Presentation is loading. Please wait.

Presentation is loading. Please wait.

Formalizing End-to-End Context-Aware Trust Relationships in Collaborative Activities Dr Ioanna Dionysiou Department of Computer Science School of Sciences.

Published byJoel Fisher Modified over 8 years ago

Similar presentations

Presentation on theme: "Formalizing End-to-End Context-Aware Trust Relationships in Collaborative Activities Dr Ioanna Dionysiou Department of Computer Science School of Sciences."— Presentation transcript:

1 Formalizing End-to-End Context-Aware Trust Relationships in Collaborative Activities Dr Ioanna Dionysiou Department of Computer Science School of Sciences University of Nicosia, Cyprus International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Dr Dave Bakken Dr Carl Hauser Department of Computer Science Washington State University Pullman, WA, USA Dr Deborah Frincke CyberSecurity Group Pacific Northwest National Laboratory Richland, WA, USA

2 Talk Outline  Motivation  Activity-Oriented Trust Relationships  Trust Model Ontology  Trust Model Functionality Example  Conclusions International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal 2

3 Motivating Scenario  Consider the North American electric power grid  Operations in a geographical region controlled by a single entity  Electric Market Deregulation  Competition!  Choose among electricity providers, open bidding  Impact on stability and security of the grid itself  3500 utility organizations (public, private, federal), many points of interaction, share data  Trustworthy Data exchange among these organizations and end-users  Producer of information, consumer of information 3 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

4 Motivating Scenario (2) 4 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal U 1 is the consumer of State Estimation data PMU Aggregation is the producer of State Estimation data What U 1 can say about the quality of the data?

5 Motivating Scenario (3)  How can we answer the question?  Security mechanisms are not adequate  Encrypted digitally signed message  Guarantee that not tampered with and no unauthorized person read it  What about the content itself? Reliable producer, unsecure medium OR unreliable producer, secure medium?  Trust and its management  Abstraction of beliefs that an entity has for specific situations and interactions  Not static but change over time  Need to make decisions based on current beliefs 5 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

6 Generalized Scenario 6 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

7 Contributions of our work…  A notation for specifying trust relationships tied to  a narrow context and  a broad activity  An intuitive and practical way to manage trust assessment for an activity  multiple trust relationships must be examined and composed  Expectations, violations, etc 7 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

8 Talk Outline  Motivation  Activity-Oriented Trust Relationships  Trust Model Ontology  Trust Model Functionality Example  Conclusions International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal 8

9 Activity-Oriented Trust Relationships Activity An interaction that involves multiple trustees that may assume different roles Successful outcome of an activity requires the collaboration of entities (trustees) performing specific functions, which are not necessarily the same 9 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

10 Activity-Oriented Trust Relationships (2) 10 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal relationship τ(C, S2,...) between S2 and C regarding S2 ability to forward data d relationship τ(C, S1,...) between S1 and C regarding S1 ability to forward data d relationship τ(C, P,...) between P and C regarding P ability to produce data d

11 Talk Outline  Motivation  Activity-Oriented Trust Relationships  Trust Model Ontology  Trust Model Functionality Example  Conclusions International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal 11

12 Trust Relationship Attributes 12 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Trust Relationship τ(γ, δ, c, λ, ι, ε, id, s) Trustor γ Trustee δ Context c Trust Level λ Interval ι Expectations ε Interaction identifier id Status s

13 Trust is… 13 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Trustor γ, based on its current trusting attitude, believes that the extent that trustee δ will act as expected for context c during time interval ι is λ, and this belief is subject to the satisfaction of expectation set ε. This relationship is valid for a specific interaction id and its status is indicated by s.

