A Secure Trust Model Based on Fuzzy Logic in Vehicular Ad Hoc Networks With Fog Computing

In vehicular ad hoc networks (VANETs), trust establishment among vehicles is important to secure integrity and reliability of applications. In general, trust and reliability help vehicles to collect correct and credible information from surrounding vehicles. On top of that, a secure trust model can deal with uncertainties and risk taking from unreliable information in vehicular environments. However, inaccurate, incomplete, and imprecise information collected by vehicles as well as movable/immovable obstacles have interrupting effects on VANET. In this paper, a fuzzy trust model based on experience and plausibility is proposed to secure the vehicular network. The proposed trust model executes a series of security checks to ensure the correctness of the information received from authorized vehicles. Moreover, fog nodes are adopted as a facility to evaluate the level of accuracy of event's location. The analyses show that the proposed solution not only detects malicious attackers and faulty nodes, but also overcomes the uncertainty and imprecision of data in vehicular networks in both line of sight and non-line of sight environments

Enhanced dynamic source routing for verifying trust in mobile ad hoc network for secure routing

Secure data transfer in mobile ad hoc network (MANET) against malicious attacks is of immense importance. In this paper, we propose a new enhanced trust model for securing the MANET using trust-based scheme that uses both blind trust and referential trust. In order to do this, the trust relationship function has to be integrated with the dynamic source routing (DSR) protocol for making the protocol more secure. We thoroughly analyze the DSR protocol and generate the performance matrices for the data pertaining to packets sent, packets received, packets loss, and throughput. We also analyze the outcome attained from the improvised trust establishment scheme by using the three algorithm implementations in NS2 simulator for detecting and preventing various types of attacks

Initial trust establishment for personal space IoT systems

University of Technology Sydney. Faculty of Engineering and Information Technology.Internet of Things (IoT) is becoming a reality with innovative applications, and IoT platforms have been developed to transfer technologies from research to business solutions. With IoT applications, we have greater control over personal devices and achieve more insights into the resource consumption habits; business processes can be streamlined; people are also better connected to each other. Despite the benefits derived from the IoT systems, users are concerned about the trustworthiness of their collected data and offered services. Security controls can prevent user’s data from being compromised during transmission, storage or unauthorized access, but do not provide a guarantee against the misbehaved devices that report incorrect information and poor services or avoid conducting a common task. Establishing trust relationship among devices and continuously monitoring their trust is the key to guarantee a reliable IoT system and hence mitigate user’s concerns. In this dissertation, we propose and investigate a novel initial trust establishment architecture for personal space IoT systems. In the initial trust establishment architecture, we propose a trust evidence generation module based on a challenge-response mechanism to generate the trust evidence relying on the device’s responses to the challenges, a trust knowledge assessment module to obtain the knowledge about the device from the generated trust evidence, and a trust evaluation scheme to quantify the initial trust level of the devices. We design and investigate a challenge-response information design to determine feasible designs of the challenge-response mechanism that ensure meaningful and related trust knowledge about the device’s trustworthiness captured from the challenge-response operations. A new trust-aware communication protocol is designed and implemented by incorporating the proposed initial trust establishment architecture into existing Bluetooth Low Energy (BLE) protocol to demonstrate the feasibility and efficiency of the proposed initial trust establishment architecture in practice. In this work, we first study building blocks and possible architectures of the IoT and analyze key requirements of an IoT system. Based on the analysis, we identify the critical role of the initial trust establishment model and the challenges of establishing initial trust in IoT systems due to the lack of knowledge for the trust assessment to work. To address the challenges, we propose a novel initial trust establishment architecture that can generate trust evidence for assessing the initial trust level of new devices by conducting challenge-response operations within a limited time window before they are admitted to the system. We propose three new initial trust establishment models based on the proposed architecture. An implicit relationship between the responses and the challenges is assumed for the system to judge the initial trustworthiness of the devices. The first model assesses the initial trust value based on a probability associated with the device’s behavior captured from the challenge-response process. The second model investigates the initial trust value based on a binary outcome set, and the third model quantifies the initial trust level based on a multiple-component outcome set from the challenge-response process. Subsequently, we propose the challenge-response information design where the challenge-response process is investigated and designed to determine the information space of the challenger’s view on its environment so that the challenge can invite relevant responses from the target environment. Based on the design of the challenge-response mechanism, the system can capture meaningful trust knowledge about the devices from challenge-response operations at their admission phase. We finally design and implement the initial trust-aware BLE protocol which incorporates the proposed initial trust establishment architecture into the existing BLE protocol. The simulation results show the efficiency, feasibility, and dependability of using initial trust-aware BLE protocol for building a trustworthy personal space IoT systems. The novelty of this research lies in assessing the devices’ initial trust level within a limited time window, before their admission to the personal space IoT system, without requiring prior experience or recommendations. The major contribution of this thesis is that it helps the IoT business solution providers to build secure and trustworthy IoT systems by admitting dependable devices, monitoring the trust of admitted devices, detecting maligned devices, and building long-term trust among. As a result, it mitigates the user’s concerns about the trustworthiness of IoT systems and encourages broader adoption of IoT applications

