Architecture and Implementation of a Trust Model for Pervasive Applications

Collaborative effort to share resources is a significant feature of pervasive computing environments. To achieve secure service discovery and sharing, and to distinguish between malevolent and benevolent entities, trust models must be defined. It is critical to estimate a device\u27s initial trust value because of the transient nature of pervasive smart space; however, most of the prior research work on trust models for pervasive applications used the notion of constant initial trust assignment. In this paper, we design and implement a trust model called DIRT. We categorize services in different security levels and depending on the service requester\u27s context information, we calculate the initial trust value. Our trust value is assigned for each device and for each service. Our overall trust estimation for a service depends on the recommendations of the neighbouring devices, inference from other service-trust values for that device, and direct trust experience. We provide an extensive survey of related work, and we demonstrate the distinguishing features of our proposed model with respect to the existing models. We implement a healthcare-monitoring application and a location-based service prototype over DIRT. We also provide a performance analysis of the model with respect to some of its important characteristics tested in various scenarios

An Implementation of Role-Base Trust Management Extended with Weights on Mobile Devices

AbstractThis paper describes the implementation of a library for the management and evaluation of Role-based Trust Management (RT) credentials and policies written in RTML, also extended with weights, in mobile devices. In particular, it describes the implementation of the library in J2ME. It is worth noticing, that RTML credentials are XML-like documents and thus the capability of porting these features on mobile devices makes the overall framework very interoperable with other RT frameworks (as for GRID systems). As policy language, we use actually a variant of RTML, whose policies are added with weights and are able to express quantitative experience-based notions of trust. It allow also to encode certain reputation and recommendation models. The obtained results show how the implementation on mobile devices is feasible and the running time acceptable for several applications

Notary-based self-healing mechanism for centralized peer-to-peer infrastructures

Centralized architecture, due to its simplicity, fast and reliable user management mechanism (authorization, authentication and lookup) and O(1) searching capability, is still a preferable choice for many P2P-based services. However, it suffers from a “single point of failure” vulnerability, so networks based on this topology are highly vulnerable to DoS attacks or other blocking attempts. This paper describes a new mechanism that can be used for centralized P2P networks to prevent a P2P service unavailability after central server failure. High security level is obtained by using notary servers which track server public key changes and collect social feedback from users. This allows not only to detect popular attacks (like man-in-the middle) but also to assess whether the Central Server (CS) behaves properly. In the case of central server failure or when server becomes compromised, decentralized Condorcet voting is preformed and new CS is selected. Additionally, by incorporating a reputation mechanism which uses two kinds of scores respectively for providing good service and fair evaluation of other peers, the best candidates for a new Central Server can be chosen. Valuable data which is used to rebuild user database in new CS is stored in the encrypted form in peers and updated during the user-peer authorization process. The decryption key is divided between peers using the threshold secret sharing method

SecMon: end-to-end quality and security monitoring system

The Voice over Internet Protocol (VoIP) is becoming a more available and popular way of communication for the Internet users. This also applies to the Peer-to-Peer (P2P) systems and merging these two have already proven to be successful (e.g. Skype). Even the existing standards of VoIP provide an assurance of security and Quality of Service (QoS), however, these features are usually optional and supported by a limited number of implementations. As a result, the lack of mandatory and widely applicable QoS and security guarantee makes the contemporary VoIP systems vulnerable to attacks and network disturbances. In this paper we are facing these issues and propose the SecMon system, which simultaneously provides a lightweight security mechanism and improves quality parameters of the call. SecMon is intended specially for VoIP service over P2P networks and its main advantage is that it provides authentication, data integrity services, adaptive QoS and (D)DoS attack detection. Moreover, the SecMon approach represents a lowbandwidth consumption solution that is transparent to the users and possesses a self-organizing capability. The above-mentioned features are accomplished mainly by utilizing two information hiding techniques: digital audio watermarking and network steganography. These techniques are used to create covert channels that serve as transport channels for lightweight QoS measurement results. Furthermore, these metrics are aggregated in a reputation system that enables best route path selection in the P2P network. The reputation system helps also to mitigate (D)DoS attacks, maximize performance and increase transmission efficiency in the network

A Client-Aware Reputation System for e-Services

In the Internet age, people are becoming more an more familiar in experiencing online services. Given the intrinsic distributed nature of the electronic transactions involved, there is the need to prove somehow the trustworthiness of such services for supporting a user in her choice. To this aim, different techniques have been presented. For example, a simple but useful solution is to rely on feedback of past users testifying if they have been satisfied by a service. In this paper, we consider a scenario for business transactions where a reputation management system helps clients in choosing services that best satisfy their attitudes and preferences. Specifically, a reputation value is associated to each service at stake. This value is updated according to past and new clients interactions. In fact, at the end of each interaction with a service, clients provide feedback regarding that service. The main feature of our proposal is the client awareness. This derives from designing and implementing a probabilistic client model based on real behaviours of users when they choose a service and give feedback. This client model has been obtained by collecting and processing real data from ones of the most popular websites for travel advice. We present an evaluation aimed at validating our proposal. In the simulations, we also deal with the issue of false feedback, reported by clients that intentionally aim at subverting the reputation value of a service. The simulations results show that our system is robust up to a certain number of malicious feedback

Network trust management in emergency situations

AbstractWe study the unique trust management, and more precisely reputation management and revocation of malicious nodes in the context of ad hoc networks used for emergency communications.Unlike in centralized systems, reputation management and revocation in ad hoc networks is non-trivial. This difficulty is due to the fact that the nodes have to collaboratively calculate the reputation value of a particular node and then revoke the node if the reputation value goes below a threshold. A major challenge in this scheme is to prevent a malicious node from discrediting other genuine nodes. The decision to revoke a node has to be communicated to all the nodes of the network. In traditional ad hoc networks the overhead of broadcasting the message throughout the network may be very high. We solve the problem of reputation management and node revocation in ad hoc networks of cell phones by using a threshold cryptography based scheme. Each node of the network would have a set of anonymous referees, which would store the reputation information of the node and issue reputation certificates to the node with timestamps. The misbehavior of a particular cell phone is reported to its anonymous referees, who issue certificates which reflect the positive and negative recommendations