14 Trust Level Attribute λ  Trust is subjective  Trustee trustworthiness  Trustor’s requirements are not met by trustees at the same degree  Extent to which trustee honors trust, if trust is placed  Trustor trustfulness  Trustor’s willingness to trust  Trusting attitude  How do we capture this subjectivity?  Trust level, value, degree  Continuous values  Discrete values 14 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

15 Expectation Attribute ε  Expectation  Requirement and its allowed values that a trustor has for a particular interaction with the trustee  Expectation tuple  π is a trust requirement  o is a standard relational operator  ν o is the observed/actual value for the requirement  ν a is the allowed value for the requirement  ev are the evaluation criteria for the specific requirement  Covering algorithm, triggering algorithm, aggregating algorithm 15 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal ε(π,o,ν o,ν a,ev)

16 Expectation Attribute (2) 16 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Trust requirement : facet (coarse-grained), properties (fine-grained) Observed values: evidence (either internal or external)

17 Expectation Attribute (3)  Observed value  When?  Triggering method: at fixed intervals, on arrival?  How?  Aggregating method: average, weighted average?  For what?  Allowed value vs. Observed value  VIOLATIONS!!!  Covering method: strict, relaxed 17 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

18 Expectation Attribute (4)  Expectation set describes all the requirements a trustor has for a trustee in a particular relationship  Not interesting by itself  BUT, operations on the set ARE interesting!  Define primitive comparison relationships between elements  Equal expectations  Relaxed expectations  Define comparison relationships between expectation sets  Strictly equal expectation sets  Relaxed equal expectation sets  Define operation on sets  Merging 18 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

19 Expectation Attribute (5) 19 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Equal Expectations (=) Expectation (π 1, o 1, ν o1, ν a1, ev 1 ) is equal with expectation (π 2, o 2, ν o2, ν a2, ev 2 ) if and only if (π 1 = π 2 ) ∧ (o 1 = o 2 ) ∧ (ν o1 = ν o2 ) ∧ (ν a1 = ν a2 ) ∧ (covering 1 ∈ ev 1 = covering 2 ∈ ev 2 ) Relaxed Equal Expectations (≈) Expectation (π 1, o 1, ν o1, ν a1, ev 1 ) is relaxed equal with expectation (π 2, o 2, ν o2, ν a2, ev 2 ) if and only if ( (π 1 = π 2 ) ∧ (o 1 = o 2 ) ∧ (ν o1 ≠ ν o2 ) ∧ (ν a1 ≠ ν a2 ) ∧ (covering 1 ∈ ev 1 = covering2 ∈ ev 2 ) ) or if ( (π 1 = π 2 ) ∧ (o 1 = o 2 ) ∧ (ν o1 ≠ ν o2 ) ∧ (ν a1 = ν a2 ) ∧ (covering 1 ∈ ev 1 = covering 2 ∈ ev 2 ) )

20 Expectation Attribute (6)  What is the expectation set for a path as a single entity?  Merging of expectation sets! 20 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal f π function for aggregating values 1.Initialize ε merge ← 2.If ε 1 = ε 2 then ε merge ← ε 1 3.If ε 1 ≈ ε 2 then ∀ i:(π 1, o 1, ν o1, ν a1, ev 1 ) ∈ ε 1, j:(π 2, o 2, ν o2, ν a2, ev 2 ) ∈ ε 2 such that i ≈ j do ε merge ← ε merge ∪ {((π 1, o 1, f π (νo1, νo2 ), f π (νa1, νa2 ), ev 1 ) )}.

21 Trust Relation Properties and Operations  Trust relation is a set of trust relationships  Properties  Standard properties of any n-ary relation do not hold due to the non-absolute characteristics of trust  Dynamic and composable nature  Operations  Changing the state of the trust relation  Using the current state of the trust relation 21 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

