Advertisement

Trust Lifecycle Management in a Global Computing Environment

  • S. Terzis
  • W. Wagealla
  • C. English
  • P. Nixon
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3267)

Abstract

In a global computing environment in order for entities to collaborate, they should be able to make autonomous access control decisions with partial information about their potential collaborators. The SECURE project addresses this requirement by using trust as the mechanism for managing risks and uncertainty. This paper describes how trust lifecycle management, a procedure of collecting and processing evidence, is used by the SECURE collaboration model. Particular emphasis is placed on the processing of the evidence and the notion of attraction. Attraction considers the effects of evidence about the behaviour of a particular principal on its current trust value both in terms of trustworthiness and certainty and is one of the distinctive characteristics of the SECURE collaboration making it more appropriate for a global computing setting.

Keywords

Trust Evaluation Trust Management Access Control Policy Initial Trust Trust Evolution 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abdul-Rahman, A., Hailes, S.: Supporting trust in virtual communities. In: Proceedings of the 33rd Hawaii International Conference on System Sciences, vol. 6, p. 6007. IEEE Computer Society Press, Los Alamitos (2000)Google Scholar
  2. 2.
    Bacon, J., Belokosztolszki, A., Dimmock, N., Eyers, D., Ingram, D., Moody, K.: Preliminary definition of a trust-based access control model. SECURE Deliverable 3.2 (2003)Google Scholar
  3. 3.
    Bacon, J., Dimmock, N., Ingram, D., Moody, K., Shand, B., Twigg, A.: Definition of risk model. SECURE Deliverable 3.1 (2002)Google Scholar
  4. 4.
    Blaze, M., Feigenbaum, J., Keromytis, A.D.: Keynote: Trust management for public-key infrastructures. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, pp. 59–63. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  5. 5.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, Los Alamitos, USA, May 1996, pp. 164–173. AT&T (1996)Google Scholar
  6. 6.
    Bryce, C., Cahill, V., Di Marzo Serugendo, G., English, C., Farrell, S., Gray, E., Jensen, C.D., Nixon, P., Seigneur, J.-M., Terzis, S., Wagealla, W., Yong, C.: Application scenarios. SECURE Deliverable 5.1 (2002)Google Scholar
  7. 7.
    Carbone, M., Danvy, O., Damgaard, I., Krukow, K., Moller, A., Nielsen, J.B., Nielsen, M.: A model for trust. SECURE Deliverable 1.1 (2002)Google Scholar
  8. 8.
    Carbone, M., Krukow, K., Nielsen, M.: Revised computational trust model. SECURE Deliverable 1.3 (2004)Google Scholar
  9. 9.
    Carbone, M., Nielsen, M., Sassone, V.: A formal model for trust in dynamic networks. In: Proceedings of the International Conference on Software Engineering and Formal Methods, Brisbane, Australia, September 2003, pp. 54–63 (2003)Google Scholar
  10. 10.
    Carbone, M., Nielsen, M., Sassone, V.: A formal model for trust in dynamic networks. RS RS-03-4, BRICS, DAIMI, January 2003, p. 18 (2003)Google Scholar
  11. 11.
    Chen, R., Yeager, W.: Poblano - a distributed trust model for peer-to-peer networks. Technical report, Sun Microsystems (2001)Google Scholar
  12. 12.
    Dimitrakos, T.: System models, e-risks and e-trust. towards bridging the gap? In: Proceedings of the 1st IFIP Conference on e-Commerce, e-Business, e-Government. Kluwer Academic Publishers, Dordrecht (2001)Google Scholar
  13. 13.
    Dimmock, N.: How much is ‘enough’? Risk in trust-based access control. In: Proceedings of the IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises: Enterprise Security (Special Session on Trust Management), Linz, Austria (June 2003)Google Scholar
  14. 14.
    English, C., Terzis, S., Wagealla, W.: Engineering trust-based collaborations in a global computing environment. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 120–134. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  15. 15.
    English, C., Wagealla, W., Nixon, P., Terzis, S., McGettrick, A., Lowe, H.: Trusting collaboration in global computing. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 136–149. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Gambetta, D.: Can we trust trust? In: Gambetta, D. (ed.) Trust: Making and Breaking Cooperative Relations, Oxford, pp. 213–237. Basil Blackwell, London (1990)Google Scholar
  17. 17.
    Grandison, T., Sloman, M.: Specifying and analysing trust for internet applications. In: Proceeedings of the 2nd IFIP IEEE Conference, October 2002, pp. 145–157 (2002)Google Scholar
