Advertisement

Trust structures

Denotational and operational semantics
  • Karl Krukow
  • Mogens Nielsen
Special Issue Paper

Abstract

A general formal model for trust in dynamic networks is presented. The model is based on the trust structures of Carbone, Nielsen and Sassone: a domain theoretic generalisation of Weeks’ framework for credential based trust management systems, e.g., KeyNote and SPKI. Collections of mutually referring trust policies (so-called “webs” of trust) are given a precise meaning in terms of an abstract domain-theoretic semantics. A complementary concrete operational semantics is provided using the well-known I/O-automaton model. The operational semantics is proved to adhere to the abstract semantics, effectively providing a distributed algorithm allowing principals to compute the meaning of a “web” of trust policies. Several techniques allowing sound and efficient distributed approximation of the abstract semantics are presented and proved correct.

Keywords

Trust management Trust structures Foundations Denotational and operational semantics I/O automata 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 2.
    Abdul-Rahman, A.: A framework for decentralised trust reasoning. Ph.D. thesis, University of London, Department of Computer Science, University College London, England (2005)Google Scholar
  2. 2.
    Bertsekas, D.P., Tsitsiklis, J.N.: Parallel and Distributed Computation: Numerical Methods. Prentice-Hall International Editions. Prentice-Hall, Inc., Englewood Cliffs (1989)Google Scholar
  3. 3.
    Blaze M., Feigenbaum J., Ioannidis J. and Keromytis A.D. (1999). The role of trust management in distributed systems security. In: Vitek, J. and Jensen, C.D. (eds) Secure Internet Programming: Security Issues for Mobile and Distributed Objects, Lecture Notes in Computer Science, vol 1603, pp 185–210. Springer, Heidelberg Google Scholar
  4. 4.
    Blaze, M., Feigenbaum, J., Keromytis, A.D.: KeyNote: trust management for public-key infrastructures. In: Proceedings from Security Protocols: 6th International Workshop, Cambridge, 1998, vol. 1550, pp. 59–63 (1999)Google Scholar
  5. 5.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings from the 17th Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press, Newyork (1996)Google Scholar
  6. 6.
    Blaze, M., Feigenbaum, J., Strauss, M.: Compliance checking in the policymaker trust management system. In: Proceedings from Financial Cryptography: Second International Conference (FC’98), Anguilla, British West Indies, pp. 254–274 (1998)Google Scholar
  7. 7.
    Cahill V. and Gray E. (2003). Using trust for secure collaboration in uncertain environments. IEEE Pervasive Comput. 2(3): 52–61 CrossRefGoogle Scholar
  8. 8.
    Carbone, M., Nielsen, M., Sassone, V.: A formal model for trust in dynamic networks. In: Proceedings from Software Engineering and Formal Methods (SEFM’03). IEEE Computer Society Press, Newyork (2003)Google Scholar
  9. 9.
    Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomsa, B., Ylonen, T.: SPKI Certificate Theory. RFC 2693, ftp-site: ftp://ftp.rfc-editor.org/in-notes/rfc2693.txt (1999)Google Scholar
  10. 10.
    Garland S.J. and Lynch N.A. (2000). Using I/O automata for developing distributed systems. In: Leavens, G.T. and Sitaraman, M. (eds) Foundations of Component-Based Systems, pp 285–312. Cambridge University Press, NewYork Google Scholar
  11. 11.
    Garland, S.J., Lynch, N.A., Tauber, J., Vaziri, M.: IOA user guide and reference manual. Tech. Rep. MIT-LCS-TR-961, MIT Computer Science and Artificial Intelligence Laboratory (CSAIL), Cambridge (2004)Google Scholar
  12. 12.
    Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decision Support Systems, (to appear, reprint available online: http://sky.fit.qut.edu.au/~josang/) (2006)Google Scholar
