window, the size of the window, the sliding condition of the window, the determination of the window position of outdated trust and untrusted records, and the update and replacement of window contents. Finally, according to the trust evaluation criteria, the data and theoretical analysis proved the credibility and scalability of the evaluation mechanism. Compared with the existing main trust evaluation algorithm, the assessment method is granular, and the object of trust evaluation is not the service provider but the end user.