22 Operations changing the trust relation state 22 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Expiration of valid time A trust relationship (γ, δ, c, λ, ι, ε, id, s) does not hold in relation τ if its valid interval time expires. Thus, a trust relationship τ(γ, δ, c, λ, ι, ε, id, s) is not valid in τ if the current time t 1 > t e, t e ∈ ι Arrival of New Evidence Suppose that new evidence arrives at trustor γ for trustee δ regarding context c. The new evidence includes the trust requirement π r and the recommended value ν r. All trust relationships (γ, δ, c, λ i, ι i, ε i, id i, s i ) are updated to reflect the application of the new evidence on observed value ν o Expectation Violation Whenever new evidence arrives, the observed value changes according to the aggregation scheme for the specific requirement. An update in the observed value may lead into expectation violation. In this case, the respective trust relationship’s status is set to ALERT

23 Operations using the trust relation state 23 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Trust Assessment for context c in interaction id Trustor γ 1 may synthesize the two tuples to derive an aggregated trust assessment for context c during interval ι i (the intersection of ι 1 and ι 2 ) by applying expectation set operations on the expectation sets ε 1 and ε 2 to derive the aggregated expectation set ε i. Expectation set ε i has to be checked against the various trust level specifications in order to assign the trustworthiness level λ i for the new tuple (γ, δ 1,2, c, λ i, ι i, ε i, id, s). End-to-end Trust Assessment for interaction id Suppose there are aggregated trust assessments for contexts c 1 and c 2, which are the only contexts belonging to interaction id 1 : these are tuples (γ 1, δ 1, c 1, λ 1, ι 1, ε 1, id 1, s 1 ) and (γ 1, δ 2, c 2, λ 1, ι 2, ε 2, id 1, s 1 ). Trustor γ 1 may compose the two tuples to derive an end-to-end trust assessment for interaction id during interval ι i (the intersection of ι 1 and ι 2 ) by applying expectation set operations on the expectation sets ε 1 and ε 2 to derive the aggregated expectation set ε i. Expectation set ε i has to be checked against the various level specifications in order to assign the trustworthiness level λ i for the new tuple (γ, δ 1,2, c, λ i, ι i, ε i, id, s).

24 Talk Outline  Motivation  Activity-Oriented Trust Relationships  Trust Model Ontology  Trust Model Functionality Example  Conclusions International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal 24

25 Revisit Original Scenario 25 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Trust Relation Graph Network

26 Revisit Original Scenario (2) 26 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Trust Assessment for context c 1 in interaction id τ(γ C, δ S1, c 1, λ 1, ι 1, ε 1, id, s ) and τ(γ C, δ S2, c 1, λ 1, ι 2, ε 2, id, s ) τ(γ C, δ S1,S2, c 1, λ 1, ι k, ε k, id, s ) ε k ={(authentication, =, certificate, certificate, ev 1 ), (reliability,>=,average(0.97,0.95), average(0.95,0.95), ev 2 )} ι k = [1,10]

27 Revisit Original Scenario (3) 27 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Trust Relation Graph End-to-end Trust Assessment for interaction id τ(γ C, δ S1,S2, c 1, λ 1, ι k, ε k, id, s ) and τ(γ C, δ P, c 2, λ 1, ι 3, ε 3, id, s ) τ(γ C, δ P,S1,S2, c 1,2, λ 1, ι m, ε m, id, s ) ε m = {(authentication, =,certificate, certificate, ev 1 ), (reliability, >=, average(0.90,0.96), average(0.80,0.95), ev 2 )} ι m = [1,8]

28 Talk Outline  Motivation  Activity-Oriented Trust Relationships  Trust Model Ontology  Trust Model Functionality Example  Conclusions International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal 28

29 Conclusions  A intuitive notation to specify trust relationships tied to an activity  Allows dynamic and composable trust operations  Allows a rich set of attributes to capture the trust semantics  Current and future work,…. 29 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

30 30 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

31 Thanks for your attention!! Questions? 31 International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal Σας ευχαριστω!!!

Download ppt "Formalizing End-to-End Context-Aware Trust Relationships in Collaborative Activities Dr Ioanna Dionysiou Department of Computer Science School of Sciences."

