A Framework for Trusted Services

An existing challenge when selecting services to be used in a service- based system is to be able to distinguish between good and bad services. In this paper we present a trust-based service selection framework. The framework uses a trust model that calculates the level of trust a user may have with a service based on past experience of the user with the service and feedback about the service received from other users. The model takes into account different levels of trust among users, different relationships between users, and different levels of importance that a user may have for certain quality aspects of a service. A prototype tool has been implemented to illustrate and evaluate the work. The trust model has been evaluated in terms of its capacity to adjust itself due to changes in user ratings and its robustness

Integrating security in a group oriented distributed system

A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized

An Intelligent QoS Identification for Untrustworthy Web Services Via Two-phase Neural Networks

QoS identification for untrustworthy Web services is critical in QoS management in the service computing since the performance of untrustworthy Web services may result in QoS downgrade. The key issue is to intelligently learn the characteristics of trustworthy Web services from different QoS levels, then to identify the untrustworthy ones according to the characteristics of QoS metrics. As one of the intelligent identification approaches, deep neural network has emerged as a powerful technique in recent years. In this paper, we propose a novel two-phase neural network model to identify the untrustworthy Web services. In the first phase, Web services are collected from the published QoS dataset. Then, we design a feedforward neural network model to build the classifier for Web services with different QoS levels. In the second phase, we employ a probabilistic neural network (PNN) model to identify the untrustworthy Web services from each classification. The experimental results show the proposed approach has 90.5% identification ratio far higher than other competing approaches.Comment: 8 pages, 5 figure

SDN Access Control for the Masses

The evolution of Software-Defined Networking (SDN) has so far been predominantly geared towards defining and refining the abstractions on the forwarding and control planes. However, despite a maturing south-bound interface and a range of proposed network operating systems, the network management application layer is yet to be specified and standardized. It has currently poorly defined access control mechanisms that could be exposed to network applications. Available mechanisms allow only rudimentary control and lack procedures to partition resource access across multiple dimensions. We address this by extending the SDN north-bound interface to provide control over shared resources to key stakeholders of network infrastructure: network providers, operators and application developers. We introduce a taxonomy of SDN access models, describe a comprehensive design for SDN access control and implement the proposed solution as an extension of the ONOS network controller intent framework

Just-in-Time Memoryless Trust for Crowdsourced IoT Services

We propose just-in-time memoryless trust for crowdsourced IoT services. We leverage the characteristics of the IoT service environment to evaluate their trustworthiness. A novel framework is devised to assess a service's trust without relying on previous knowledge, i.e., memoryless trust. The framework exploits service-session-related data to offer a trust value valid only during the current session, i.e., just-in-time trust. Several experiments are conducted to assess the efficiency of the proposed framework.Comment: 8 pages, Accepted and to appear in 2020 IEEE International Conference on Web Services (ICWS). Content may change prior to final publicatio