Skip to main content
SpringerLink
Log in

Security via Trusted Communications

  • Chapter
Handbook of Information and Communication Security

Abstract

Providing a trustworthy mobile computing platform is crucial for mobile communications, services and applications. This chapter studies methodologies and mechanisms of providing a trustworthy computing platform for mobile devices. In addition, we seek solutions to support trusted communications and collaboration among those platforms in a distributed and dynamic system. The first part of this chapter gives a brief overview of literature background. It includes detailed state-of-the-art in conceptualizing trust, trust modeling, trust evaluation and trust management and identifies emerging trends in this area. The second part of this chapter specifies a mechanism for trust sustainability among the platforms based on a trusted computing technology. It plays as the first level of autonomic trust management in our solution. The third part describes an adaptive trust control model. The trust management mechanism based on this model plays as the second level of our autonomic trust management solution. We demonstrate how the above two mechanisms can cooperate together to provide a comprehensive solution in the forth part. The fifth part further discusses other related issues, such as standardization and implementation strategies. Finally, conclusions and future work are presented in the last part.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 349.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 449.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 599.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. T. Grandison, M. Sloman: A survey of trust in internet applications, IEEE Commun. Surv. 3(4), 2–16 (2000)

    Article  Google Scholar 

  2. A. Avizienis, J.-C. Laprie, B. Randell, C. Landwehr: Basic concepts and taxonomy of dependable and secure computing, IEEE Trans. Dependable Secure Comput. 1(1), 11–33 (2004)

    Article  Google Scholar 

  3. S. Boon, J. Holmes: The dynamics of interpersonal trust: resolving uncertainty in the face of risk. In: Cooperation and Prosocial Behaviour, ed. by R. Hinde, J. Groebel (Cambridge University Press, Cambridge, UK 1991) pp. 190–211

    Google Scholar 

  4. C.L. Corritore, B. Kracher, S. Wiedenbeck: On-line trust: concepts, evolving themes, a model, Int. J. Human-Comput. Stud. Trust Technol. 58(6), 737–758 (2003)

    Article  Google Scholar 

  5. D.E. Denning: A new paradigm for trusted systems, Proc. IEEE New Paradigms Workshop (1993)

    Google Scholar 

  6. R. Falcone, C. Castelfranchi: Socio-cognitive model of trust. In: Encyclopedia of Information Science and Technology, ed. by M. Khosrow-Pour (Idea Group Reference, Hershey, PA 2005) pp. 2534–2538

    Google Scholar 

  7. D. Gambetta: Can we trust trust?. In: Trust: Making and Breaking Cooperative Relations, by D. Gambetta (WileyBlackwell, Oxford 1990)

    Google Scholar 

  8. Z. Liu, A.W. Joy, R.A. Thompson: A dynamic trust model for mobile ad hoc networks, Proc. 10th IEEE Int. Workshop on Future Trends of Distributed Computing Systems (FTDCS 2004) (2004) pp. 80–85

    Google Scholar 

  9. D.H. McKnight, N.L. Chervany: What is trust? A conceptual analysis and an interdisciplinary model, Proc. 2000 Americas Conference on Information Systems (2000)

    Google Scholar 

  10. D.H. McKnight, N.L. Chervany: The meanings of trust, UMN University Report, available at http://www.misrc.umn.edu/wpaper/wp96-04.htm (2003)

  11. R.C. Mayer, J.H. Davis, F.D. Schoorman: An integrative model of organizational trust, Acad. Manag. Rev. 20(3), 709–734 (1995)

    Article  Google Scholar 

  12. L. Mui: Computational models of trust and reputation: agents, evolutionary games, and social networks, Ph.D. Thesis (Massachusetts Institute of Technology, 2003)

    Google Scholar 

  13. D.E. Denning: A new paradigm for trusted systems, Proc. 1992–1993 Workshop on New Security Paradigms (1993) pp. 36–41

    Google Scholar 

  14. TCG TPM Specification v1.2, available at https://www.trustedcomputinggroup.org/specs/TPM/ (2003)

  15. Z. Yan, S. Holtmanns: Trustmodeling and management: from social trust to digital trust. In: Computer Security, Privacy and Politics: Current Issues, Challenges and Solutions, ed. by R. Subramanian (IGI Global, Hershey, PA, USA 2008) pp. 209–323

