5,901 research outputs found
An identity- and trust-based computational model for privacy
The seemingly contradictory need and want of online users for information sharing and privacy has inspired this thesis work. The crux of the problem lies in the fact that a user has inadequate control over the flow (with whom information to be shared), boundary (acceptable usage), and persistence (duration of use) of their personal information. This thesis has built a privacy-preserving information sharing model using context, identity, and trust to manage the flow, boundary, and persistence of disclosed information.
In this vein, privacy is viewed as context-dependent selective disclosures of information.
This thesis presents the design, implementation, and analysis of a five-layer Identity and Trust based Model for Privacy (ITMP). Context, trust, and identity are the main building blocks of this model. The application layer identifies the counterparts, the purpose of communication, and the information being sought. The context layer determines the context of a communication episode through identifying the role of a partner and assessing the relationship with the partner. The trust layer combines partner and purpose information with the respective context information to determine the trustworthiness of a purpose and a partner. Given that the purpose and the partner have a known level of trustworthiness, the identity layer constructs a contextual partial identity from the user's complete identity. The presentation layer facilitates in disclosing a set of information that is a subset of the respective partial identity. It also attaches expiration (time-to-live) and usage (purpose-to-live) tags into each piece of information before disclosure.
In this model, roles and relationships are used to adequately capture the notion of context to address privacy. A role is a set of activities assigned to an actor or expected of an actor to perform. For example, an actor in a learner role is expected to be involved in various learning activities, such as attending lectures, participating in a course discussion, appearing in exams, etc. A relationship involves related entities performing activities involving one another. Interactions between actors can be heavily influenced by roles. For example, in a learning-teaching relationship, both the learner and the teacher are expected to perform their respective roles. The nuances of activities warranted by each role are dictated by individual relationships. For example, two learners seeking help from an instructor are going to present themselves differently.
In this model, trust is realized in two forms: trust in partners and trust of purposes. The first form of trust assesses the trustworthiness of a partner in a given context. For example, a stranger may be considered untrustworthy to be given a home phone number. The second form of trust determines the relevance or justification of a purpose for seeking data in a given context. For example, seeking/providing a social insurance number for the purpose of a membership in a student organization is inappropriate. A known and tested trustee can understandably be re-trusted or re-evaluated based on the personal experience of a trustor. In online settings, however, a software manifestation of a trusted persistent public actor, namely a guarantor, is required to help find a trustee, because we interact with a myriad of actors in a large number of contexts, often with no prior relationships.
The ITMP model is instantiated as a suite of Role- and Relationship-based Identity and Reputation Management (RRIRM) features in iHelp, an e-learning environment in use at the University of Saskatchewan. This thesis presents the results of a two-phase (pilot and larger-scale) user study that illustrates the effectiveness of the RRIRM features and thus the ITMP model in enhancing privacy through identity and trust management in the iHelp Discussion Forum. This research contributes to the understanding of privacy problems along with other competing interests in the online world, as well as to the development of privacy-enhanced communications through understanding context, negotiating identity, and using trust
A Brain-Inspired Trust Management Model to Assure Security in a Cloud based IoT Framework for Neuroscience Applications
Rapid popularity of Internet of Things (IoT) and cloud computing permits
neuroscientists to collect multilevel and multichannel brain data to better
understand brain functions, diagnose diseases, and devise treatments. To ensure
secure and reliable data communication between end-to-end (E2E) devices
supported by current IoT and cloud infrastructure, trust management is needed
at the IoT and user ends. This paper introduces a Neuro-Fuzzy based
Brain-inspired trust management model (TMM) to secure IoT devices and relay
nodes, and to ensure data reliability. The proposed TMM utilizes node
behavioral trust and data trust estimated using Adaptive Neuro-Fuzzy Inference
System and weighted-additive methods respectively to assess the nodes
trustworthiness. In contrast to the existing fuzzy based TMMs, the NS2
simulation results confirm the robustness and accuracy of the proposed TMM in
identifying malicious nodes in the communication network. With the growing
usage of cloud based IoT frameworks in Neuroscience research, integrating the
proposed TMM into the existing infrastructure will assure secure and reliable
data communication among the E2E devices.Comment: 17 pages, 10 figures, 2 table
Trust Management Approach for Detection of Malicious Devices in SIoT
Internet of Things (IoT) is an innovative era of interrelated devices to provide services to other devices or users. In Social Internet of Thing (SIoT), social networking aspect is used for building relationships between devices. For providing or utilizing services, devices need to trust each other in complex and heterogeneous environments. Separating benign and malicious devices in SIoT is a prime security objective. In literature, several works proposed trust computation models based on trust features. But these models fail to identify malicious devices. This paper focuses on detection of malicious devices. In this paper, basic fundamentals, properties, models and attacks of trust in SIoT are discussed. Up-to-date research distributions on trust management and trust attacks are reviewed and idea of Trust Management using Machine Learning Algorithm (TM-MLA) is proposed for identification of malicious devices
Trust Management in the Internet of Everything
Digitalization is leading us towards a future where people, processes, data
and things are not only interacting with each other, but might start forming
