TuLip : reshaping trust management

In today’s highly distributed and heterogeneous world of the Internet, sharing resources has\ud become an everyday activity of every Internet user. We buy and sell goods over the Internet,\ud share our holiday pictures using facebook™, “tube” our home videos on You Tube™, and\ud exchange our interests and thoughts on blogs. We podcast, we are Linkedin™ to extend our\ud professional network, we share files over P2P networks, and we seek advice on numerous\ud on-line discussion groups. Although in most cases we want to reach the largest possible\ud group of users, often we realise that some data should remain private or, at least, restricted\ud to a carefully chosen audience. Access control is no longer the domain of computer security\ud experts, but something we experience everyday.\ud In a typical access control scenario, the resource provider has full control over the protected\ud resource. The resource provider decides who can access which resource and what\ud action can be performed on this resource. The set of entities that can access a protected resource\ud can be statically defined and is known a priori to the resource provider. Although still\ud valid in many cases, such a scenario is too restrictive today. The resource owner is not only\ud required, but often wants to reach the widest possible group of users, many of which remain\ud anonymous to the resource provider. A more flexible approach to access control is needed.\ud Trust Management is a recent approach to access control in which the access control decision\ud is based on security credentials. In a credential, the credential issuer states attributes\ud (roles, properties) of the credential subject. For the credentials to have the same meaning\ud across all the users, the credentials are written in a trust management language. A special\ud algorithm, called a compliance checker, is then used to evaluate if the given set of credentials\ud is compliant with the requested action on the requested protected resource. Finally, an\ud important characteristic of trust management is that every entity may issue credentials.\ud In the original approach to trust management, the credentials are stored at a well-known\ud location, so that the compliance checker knows where to search for the credentials. Another\ud approach is to let the users store the credentials. Storing the credentials in a distributed way\ud eliminates the single point of failure introduced by the centralised credential repository, but\ud now the compliance checker must know where to find the credentials. Another difficulty of\ud the distributed approach is that the design of a correct credential discovery algorithm comes\ud at the cost of limiting the expressive power of the trust management language.\ud In this thesis we show that it is possible to build a generic, open-ended trust management\ud system enjoying both a powerful syntax and supporting distributed credential storage. More\ud specifically, we show how to build a trust management system that has:\ud • a formal yet expressive trust management language for specifying credentials,\ud • a compliance checker for determining if a given authorisation request can be granted\ud given the set of credentials,\ud • support for distributed credential storage.\ud \ud We call our trust management system TuLiP (Trust management based on Logic Programming).\ud In the thesis we also indicate how to deploy TuLiP in a distributed content management\ud system (we use pictures as the content in our implementation). Using the same approach,\ud TuLiP can improve existing P2P content sharing services by providing a personalised, scalable,\ud and password-free access control method to the users. By decentralising the architecture,\ud systems like facebook™ or You Tube™ could also benefit from TuLiP. By providing\ud easy to use and scalable access control method, TuLiP can encourage sharing of private and\ud copyrighted content under a uniform and familiar user interface. Also Internet stores, often\ud deployed as a centralised system, can benefit from using the credential based trust management.\ud Here, TuLiP can facilitate the business models in which the recommended clients\ud and the clients of friendly businesses participate in customised customer rewarding programs\ud (like receiving attractive discounts). By naturally supporting co-operation of autonomous entities\ud using distributed credentials, we believe that TuLiP could make validation of business\ud relationships easier, which, in turn, could stimulate creation of new business models

Grid Infrastructure for Domain Decomposition Methods in Computational ElectroMagnetics