    Google Scholar 

  16. A.K. Dey: Understanding and using context, Pers. Ubiquitous Comput. J. 5, 4–7 (2001)

    Article  Google Scholar 

  17. M. Blaze, J. Feigenbaum, J. Lacy: Decentralized trust management, Proc. IEEE Symposium on Security and Privacy (1996) pp. 164–173

    Google Scholar 

  18. Y. Tan, W. Thoen: Toward a generic model of trust for electronic commerce, Int. J. Electron. Commer. 5(2), 61–74 (1998)

    Google Scholar 

  19. M.K. Reiter, S.G. Stubblebine: Resilient authentication using path independence, IEEE Trans. Comput. 47(12), 1351–1362 (1998)

    Article  MathSciNet  Google Scholar 

  20. L. Xiong, L. Liu: PeerTrust: supporting reputation-based trust for peer-to-peer electronic communities, IEEE Trans. Knowl. Data Eng. 16(7), 843–857 (2004)

    Article  Google Scholar 

  21. Y. Sun, W. Yu, Z. Han, K.J.R. Liu: Information theoretic framework of trust modeling and evaluation for ad hoc networks, IEEE J. Selected Areas Commun. 24(2), 305–317 (2006)

    Article  MATH  Google Scholar 

  22. M. Zhou, H. Mei, L. Zhang: A multi-property trust model for reconfiguring component software, 5th Int. Conference on Quality Software QAIC2005 (2005) pp. 142–149

    Google Scholar 

  23. Y. Wang, V. Varadharajan: Trust2: developing trust in peer-to-peer environments, IEEE Int. Conference on Services Computing, 1 (2005) 24–31

    Google Scholar 

  24. Z. Yan, R. MacLaverty: Autonomic trust management in a component based software system. In: Proceedings of the 3rd International Conference on Autonomic and Trusted Computing, Lecture Notes in Computer Science, Vol. 4158, ed. by L.T. Yang, H. Jin, J. Ma, T. Ungerer (Springer, Berlin Heidelberg 2006) pp. 279–292

    Chapter  Google Scholar 

  25. U. Maurer: Modeling a public-key infrastructure. In: Proceedings of European Symposium on Research in Computer Security, Lecture Notes in Computer Science, Vol. 1146, ed. by H. Bertino, H. Kurth, G. Martella, E. Montolivo (Springer, Berlin Heidelberg 1996) pp. 325–350

    Google Scholar 

  26. Z. Liu, A.W. Joy, R.A. Thompson: A dynamic trust model for mobile ad hoc networks, Proc. 10th IEEE Int. Workshop on Future Trends of Distributed Computing Systems (2004) pp. 80–85

    Google Scholar 

  27. G. Theodorakopoulos, J.S. Baras: On trust models and trust evaluation metrics for ad hoc networks, IEEE J. Sel. Areas Commun. 24(2), 318–328 (2006)

    Article  Google Scholar 

  28. A. Jøsang: An algebra for assessing trust in certification chains. In: Proceedings of the Network and Distributed Systems Security Symposium, ed. by J. Kochmar (The Internet Society, Reston, VA 1999)

    Google Scholar 

  29. Z. Yan: Trust Management for Mobile Computing Platforms. Ph.D. Thesis (Dept. of Electrical and Communication Eng., Helsinki University of Technology 2007)

    Google Scholar 

  30. K. Aberer, Z. Despotovic: Managing trust in a peer-to-peer information system, Proc. ACM Conf. Information and Knowledge Management (2001)

    Google Scholar 

  31. S. Song, K. Hwang, R. Zhou, Y.-K. Kwok: Trusted P2P transactions with fuzzy reputation aggregation, IEEE Internet Comput. 9(6), 24–34 (2005)

    Article  Google Scholar 

  32. P. Resnick, R. Zeckhauser: Trust among strangers in internet transactions: empirical analysis of eBay’s reputation system. In: The Economics of the Internet and E-Commerce, Advances in Applied Microeconomics, Vol. 11, ed. by M.R. Baye (Elsevier, MO, USA 2002) pp. 127–157

    Google Scholar 

  33. A. Singh, L. Liu: TrustMe: anonymous management of trust relationships in decentralized P2P systems, IEEE Int. Conference on Peer-to-Peer Computing (2003) pp. 142–149

    Google Scholar 

  34. R. Guha, R. Kumar: Propagation of trust and distrust, Proc. 13th International Conference on World Wide Web (ACM Press, 2004) pp. 403–412