societies on their own. In these dynamic systems enhanced by artificial
intelligence, trust management on the level of human-to-machine as well as
machine-to-machine interaction becomes an essential ingredient in supervising
safe and secure progress of our digitalized future. This tutorial paper
discusses the essential elements of trust management in complex digital
ecosystems, guiding the reader through the definitions and core concepts of
trust management. Furthermore, it explains how trust-building can be leveraged
to support people in safe interaction with other (possibly autonomous) digital
agents, as trust governance may allow the ecosystem to trigger an auto-immune
response towards untrusted digital agents, protecting human safety.Comment: Proceedings of the 16th European Conference on Software
Architecture-Companion Volum
Security : always too much and never enough. Anthropology of a non-starter market
The security market, based on public Key Infrastructures (PKI) did not succeed because security remains a paradoxical market. We observed security practices and reciprocal expectations, in this study the ones generated by the design of PKI devices. Using the framework of Actor Network Theory, we describe all the mediations required for sustaining a digital security chain... often based on very material stuff. A whole vision of the world should be designed, an ontology, doomed to failure if it formats practices and users by constraint. This vision should retain a variable-geometry, while calling on guarantors that transcend it, and not merely on commercial certification authorities. Will security architecture design be able to integrate the users' demand for "adequate security", which renders security policies bearable as long as users are not aware of them?Le marchĂ© de la sĂ©curitĂ© basĂ© sur les Public Key Infrastructures (Infrastructure de gestion de clĂ©s) n'est pas parvenu Ă dĂ©coller car la sĂ©curitĂ© reste un marchĂ© paradoxal. Nous avons observĂ© les pratiques de sĂ©curitĂ© et les attentes rĂ©ciproques crĂ©Ă©es par la conception de ces systĂšmes, plus spĂ©cifiquement ceux Ă base de PKI pour cette Ă©tude, dans les termes de la thĂ©orie de l'acteur-rĂ©seau, en reconstituant toutes les mĂ©diations nĂ©cessaires Ă l'existence d'une chaĂźne de sĂ©curitĂ© informatique... souvent bien matĂ©rielle. C'est une vision sĂ©curitaire du monde qui doit ĂȘtre produite, une ontologie, qui Ă©choue quand elle veut trop formater les pratiques et les utilisateurs: elle doit rester « Ă gĂ©omĂ©trie variable » tout en mobilisant des garants qui la dĂ©passent et non les seules autoritĂ©s de certification marchandes. La conception d'architectures de sĂ©curitĂ© peut elle admettre cette « sĂ©curitĂ© suffisante » qui rend sup- portable les politiques de sĂ©curitĂ© dĂšs lors qu'elles disparaissent de la conscience des utilisateurs
Recommended from our members
Exploitation in Human Trafficking and Smuggling
This article explores the mechanisms that underpin human smuggling and trafficking. It argues for the continued analytical relevance of the distinction between âtraffickingâ and âsmugglingâ, as posited by the 2000 UN Protocols. While this distinction has come under sustained criticism from several authors over the last 15 years, it nonetheless continues to capture the essential features of two distinct phenomena (control over a human being vs. illegal entry into a country), and acknowledges the role of agency in smuggling. The paper goes on to discuss three different scenarios that may emerge as a result of the interplay between smugglers and smuggled persons, and it specifies the role of exploitation in each scenario. In addition, the paper offers empirical evidence of the key building blocks of smuggling â namely the search for reliable information and the reaching of an agreement in regard to the service offered â and of how smuggling can turn into trafficking. This work concludes by drawing out the relevant policy implications.This work was supported by the European Union / FP7 Framework (Fiducia Project, Grant agreement 290563, FP7-SSH-2011-12).This is the author accepted manuscript. The final version is available from Springer via http://dx.doi.org/10.1007/s10610-015-9286-
Adaptive and survivable trust management for Internet of Things systems
Abstract The Internet of Things (IoT) is characterized by the seamless integration of heterogeneous devices into information networks to enable collaborative environments, specifically those concerning the collection of data and exchange of information and services. Security and trustworthiness are among the critical requirements for the effective deployment of IoT systems. However, trust management in IoT is extremely challenging due to its open environment, where the quality of information is often unknown because entities may misbehave. A hybrid contextâaware trust and reputation management protocol is presented for fogâbased IoT that addresses adaptivity, survivability, and scalability requirements. Through simulation, the effectiveness of the proposed protocol is demonstrated
How to set a business in China and what are the managerial factors for success?
During this dissertation we will present the specificities and impact of intercultural management in the success of a company abroad and more specifically in China. We will thus thanks to interviews and by conducting a survey try to determine which are the international and local/cultural management theories to implement and the one that are universal.Durante esta dissertação, apresentaremos as especificidades e o impacto do gerenciamento fĂsico no sucesso de uma empresa no exterior e mais especificamente na China. Por conseguinte, agradeceremos as entrevistas e, ao realizar uma pesquisa, tentaremos determinar quais sĂŁo as teorias de gestĂŁo internacional e local / cultural a implementar e a universal
ICIS Panel Summary: Should Institutional Trust Matter in Information Systems Research?
This paper summarizes and expands the panel on Should Institutional Trust Matter in Information Systems Research? that was presented during the ICIS 2005 Conference in Las Vegas. The panel was co-chaired by Paul A. Pavlou of the University of California and by David Gefen of Drexel University. The panelists were Izak Benbasat of the University of British Columbia, Harrison McKnight of Michigan State University, Katherine Stewart of the University of Maryland, and Detmar W. Straub of Georgia State University. There were about 150 people attending the panel and taking part in the lively discussion that pursued. Due to the interest the panel aroused, this paper expands on the topics discussed and presents them in a much broader perspective in a set of appendices
- âŠ