The accurate and efficient solution of Maxwell's equation is the problem addressed by the scientific discipline called Computational ElectroMagnetics (CEM). Many macroscopic phenomena in a great number of fields are governed by this set of differential equations: electronic, geophysics, medical and biomedical technologies, virtual EM prototyping, besides the traditional antenna and propagation applications. Therefore, many efforts are focussed on the development of new and more efficient approach to solve Maxwell's equation. The interest in CEM applications is growing on. Several problems, hard to figure out few years ago, can now be easily addressed thanks to the reliability and flexibility of new technologies, together with the increased computational power. This technology evolution opens the possibility to address large and complex tasks. Many of these applications aim to simulate the electromagnetic behavior, for example in terms of input impedance and radiation pattern in antenna problems, or Radar Cross Section for scattering applications. Instead, problems, which solution requires high accuracy, need to implement full wave analysis techniques, e.g., virtual prototyping context, where the objective is to obtain reliable simulations in order to minimize measurement number, and as consequence their cost. Besides, other tasks require the analysis of complete structures (that include an high number of details) by directly simulating a CAD Model. This approach allows to relieve researcher of the burden of removing useless details, while maintaining the original complexity and taking into account all details. Unfortunately, this reduction implies: (a) high computational effort, due to the increased number of degrees of freedom, and (b) worsening of spectral properties of the linear system during complex analysis. The above considerations underline the needs to identify appropriate information technologies that ease solution achievement and fasten required elaborations. The authors analysis and expertise infer that Grid Computing techniques can be very useful to these purposes. Grids appear mainly in high performance computing environments. In this context, hundreds of off-the-shelf nodes are linked together and work in parallel to solve problems, that, previously, could be addressed sequentially or by using supercomputers. Grid Computing is a technique developed to elaborate enormous amounts of data and enables large-scale resource sharing to solve problem by exploiting distributed scenarios. The main advantage of Grid is due to parallel computing, indeed if a problem can be split in smaller tasks, that can be executed independently, its solution calculation fasten up considerably. To exploit this advantage, it is necessary to identify a technique able to split original electromagnetic task into a set of smaller subproblems. The Domain Decomposition (DD) technique, based on the block generation algorithm introduced in Matekovits et al. (2007) and Francavilla et al. (2011), perfectly addresses our requirements (see Section 3.4 for details). In this chapter, a Grid Computing infrastructure is presented. This architecture allows parallel block execution by distributing tasks to nodes that belong to the Grid. The set of nodes is composed by physical machines and virtualized ones. This feature enables great flexibility and increase available computational power. Furthermore, the presence of virtual nodes allows a full and efficient Grid usage, indeed the presented architecture can be used by different users that run different applications

Dynamic User Role Assignment in Remote Access Control

The Role-Based Access Control (RBAC) model has been widely applied to a single domain in which users are known to the administrative unit of that domain, beforehand. However, the application of the conventional RBAC model for remote access control scenarios is not straightforward. In such scenarios, the access requestor is outside of the provider domain and thus, the user population is heterogeneous and dynamic. Here, the main challenge is to automatically assign users to appropriate roles of the provider domain. Trust management has been proposed as a supporting technique to solve the problem of remote access control. The key idea is to establish a mutual trust between the requestor and provider based on credentials they exchange. However, a credential doesn't convey any information about the behavior of its holder during the time it is being used. Furthermore, in terms of privileges granted to the requestor, existing trust management systems are either too restrictive or not restrictive enough. In this paper, we propose a new dynamic user-role assignment approach for remote access control, where a stranger requests for access from a provider domain. Our approach has two advantages compared to the existing dynamic user-role assignment techniques. Firstly, it addresses the principle of least privilege without degrading the efficiency of the access control system. Secondly, it takes into account both credentials and the past behavior of the requestor in such a way that he cannot compensate for the lack of necessary credentials by having a good past behavior

Distributed Access Control for Web and Business Processes

Middleware influenced the research community in developing a number of systems for controlling access to distributed resources. Nowadays a new paradigm for the lightweight integration of business resources from different partners is starting to take hold – Web Services and Business Processes for Web Services. Security and access control policies for Web Services protocols and distributed systems are well studied and almost standardized, but there is not yet a comprehensive proposal for an access control architecture for business processes. So, it is worth looking at the available approaches to distributed authorization as a starting point for a better understanding of what they already have and what they still need to address the security challenges for business processes