    Google Scholar 

  35. S. Kamvar, M. Scholsser, H. Garcia-Molina: The EigenTrust algorithm for reputation management in P2P networks, Proc. 12th Int. Conference of World Wide Web (2003)

    Google Scholar 

  36. Z. Liang, W. Shi: PET: A PErsonalized Trust model with reputation and risk evaluation for P2P resource sharing, Proc. 38th Annual Hawaii Int. Conference on System Sciences (2005) pp. 201.2 (refer to http://portal.acm.org/citation.cfm?id=1043109, the page is indicated like that)

    Google Scholar 

  37. S. Lee, R. Sherwood, B. Bhattacharjee: Cooperative peer groups in NICE, Proc. IEEE Conference on Computer Communications (INFOCOM 03) (IEEE CS Press, 2003) pp. 1272–1282

    Google Scholar 

  38. P. Herrmann: Trust-based procurement support for software components, Proc. 4th Int. Conference of Electronic Commerce Research (ICECR04) (2001) pp. 505–514

    Google Scholar 

  39. K. Walsh, E.G. Sirer: Fighting peer-to-peer SPAM and decoys with object reputation, Proc. 3rd Workshop on the Economics of Peer-to-Peer Systems (P2PECON) (2005) 138–143

    Google Scholar 

  40. Z. Zhang, X. Wang, Y. Wang: A P2P global trust model based on recommendation, Proc. 2005 Int. Conference on Machine Learning and Cybernetics, 7 (2005) pp. 3975–3980

    Google Scholar 

  41. C. Lin, V. Varadharajan, Y. Wang, V. Pruthi: Enhancing grid security with trust management, Proc. IEEE Int. Conference on Services Computing (2004) pp. 303–310

    Google Scholar 

  42. Z. Yan, P. Cofta: A mechanism for trust sustainability among trusted computing platforms. In: Proc. 1st International Conference on Trust and Privacy in Digital Business, Lecture Notes in Computer Science, Vol. 3184, ed. by S.K. Katsikas, J. Lopez, G. Pernul (Springer, Berlin Heidelberg 2004) pp. 11–19

    Google Scholar 

  43. S. Banerjee, C.A. Mattmann, N. Medvidovic, L. Golubchik: Leveraging architectural models to inject trust into software systems, ACM SIGSOFT Softw. Eng. Notes 30(4), 1–7 (2005)

    Article  Google Scholar 

  44. Z. Yan, C. Prehofer: An adaptive trust control model for a trustworthy software component platform. In: Proceedings of the 4th International Conference on Autonomic and Trusted Computing, Lecture Notes in Computer Science, Vol. 4610, ed. by B. Xiao, L.T. Yang, J. Ma, C. Müller-Schloer, Y. Hua (Springer, Berlin Heidelberg 2007) pp. 226–238

    Chapter  Google Scholar 

  45. W. Xu, Y. Xin, G. Lu: A trust framework for pervasive computing environments, Int. Conference on Wireless Communications, Networking and Mobile Computing (2007) pp. 2222–2225

    Google Scholar 

  46. Z. Yan: Autonomic trust management for a pervasive system, Secypt’08 (2008) pp. 491–500

    Google Scholar 

  47. A. Jøsang: A logic for uncertain probabilities, Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 9(3), 279–311 (2001)

    Google Scholar 

  48. http://sky.fit.qut.edu.au/ josang/sl/demo/Op.html

  49. B. Kosko: Fuzzy cognitive maps, Int. J. Man-Mach. Stud. 24, 65–75 (1986)

    Article  MATH  Google Scholar 

  50. C. Castelfranchi, R. Falcone, G. Pezzulo: Integrating trustfulness and decision using fuzzy cognitive maps. In: Proceedings of the First International Conference of Trust Management, Lecture Notes in Computer Science, Vol. 2692, ed. by P. Nixon, S. Terzis (Springer, Berlin Heidelberg 2003) pp. 195–210

    Google Scholar 

  51. C.D. Stylios, V.C. Georgopoulos, P.P. Groumpos: The use of fuzzy cognitive maps in modeling systems, available at http://med.ee.nd.edu/MED5/PAPERS/067/067.PDF

  52. S. Song, K. Hwang, R. Zhou, Y.-K. Kwok: Trusted P2P transactions with fuzzy reputation aggregation, IEEE Internet Comput. 9(6), 24–34 (2005)

    Article  Google Scholar 

  53. Z. Yan: A conceptual architecture of a trusted mobile environment, Proc. IEEE 2nd Int. Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU06) (2006) pp. 75–81

