Science in China Series F: Information Sciences

, Volume 49, Issue 6, pp 759–773 | Cite as

Trustworthiness of Internet-based software

  • Wang Huaimin 
  • Tang Yangbin 
  • Yin Gang 
  • Li Lei 
Article

Abstract

Recent years see an increasing concern over the trustworthiness of Internet-based software. By analyzing the trustworthiness of Internet-based software and the nature of the Internet, applications, we point out that, on the one hand, due to the openness and dynamic nature of the Internet, the identity trustworthiness and the capability trustworthiness of the software are facing serious challenges; on the other hand, in order to ensure the trustworthiness of the whole system, emerging computing paradigms based on the collaboration of autonomous software need some impacts on the behavior of the software. Here we put forward a conceptual model for the trustworthiness of Internet-based software, and propose a trustworthy assurance framework for Internet-based virtual computing environment (iVCE). This framework deals with the trustworthy properties of software on identity, capability and behavior in a combinated way. The authorization management in inter-domain computing environment, assurance on high availability of service and incentive mechanism for autonomic collaboration are taken as three core mechanisms of iVCE trustworthy assurance.

Keywords

Internet software trustworthiness iVCE 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Anderson J P. Computer Security Technology Planning Study, ESD-TR-73-51, Vol. I, AD-758 206, ESD/AFSC, Hanscom AFB, Bedford, MA., October, 1972Google Scholar
  2. 2.
    ISO/IEC. Information Technology-Security Techniques-Evaluation Criteria for IT Security, Part 1: Introduction and General Model. 2nd ed. 2005-10-01 (available at URL: http://standards.iso.org/ittf/PubliclyAvailableStandards/c040612_ISO_IEC_15408-1_2005(E).zip, accessed on April 14, 2006)
  3. 3.
    Trusted Computing Group. TCG Architecture Overview. V1. 2, 28 April 2004 (available at URL: https://www.trustedcomputinggroup.org/specs/IWG/TCG_1_0_Architecture_Overview.pdf, accessed on April 14, 2006)
  4. 4.
    Gates B. Trustworthy Computing. Wired News, Jan. 17, 2002 (available at URL: http://www.wired.com/news/business/0,1367,49826,00.html, accessed on April 14, 2006)
  5. 5.
    Lin C, Peng X H. Research on trustworthy networks. Chin J Comp (in Chinese), 2005, 28(5): 751–758Google Scholar
  6. 6.
    Algirdas A, Jean-Claude L, Brian R, et al. Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing, 2004, 1(1): 11–33CrossRefGoogle Scholar
  7. 7.
    Friedman B, Kahn P H Jr, Howe D C. Trust online. Communications of the ACM, 2000, 43(12): 34–40CrossRefGoogle Scholar
  8. 8.
    Lazowska E D, Patterson D A. Distributed computing. Science, 2005, 308(6) (available at URL: http://www.sciencemag.org/sciext/computers/, accessed on April 14, 2006)
  9. 9.
    Bernardo E A, Huberman A. Free Riding on Gnutella. Tech Rept: SSL-00-63, XeroxPARC, 2000. 8Google Scholar
  10. 10.
    Hardin. The tragedy of the commons. Science, 1968, 162: 1243–1248CrossRefGoogle Scholar
  11. 11.
    Feldmany M, Laiz K. Quantifying disincentives in peer-to-peer networks. In: Proceeding of Workshop on Economics of Peer-to-Peer Systems. LNCS 2735. Berkeley, CA: Springer-Verlag, 2003. 117–122Google Scholar
  12. 12.
    Yin G, Wang H M, Shi D X, et al. Towards more controllable and practical delegation. In: Mathematical Methods, Models and Architectures for Computer Networks Security Workshop (MMM-ACNS’05), St. Petersburg, Russia, LNCS 3685, 2005, 245–258Google Scholar
  13. 13.
    Axelrod R. The Evolution of Cooperation. New York: Basic Books, 1984Google Scholar
  14. 14.
    Obreiter P, Nimis J. A Taxonomy of incentive patterns—the design space of incentives for cooperation. In: Proc. of the Second International Workshop on Agents and P2P Computing. LNCS 2872. Melbourne: Springer-Verlag, 2003. 678–685Google Scholar
  15. 15.
    Golle P, Leyton-Brown K, Incentives for sharing in peer-to-peer networks. In: Proc. of the Third ACM Conference on Electronic Commerce. LNCS 2232. Tampa, Florida: Springer-Verlag, 2001. 75–82.Google Scholar
  16. 16.
    Blaze M, Feigenbaum J, Strauss M. Compliance checking in the policymaker trust management system. In: Proceedings of the Financial Cryptography’98. Anguilla: Springer-Verlag, 1998. 254–274CrossRefGoogle Scholar