A flexible architecture for privacy-aware trust management

In service-oriented systems a constellation of services cooperate, sharing potentially sensitive information and responsibilities. Cooperation is only possible if the different participants trust each other. As trust may depend on many different factors, in a flexible framework for Trust Management (TM) trust must be computed by combining different types of information. In this paper we describe the TAS3 TM framework which integrates independent TM systems into a single trust decision point. The TM framework supports intricate combinations whilst still remaining easily extensible. It also provides a unified trust evaluation interface to the (authorization framework of the) services. We demonstrate the flexibility of the approach by integrating three distinct TM paradigms: reputation-based TM, credential-based TM, and Key Performance Indicator TM. Finally, we discuss privacy concerns in TM systems and the directions to be taken for the definition of a privacy-friendly TM architecture.\u

Application of JXTA-overlay platform for secure robot control

In this paper, we present the evaluation and experimental results of secured robot control in a P2P system. The control system is based on JXTA-Overlay platform. We used secure primitives and functions of JXTA-Overlay for the secure control of the robot motors. We investigated the time of robot control for some scenarios with different number of peers connected in JXTA-Overlay network. All experiments are realised in a LAN environment. The experimental results show that with the join of other peers in the network, the average time of robot control is increased, but the difference between the secure and unsecure robot control average time is nearly the samePeer ReviewedPostprint (published version

SciTokens: Capability-Based Secure Access to Remote Scientific Data

The management of security credentials (e.g., passwords, secret keys) for computational science workflows is a burden for scientists and information security officers. Problems with credentials (e.g., expiration, privilege mismatch) cause workflows to fail to fetch needed input data or store valuable scientific results, distracting scientists from their research by requiring them to diagnose the problems, re-run their computations, and wait longer for their results. In this paper, we introduce SciTokens, open source software to help scientists manage their security credentials more reliably and securely. We describe the SciTokens system architecture, design, and implementation addressing use cases from the Laser Interferometer Gravitational-Wave Observatory (LIGO) Scientific Collaboration and the Large Synoptic Survey Telescope (LSST) projects. We also present our integration with widely-used software that supports distributed scientific computing, including HTCondor, CVMFS, and XrootD. SciTokens uses IETF-standard OAuth tokens for capability-based secure access to remote scientific data. The access tokens convey the specific authorizations needed by the workflows, rather than general-purpose authentication impersonation credentials, to address the risks of scientific workflows running on distributed infrastructure including NSF resources (e.g., LIGO Data Grid, Open Science Grid, XSEDE) and public clouds (e.g., Amazon Web Services, Google Cloud, Microsoft Azure). By improving the interoperability and security of scientific workflows, SciTokens 1) enables use of distributed computing for scientific domains that require greater data protection and 2) enables use of more widely distributed computing resources by reducing the risk of credential abuse on remote systems.Comment: 8 pages, 6 figures, PEARC '18: Practice and Experience in Advanced Research Computing, July 22--26, 2018, Pittsburgh, PA, US

A Graph-Based Approach to Address Trust and Reputation in Ubiquitous Networks

The increasing popularity of virtual computing environments such as Cloud and Grid computing is helping to drive the realization of ubiquitous and pervasive computing. However, as computing becomes more entrenched in everyday life, the concepts of trust and risk become increasingly important. In this paper, we propose a new graph-based theoretical approach to address trust and reputation in complex ubiquitous networks. We formulate trust as a function of quality of a task and time required to authenticate agent-to-agent relationship based on the Zero-Common Knowledge (ZCK) authentication scheme. This initial representation applies a graph theory concept, accompanied by a mathematical formulation of trust metrics. The approach we propose increases awareness and trustworthiness to agents based on the values estimated for each requested task, we conclude by stating our plans for future work in this area