  13. 13.
    Krukow, K.: An operational semantics for trust policies. Tech. Rep. RS-05-30, BRICS, University of Aarhus (2005) Available online: http://www.brics.dk/RS/05/30Google Scholar
  14. 14.
    Krukow, K., Towards a theory of trust for the global ubiquitous computer. Ph.D. Thesis, University of Aarhus, Denmark (2006), available online (submitted): http://www.brics.dk/~krukowGoogle Scholar
  15. 15.
    Krukow, K., Nielsen, M.: From simulations to theorems: a position paper on research in the field of computational trust. In: To be published in Proceedings from Formal Aspects in Security and Trust (FAST 2006). Springer, Heidelberg (2006)Google Scholar
  16. 16.
    Krukow, K., Twigg, A.: Distributed approximation of fixed-points in trust structures. In: Proceedings from the 25th IEEE International Conference on Distributed Computing Systems (ICDCS’05), pp. 805–814. IEEE, New York (2005)Google Scholar
  17. 17.
    Krukow, K., Twigg, A.: Distributed approximation of fixed-points in trust structures. Tech. Rep. RS-05-6, BRICS, University of Aarhus (2005). Available online: http://www.brics.dk/RS/05/6Google Scholar
  18. 18.
    Li, N., Feigenbaum, J., Grosof, B.: A logic-based knowledge representation for authorization with delegation. In: Proceedings of the 12th IEEE Computer Security Foundations Workshop (CSFW’99), pp. 162–174. IEEE Computer Society Press, New York (1999)Google Scholar
  19. 19.
    Li, N., Grosof, B., Feigenbaum, J.:A logic-based knowledge representation for authorization with delegation. In: Proceedings of the 9th Computer Security Foundations Workshop (CSFW’99), pp. 162–174. IEEE Computer Society, New York (1999)Google Scholar
  20. 20.
    Li, N., Mitchell, J.: Datalog with constraints: a foundation for trust-management languages. In: Proceedings from the 5th International Symposium on Practical Aspects of Declarative Languages (PADL 2003), Springer Lecture Notes in Computer Science, vol. 2562, pp. 58–73. Springer, (2003)Google Scholar
  21. 21.
    Li N., Mitchell J.C. and Winsborough W.H. (2005). Beyond proof- of-compliance: security analysis in trust management. J ACM 52(3): 474–514 CrossRefMathSciNetGoogle Scholar
  22. 22.
    Lynch N.A. (1996). Distributed algorithms. Morgan Kaufmann Publishers, San Mateo zbMATHGoogle Scholar
  23. 23.
    Lynch, N.A., Tuttle, M.R.: Hierarchical correctness proofs for distributed algorithms. In: Proceedings of the Sixth Annual ACM Symposium on Principles of Distributed Computing (PODC), pp. 137–151. ACM Press, NewYork (1987)Google Scholar
  24. 24.
    Nielsen, M., Krukow, K.: On the formal modelling of trust in reputation-based systems. In: J. Karhumäki, H. Maurer, G. Paun, G. Rozenberg (eds.) Theory is Forever: Essays Dedicated to Arto Salomaa on the Occasion of his 70th Birthday, Lecture Notes in Computer Science, vol. 3113, pp. 192–204. Springer, Heidelberg(2004)Google Scholar
  25. 25.
    Ramchurn S.D., Huynh D. and Jennings N.R. (2004). Trust in multi-agent systems. The Knowledge Engineering Review 19(1): 1–25 CrossRefGoogle Scholar
  26. 26.
    Sabater J. and Sierra C. (2005). Review on computational trust and reputation models. Artificial Intelligence Review 24(1): 33–60 zbMATHCrossRefGoogle Scholar
  27. 27.
    Weeks, S.: Understanding trust management systems. In: Proceedings from the 2001 IEEE Symposium on Security and Privacy, pp. 94–106. IEEE Computer Society Press (2001)Google Scholar
  28. 28.
    Winskel, G.: Formal Semantics of Programming Languages : an introduction. Foundations of computing. The MIT Press, Massachusetts Institute of Technology, Cambridge, Massachusetts (1993)Google Scholar

Copyright information

© Springer-Verlag 2007

Authors and Affiliations

  1. 1.BRICSUniversity of AarhusAarhusDenmark

Personalised recommendations