Similar presentations

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.
Research Issues in Web Services CS 4244 Lecture Zaki Malik Department of Computer Science Virginia Tech

Research Issues in Web Services CS 4244 Lecture Zaki Malik Department of Computer Science Virginia Tech
Conceptual Framework for Dynamic Trust Monitoring and Prediction Olufunmilola Onolaja Rami Bahsoon Georgios Theodoropoulos School of Computer Science The.

Conceptual Framework for Dynamic Trust Monitoring and Prediction Olufunmilola Onolaja Rami Bahsoon Georgios Theodoropoulos School of Computer Science The.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
A Survey of Trust Management for Mobile Ad Hoc Networks

A Survey of Trust Management for Mobile Ad Hoc Networks
Risk Aware Decision Framework for Trusted Mobile Interactions September 2005 Daniele Quercia and Stephen Hailes CS department University College London.

Risk Aware Decision Framework for Trusted Mobile Interactions September 2005 Daniele Quercia and Stephen Hailes CS department University College London.
CH. 9 MEASUREMENT: SCALING, RELIABILITY, VALIDITY

CH. 9 MEASUREMENT: SCALING, RELIABILITY, VALIDITY
Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002.

Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002.
An Approach to Evaluate Data Trustworthiness Based on Data Provenance Department of Computer Science Purdue University.

An Approach to Evaluate Data Trustworthiness Based on Data Provenance Department of Computer Science Purdue University.
AutonomicTrustManagementforaPervasiveSystemZheng Yan 1 Autonomic Trust Management for a Pervasive System Zheng Yan Nokia Research Center, Helsinki, Finland.

AutonomicTrustManagementforaPervasiveSystemZheng Yan 1 Autonomic Trust Management for a Pervasive System Zheng Yan Nokia Research Center, Helsinki, Finland.
Trust Establishment in Pervasive Grid Environments Syed Naqvi, Michel Riguidel TÉLÉCOM PARIS ÉNST É cole N ationale S upérieur des T élécommunications.

Trust Establishment in Pervasive Grid Environments Syed Naqvi, Michel Riguidel TÉLÉCOM PARIS ÉNST É cole N ationale S upérieur des T élécommunications.
MEASUREMENT. Measurement “If you can’t measure it, you can’t manage it.” Bob Donath, Consultant.

MEASUREMENT. Measurement “If you can’t measure it, you can’t manage it.” Bob Donath, Consultant.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Research Methods in MIS

Research Methods in MIS
Trust and Grid Computing Systems Presented By: Woodas Lai.

Trust and Grid Computing Systems Presented By: Woodas Lai.
A Trust Based Assess Control Framework for P2P File-Sharing System Speaker : Jia-Hui Huang Adviser : Kai-Wei Ke Date : 2004 / 3 / 15.

A Trust Based Assess Control Framework for P2P File-Sharing System Speaker : Jia-Hui Huang Adviser : Kai-Wei Ke Date : 2004 / 3 / 15.
1 Trust Management and Theory Revision Ji Ma School of Computer and Information Science University of South Australia 24th September 2004, presented at.

1 Trust Management and Theory Revision Ji Ma School of Computer and Information Science University of South Australia 24th September 2004, presented at.
Security Models for Trusting Network Appliances From : IEEE ( 2002 ) Author : Colin English, Paddy Nixon Sotirios Terzis, Andrew McGettrick Helen Lowe.

Security Models for Trusting Network Appliances From : IEEE ( 2002 ) Author : Colin English, Paddy Nixon Sotirios Terzis, Andrew McGettrick Helen Lowe.
A semantic learning for content- based image retrieval using analytical hierarchy process Speaker : Kun Hsiang.

A semantic learning for content- based image retrieval using analytical hierarchy process Speaker : Kun Hsiang.
Scaling and Attitude Measurement in Travel and Hospitality Research Research Methodologies CHAPTER 11.

Scaling and Attitude Measurement in Travel and Hospitality Research Research Methodologies CHAPTER 11.

Similar presentations

Ads by Google