    Google Scholar 

  54. S.J. Vaughan-Nichols: How trustworthy is trusted computing?, IEEE Computer 36(3), 18–20 (2003)

    Google Scholar 

  55. P. England, B. Lampson, J. Manferdelli, M. Peinado, B. Willman: A trusted open platform, IEEE Computer 36(7), 55–62 (2003)

    Google Scholar 

  56. Z. Yan, P. Zhang, T. Virtanen: Trust evaluation based security solution in ad hoc networks, Proc. 7th Nordic Workshop on Secure IT Systems (NordSec03) (2003)

    Google Scholar 

  57. Z. Yan, P. Zhang: Trust collaboration in P2P systems based on trusted computing platforms, WSEAS Trans. Inf. Sci. Appl. 2(3), 275–282 (2006)

    Google Scholar 

  58. P. Fenkam, S. Dustdar, E. Kirda, G. Reif, H. Gall: Towards an access control system for mobile peer-to-peer collaborative environments, Proc. 11th IEEE Int. Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (2002) 95–100

    Google Scholar 

  59. G. Kortuem, J. Schneider, D. Preuitt, T.G.C. Thompson, S. Fickas, Z. Segall: When peer-to-peer comes face-to-face: collaborative peer-to-peer computing in mobile ad hoc networks, Proc. of the 1st Int. Conference on Peer-to-Peer Computing (2001)

    Google Scholar 

  60. A. Jøsang, R. Ismail, C. Boyd: A survey of trust and reputation systems for online service provision, Decis. Support Syst. 43(2), 618–644 (2007)

    Article  Google Scholar 

  61. C. Lin, V. Varadharajan, Y. Wang, V. Pruthi: Enhancing grid security with trust management, Proc. IEEE Int. Conference on Services Computing (2004) pp. 303–310

    Google Scholar 

  62. E. Herscovitz: Secure virtual private networks: the future of data communications, Int. J. Netw. Manag. 9(4), 213–220 (1999)

    Article  Google Scholar 

  63. D. Wood, V. Stoss, L. Chan-Lizardo, G.S. Papacostas, M.E. Stinson: Virtual private networks, Int. Conference on Private Switching Systems and Networks (1988) pp. 132–136

    Google Scholar 

  64. K. Regan: Secure VPN design considerations, Netw. Secur. 2003, 5–10 (2003)

    Google Scholar 

  65. K.H. Cheung, J. Misic: On virtual private network security design issues, Comput. Netw. 38(2), 165–179 (2002)

    Article  Google Scholar 

  66. M. Blaze, J. Ioannidis, A.D. Keromytis: Trust management for IPSec, ACM Trans. Inf. Syst. Secur. 5(2), 95–118 (2002)

    Article  Google Scholar 

  67. R. Shan, S. Li, M. Wang, J. Li: Network security policy for large-scale VPN, Proc. Int. Conference on Communication Technology, 1 (2003) pp. 217–220

    Google Scholar 

  68. H. Hamed, E. Al-Shaer, W. Marrero: Modeling and verification of IPSec and VPN security policies, 13th IEEE Int. Conference on Network Protocols (2005) pp. 259–278

    Google Scholar 

  69. Z. Yan, P. Zhang: A trust management system in mobile enterprise networking, WSEAS Trans. Commun. 5(5), 854–861 (2006)

    Google Scholar 

  70. Z. Yan: A comprehensive trust model for component software, SecPerU’08 (2008) pp. 1–6

    Google Scholar 

  71. A.B. Huang: The trusted OC: skin-deep security, IEEE Computer 35(10), 103–105 (2002)

    Google Scholar 

  72. N. Asokan, J. Ekberg: A platform for OnBoard credentials, Proc. Financial Cryptography and Data Security (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Nokia Research Center, Itämerenkatu 11–13, 00180, Helsinki, Finland

    Zheng Yan

Authors
  1. Zheng Yan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Technical University of Crete, 73132, Chania, Crete, Greece

    Peter Stavroulakis

  2. Dept. Computer Science, San Jose State University, One Washington Square, 95192, San Jose, CA, USA

    Mark Stamp

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Yan, Z. (2010). Security via Trusted Communications. In: Stavroulakis, P., Stamp, M. (eds) Handbook of Information and Communication Security. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04117-4_33

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-04117-4_33

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-04116-7

  • Online ISBN: 978-3-642-04117-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation