A Software-Based Trust Framework for Distributed Industrial Management Systems

One of the major problems in industrial security management is that most organizations or enterprises do not provide adequate guidelines or well-defined policy with respect to trust management, and trust is still an afterthought in most security engineering projects. With the increase of handheld devices, managers of business organizations tend to use handheld devices to access the information systems. However, the connection or access to an information system requires appropriate level of trust. In this paper, we present a flexible, manageable, and configurable software-based trust framework for the handheld devices of mangers to access distributed information systems. The presented framework minimizes the effects of malicious recommendations related to the trust from other devices or infrastructures. The framework allows managers to customize trust-related settings depending on network environments in an effort to create a more secure and functional network. To cope with the organizational structure of a large enterprise, within this framework, handheld devices of managers are broken down into different categories based upon available resources and desired security functionalities. The framework is implemented and applied to build a number of trust sensitive applications such as health care

Transactional risk-based decision making system in e-business interactions

The credit crunch and economic crisis have demonstrated the need to properly understand, characterize and assimilate risk in business activities. Failure to do this has resulted in serious consequences to the users involved. So the analysis and management of risk is one of the important pre-requisites to ensure a successful outcome in a business activity in any domain. In this paper we propose an approach by which an interaction initiating user in the domain of e-business ascertains beforehand the level of transactional risk in the successful completion of its business activity and utilizes it to determine on an interaction. The proposed model considers the different sub-categories and characteristics of transactional risk and ascertains in numeric and semantic terms the different levels and severities of its occurrence. It then utilizes the determined analysis of transactional risk to recommend on an informed interaction-based decision to the interaction initiating user

Service-Oriented Middleware for the Future Internet: State of the Art and Research Directions

International audienceService-oriented computing is now acknowledged as a central paradigm for Internet computing, supported by tremendous research and technology development over the last ten years. However, the evolution of the Internet, and in particular, the latest Future Internet vision, challenges the paradigm. Indeed, service-oriented computing has to face the ultra large scale and heterogeneity of the Future Internet, which are orders of magnitude higher than those of today's service-oriented systems. This article aims at contributing to this objective by identifying the key research directions to be followed in light of the latest state of the art. This article more specifically focuses on research challenges for service-oriented middleware design, therefore investigating service description, discovery, access and composition in the Future Internet of services

A Trust Framework for Pervasive Computing Environments

In this paper, we present a flexible, manageable, and configurable trust scheme for the security of pervasive computing applications. Our intention is to develop a trust framework capable of recognizing the difference between “pure” and “managed” ad hoc network structure, and capable of operating in either situation or a combination of both. Our trust framework will minimize the effects of malicious recommendations related to trust from other devices and have the capability to transfer security functionality from devices with limited computing resources to other secure and powerful devices. The presented framework allows administrators to customize trust-related settings in an effort to create a more secure and functional network. Within our framework, wireless devices are broken down into different categories based upon available resources and desired security functionalities. A device’s categorization determines its security functionalities and interactions with neighboring devices. By using this flexible framework, administrators can customize devices based upon the network’s environment