Robust Trust Establishment in Decentralized Networks

The advancement in networking technologies creates new opportunities for computer users to communicate and interact with one another. Very often, these interacting parties are strangers. A relevant concern for a user is whether to trust the other party in an interaction, especially if there are risks associated with the interaction. Reputation systems are proposed as a method to establish trust among strangers. In a reputation system, a user who exhibits good behavior continuously can build a good reputation. On the other hand, a user who exhibits malicious behavior will have a poor reputation. Trust can then be established based on the reputation ratings of a user. While many research efforts have demonstrated the effectiveness of reputation systems in various situations, the security of reputation systems is not well understood within the research community. In the context of trust establishment, the goal of an adversary is to gain trust. An adversary can appear to be trustworthy within a reputation system if the adversary has a good reputation. Unfortunately, there are plenty of methods that an adversary can use to achieve a good reputation. To make things worse, there may be ways for an attacker to gain an advantage that may not be known yet. As a result, understanding an adversary is a challenging problem. The difficulty of this problem can be witnessed by how researchers attempt to prove the security of their reputation systems. Most prove security by using simulations to demonstrate that their solutions are resilient to specific attacks. Unfortunately, they do not justify their choices of the attack scenarios, and more importantly, they do not demonstrate that their choices are sufficient to claim that their solutions are secure. In this dissertation, I focus on addressing the security of reputation systems in a decentralized Peer-to-Peer (P2P) network. To understand the problem, I define an abstract model for trust establishment. The model consists of several layers. Each layer corresponds to a component of trust establishment. This model serves as a common point of reference for defining security. The model can also be used as a framework for designing and implementing trust establishment methods. The modular design of the model can also allow existing methods to inter-operate. To address the security issues, I first provide the definition of security for trust establishment. Security is defined as a measure of robustness. Using this definition, I provide analytical techniques for examining the robustness of trust establishment methods. In particular, I show that in general, most reputation systems are not robust. The analytical results lead to a better understanding of the capabilities of the adversaries. Based on this understanding, I design a solution that improves the robustness of reputation systems by using accountability. The purpose of accountability is to encourage peers to behave responsibly as well as to provide disincentive for malicious behavior. The effectiveness of the solution is validated by using simulations. While simulations are commonly used by other research efforts to validate their trust establishment methods, their choices of simulation scenarios seem to be chosen in an ad hoc manner. In fact, many of these works do not justify their choices of simulation scenarios, and neither do they show that their choices are adequate. In this dissertation, the simulation scenarios are chosen based on the capabilities of the adversaries. The simulation results show that under certain conditions, accountability can improve the robustness of reputation systems

Deploying Virtual Machines on Shared Platforms

In this report, we describe mechanisms for secure deployment of virtual machines on shared platforms looking into a telecommunication cloud use case, which is also presented in this report. The architecture we present focuses on the security requirements of the major stakeholders’ part of the scenario we present. This report comprehensively covers all major security aspects including different security mechanisms and protocols, leveraging existing standards and state-of-the art wherever applicable. In particular, our architecture uses TCG technologies for trust establishment in the deployment of operator virtual machines on shared resource platforms. We also propose a novel procedure for securely launching and cryptographically binding a virtual machine to a target platform thereby protecting the operator virtual machine and its related credentials

TCG based approach for secure management of virtualized platforms: state-of-the-art

There is a strong trend shift in the favor of adopting virtualization to get business benefits. The provisioning of virtualized enterprise resources is one kind of many possible scenarios. Where virtualization promises clear advantages it also poses new security challenges which need to be addressed to gain stakeholders confidence in the dynamics of new environment. One important facet of these challenges is establishing 'Trust' which is a basic primitive for any viable business model. The Trusted computing group (TCG) offers technologies and mechanisms required to establish this trust in the target platforms. Moreover, TCG technologies enable protecting of sensitive data in rest and transit. This report explores the applicability of relevant TCG concepts to virtualize enterprise resources securely for provisioning, establish trust in the target platforms and securely manage these virtualized Trusted Platforms

Privacy-preserving scheme for mobile ad hoc networks.

This paper proposes a decentralized trust establishment protocol for mobile ad hoc networks (MANETs), where nodes establish security associations. In order to achieve privacy and security, we use homomorphic encryption and polynomial intersection so as to find the intersection of two sets. The first set represents a list of recommenders of the initiator and the second set is a list of trusted recommenders of the responder. The intersection of the sets represents a list of nodes that recommend the first node and their recommendations are trusted by the second node. In our experimental results we show that our scheme is effective even if there are 30 trusted nodes

Trust Evaluation for Embedded Systems Security research challenges identified from an incident network scenario

This paper is about trust establishment and trust evaluations techniques. A short background about trust, trusted computing and security in embedded systems is given. An analysis has been done of an incident network scenario with roaming users and a set of basic security needs has been identified. These needs have been used to derive security requirements for devices and systems, supporting the considered scenario. Using the requirements, a list of major security challenges for future research regarding trust establishment in dynamic networks have been collected and elaboration on some different approaches for future research has been done.This work was supported by the Knowledge foundation and RISE within the ARIES project