Trust and reputation policy-based mechanisms for self-protection in autonomic communications

Currently, there is an increasing tendency to migrate the management of communications and information systems onto the Web. This is making many traditional service support models obsolete. In addition, current security mechanisms are not sufficiently robust to protect each management system and/or subsystem from web-based intrusions, malware, and hacking attacks. This paper presents research challenges in autonomic management to provide self-protection mechanisms and tools by using trust and reputation concepts based on policy-based management to decentralize management decisions. This work also uses user-based reputation mechanisms to help enforce trust management in pervasive and communications services. The scope of this research is founded in social models, where the application of trust and reputation applied in communication systems helps detect potential users as well as hackers attempting to corrupt management operations and services. These so-called “cheating services” act as “attacks”, altering the performance and the security in communication systems by consumption of computing or network resources unnecessarily

The sociology of trusted systems: the episteme and judgment of a technology (NIRSA) Working Paper Series. No.46

The goal of this paper is that of taking a first step toward a socio-technical conceptualization of trusted systems. In our view this might help in overcoming interdisciplinary differences and enhancing a common vocabulary for discussing trust issues for the Future of the Internet. In particular our main research question is to understand “to what extent and in which forms existing trusted systems embody social assumptions?” In order to answer this question we propose a new definition of Trusted Systems as situated Episteme: an apparatus of devices that set the conditions of possibility of certain practices while denying other practices. The conceptualization is augmented using the concept of technological mediation taken from the approach known as Actor-Network Theory (ANT). Our approach takes at its starting point the idea that it is possible to use sociological (from ANT) concepts to analyse and investigate the basic elements of Trusted Systems. This analysis opens up new possibilities for the sociological enquiry of Trust on a more micro, socio-technical level. In particular the paper puts forward the idea of Trust as result of the system design

The sociology of trusted systems: the episteme and judgment of a technology (NIRSA) Working Paper Series. No.46

The goal of this paper is that of taking a first step toward a socio-technical conceptualization of trusted systems. In our view this might help in overcoming interdisciplinary differences and enhancing a common vocabulary for discussing trust issues for the Future of the Internet. In particular our main research question is to understand “to what extent and in which forms existing trusted systems embody social assumptions?” In order to answer this question we propose a new definition of Trusted Systems as situated Episteme: an apparatus of devices that set the conditions of possibility of certain practices while denying other practices. The conceptualization is augmented using the concept of technological mediation taken from the approach known as Actor-Network Theory (ANT). Our approach takes at its starting point the idea that it is possible to use sociological (from ANT) concepts to analyse and investigate the basic elements of Trusted Systems. This analysis opens up new possibilities for the sociological enquiry of Trust on a more micro, socio-technical level. In particular the paper puts forward the idea of Trust as result of the system design

Self-adaptive federated authorization infrastructures

Authorization infrastructures are an integral part of any network where resources need to be protected. As networks expand and organizations start to federate access to their resources, authorization infrastructures become increasingly difficult to manage. In this paper, we explore the automatic adaptation of authorization assets (policies and subject access rights) in order to manage federated authorization infrastructures. We demonstrate adaptation through a Self-Adaptive Authorization Framework (SAAF) controller that is capable of managing policy based federated role/attribute access control authorization infrastructures. The SAAF controller implements a feedback loop to monitor the authorization infrastructure in terms of authorization assets and subject behavior, analyze potential adaptations for handling malicious behavior, and act upon authorization assets to control future authorization decisions. We evaluate a prototype of the SAAF controller by simulating malicious behavior within a deployed federated authorization infrastructure (federation), demonstrating the escalation of adaptation, along with a comparison of SAAF to current technology