  17. 17.
    Blaze M, Feigenbaum J, Lacy J. Decentralized trust management. In: IEEE Symposium on Security and Privacy, Oakland, CA 1996, 164–173Google Scholar
  18. 18.
    Blaze M, Feigenbaum J, Ioannidis J, et al. RFC 2704: The KeyNote trust management system version 2, Network Working Group, IETF, September, 1999Google Scholar
  19. 19.
    Ellison C M, Frantz B, Lampson B, et al. SPKI Certificate Theory. IETF RFC 2693, September, 1999Google Scholar
  20. 20.
    Li N H, Delegation Logic: A Logic-based Approach to Distributed Authorization. PhD thesis. New York: New York University, 2000Google Scholar
  21. 21.
    Li N H, Mitchell J C, William H W. Design of a role-based trust management framework. In: Proceedings of IEEE Symposium on Security and Privacy. Berkeley, CA: IEEE Computer Society Press, 2002. 114–130Google Scholar
  22. 22.
    Moritz Y B, Peter S. Cassandra: Flexible trust management, applied to electronic health records. In: Proceedings of the 17th IEEE Computer Security Foundations Workshop (CSFW’04), Asilomar, Pacific Grove, CA, USA, June 2004, 10–13Google Scholar
  23. 23.
    Xu F. Trust management in open coordination software environment (in Chinese). PhD Thesis, Nanjing: Nanjing University, 2003Google Scholar
  24. 24.
    Hong F, Zhu X, Wang S B. Delegation depth control in trust-management system. In: Proceedings of the 19th International Conference on Advanced Information Networking and Applications (AINA’05), Taipei, Taiwan, March 2005, 411–414Google Scholar
  25. 25.
    Avizienis A. Design of fault-tolerant computers. In: Fall Joint Computer Conference, AFIPS Conf. Proc. Washington D.C.: Thompson Books, 1967, 31: 733–43Google Scholar
  26. 26.
    Min Y H. Twenty-five years of fault-tolerant computing. Chin J Comp (in Chinese), 1995, 18(12): 930–943Google Scholar
  27. 27.
    OMG. Common Object Request Broker Architecture (CORBA), v2.6. 2001. 12Google Scholar
  28. 28.
    Narasimhan P, Reverte C F, Ratanotayanon S, et al. Middleware for embedded adaptive dependability. In: Proc. of IEEE Workshop on Large Scale Real-Time and Embedded Systems, Austin, TX, December 2002Google Scholar
  29. 29.
    Nisan N, Ronen A. Algorithmic mechanism design. Games and Economic Behavior, 2001, 35: 166–196CrossRefMathSciNetGoogle Scholar
  30. 30.
    Feigenbaum J, Papadimitriou C, Shenker S, Distributed Algorithmic Mechanism Design: Recent Results and Future Directions, Proceedings of the 6th International Workshop on Discrete Algorithms and Methods for Mobile Computing and Communications, New York: ACM Press, 2002. 1–13Google Scholar
  31. 31.
    Sami R. Distributed algorithmic mechanism design. PhD Thesis. Yale University, 2003Google Scholar
  32. 32.
    Kelly T, Chan Y M, Jamin S, et al. Biased replacement policies for web caches: Differential quality-of-service and aggregate user value. In: Proceedings of the 4th International Web Caching Workshop, San Diego, California, March 1999, 1–10Google Scholar
  33. 33.
    Abdul-Rahman A, Hailes S. Supporting trust in virtual communities. In: Proc. of 33rd Hawaii International Conference on System Sciences, Maui, Hawaii, IEEE Computer Society, January 2000Google Scholar
  34. 34.
    Kamvar S D, Schlosser M T, Garcia-Molina H. The EigenTrust Algorithm for Reputation Management in P2P Networks. In: Proc. of the 20th International World Wide Web Conference (WWW2003), Budapest, HUNGARY, ACM, May 2003Google Scholar
  35. 35.
    Christin N, Weigend A, Chuang J. Content availability, pollution and poisoning in file sharing peer-to-peer networks. In: Proceedings of ACM Conference on Electronic Commerce (EC’05), Hong Kong, ACM, 2005. 68–77Google Scholar
  36. 36.
    Khopkar T, Li X, Resnick P. Self-selection, slipping, salvaging, slacking, and stoning: the impacts of negative feedback at eBay. In: Proceedings of ACM Conference on Electronic Commerce (EC’05), Hong Kong, ACM, 2005. 223–231Google Scholar

Copyright information

© Science in China Press 2006

Authors and Affiliations

  • Wang Huaimin 
    • 1
  • Tang Yangbin 
    • 1
  • Yin Gang 
    • 1
  • Li Lei 
    • 1
  1. 1.School of Computer ScienceNational University of Defense TechnologyChangshaChina

Personalised recommendations