  18. 18.
    Jonker, C.M., Treur, J.: Formal analysis of models for the dynamics of trust based on experiences. In: Garijo, F.J., Boman, M. (eds.) MAAMAW 1999. LNCS, vol. 1647, pp. 221–231. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  19. 19.
    Jøsang, A.: A logic for uncertain probabilities. Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 9(3), 279–311 (2001)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Kagal, L., Undercoffer, J.L., Perich, F., Joshi, A., Finin, T.: A security architecture based on trust management for pervasive computing systems. In: Grace Hopper Celebration of Women in Computing (October 2002)Google Scholar
  21. 21.
    Kinateder, M., Rothermel, K.: Architecture and algorithms for a distributed reputation system. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 1–16. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Li, N., Mitchell, J.C.: RT: A role based trust management framework. In: Proceedings of the 3rd DARPA Information Survivability Conference and Exposition (DISCEX III). IEEE Computer Society Press, Los Alamitos (2003)Google Scholar
  23. 23.
    Marsh, S.: Formalising Trust as a Computational Concept. PhD thesis, University of Stirling (1994)Google Scholar
  24. 24.
    Marx, M., Treur, J.: Trust dynamics formalised in temporal logic. In: Chen, L., Zhuo, Y. (eds.) Proceedings of the 3rd International Conference on Cognitive Science, ICCS, pp. 359–363. USTC Press, Beijing (2001)Google Scholar
  25. 25.
    McLean, J.: Security models. In: Marciniak, J. (ed.) Encyclopedia of Software Engineering. John Wiley & Sons, Chichester (1994)Google Scholar
  26. 26.
    Sandhu, R.: Access control: The neglected frontier. In: Pieprzyk, J.P., Seberry, J. (eds.) ACISP 1996. LNCS, vol. 1172, pp. 219–227. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  27. 27.
    Schmatikov, V., Talcott, C.: Reputation-based trust management (extended abstract). In: Proceedings of the Workshop on Issues in the Theory of Security (WITS) (2003)Google Scholar
  28. 28.
    Seamons, K.E., Winslett, M., Yu, T., Smith, B., Child, E., Jacobson, J., Mills, H., Yu, L.: Requirements for policy languages for trust negotiation. In: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), Monterey, CA, USA, June 2002, pp. 68–79 (2002)Google Scholar
  29. 29.
    Seigneur, J.-M., Farrell, S., Jensen, C., Gray, E., Yong, C.: End-to-end trust starts with recognition. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 130–142. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  30. 30.
    Shand, B., Dimmock, N., Bacon, J.: Trust for Ubiquitous, Transparent Collaboration. In: Proceedings of the First IEEE Annual Conference on Pervasive Computing and Communications (PerCom 2003), Dallas-Ft. Worth, TX, USA, March 2003, pp. 153–160 (2003)Google Scholar
  31. 31.
    Tan, Y.-H., Thoen, W.: Formal aspects of a generic model of trust for electronic commerce. In: Proceedings of the 33rd Hawaii International Conference on System Sciences, vol. 6, p. 6006. IEEE Computer Society Press, Los Alamitos (2000)Google Scholar
  32. 32.
    Terzis, S., Wagealla, W., English, C., Nixon, P.: The secure collaboration model. Technical Report Smartlab-03-2003, Dept. of Computer and Information Sciences, University of Strathclyde (December 2003)Google Scholar
  33. 33.
    Global Computing Initiative Website (2002), http://www.cordis.lu/ist/fet/gc.htm
  34. 34.
  35. 35.
    SECURE Project Official Website (2002), http://secure.dsg.cs.tcd.ie
  36. 36.
    Xiong, L., Liu, L.: Building trust in decentralized peer-to-peer electronic communities. In: Proceedings of the 5th International Conference on Electronic Commerce Research (ICECR-5), Montreal, Canada (October 2002)Google Scholar
  37. 37.
    Xiong, L., Liu, L.: A reputation-based trust model for peer-to-peer ecommerce communities. In: Proceedings of the 4th ACM conference on Electronic commerce, San Diego, CA, USA, pp. 228–229. ACM Press, New York (2003)Google Scholar
  38. 38.
    Yu, B., Singh, M.P.: An evidential model of distributed reputation management. In: Proceedings of the first international joint conference on Autonomous agents and multiagent systems, Bologna, Italy, pp. 294–301. ACM Press, New York (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • S. Terzis
    • 1
  • W. Wagealla
    • 1
  • C. English
    • 1
  • P. Nixon
    • 1
  1. 1.The Global and Pervasive Computing Group, Dept. of Computer and Information SciencesUniversity of StrathclydeUK

Personalised recommendations