Wen Li,Lingdi Ping,Kuijun Lu,Xiaoping Chen

DOI: https://doi.org/10.1109/ICIE.2009.33

2009-01-01

Abstract:As traditional network security cannot meet the security requirements, the international research shows that network security is on the way to Trustworthy Internet and that the trustworthy issue becomes a hot topic in the future Internet. Trust evaluation of users' behavior is an important part of Trustworthy Internet and a rational trust model plays a key role in the evaluation. This paper concludes many principles of the trust model by analyzing existing trust models and proposes a novel trust model including both the direct and indirect trust. In our model, the direct trust is more trustworthy and is weighted more with the more and more interactions and the indirect evaluation becomes less and less important. The subjective factor is considered to make the direct trust obey the principle of "rise-lowly, decline-quickly". Furthermore, recommenders' credibility is taken into account in the indirect trust evaluation, which can avoid the denigration and make indirect trust more objective. We also consider the process of referral of the credibility to gain more information to evaluate the indirect trust effectively. Credibility evaluation is the basis of the filtering of low credibility and the improvement of trust evaluation. Finally, several experiments are shown to illustrate the properties of the model. © 2009 IEEE.

Wenjuan Li,Lingdi Ping,Xuezeng Pan

DOI: https://doi.org/10.1109/iceie.2010.5559829

2010-01-01

Abstract:Security and interoperability is the biggest challenge to promote cloud computing currently. Trust has proved to be one of the most important and effective alternative means to construct security in distributed systems. In order to efficiently and safely construct entities' trust relationship in cloud and cross-clouds environment, this paper proposed a novel cloud trust model and a new cloud security framework. The propose trust model is domain-based. It divides one cloud provider's resource nodes into the same trust domain. It designs different trust strategies for different roles. Trust recommendation is treated as one type of cloud services just like computation or storage. Based on the proposed trust model, it introduced a novel cloud security framework with an independent trust management module. Using the proposed security model, it introduced some trust-based security mechanisms. Results of simulation experiments show that the proposed security model can achieve high transaction success rate with high trust accuracy.

Gao Jian,Yu Huadong,Wang Hongmian,Bai Huifeng,Huo Chao,Zhang Ganghong

DOI: https://doi.org/10.1051/itmconf/20224703015

2022-01-01

ITM Web of Conferences

Abstract:Along with the computer, communication, control, the rapid development of automation technology, based on the analysis of the information security requirements, combined with the trusted computing provide security solution, the communication control information security interaction model and the key technology to realize information security interaction, put forward a real-time evaluation model based on credible global terminal entities. By introducing penalty factor and time factor, the evaluation method is improved from single evaluation to global evaluation. Taking the user information collection system as an example, the information security communication model of behavior trust measurement mechanism is simulated. The simulation results show that this model has the ability of continuous trust measurement in dynamic uncertain network environment, and can accurately determine the trust of terminal entities in real time, and it is more realistic, which lays a good foundation for the research of trust connection, trust management and trust decision based on trust measurement.

Wenshuan Xu,Yunwei Xin,Guizhang Lu

DOI: https://doi.org/10.1109/WICOM.2007.554

2007-01-01

Abstract:Due to the uncertainty and mobility of pervasive computing environments, trust modeling has been regarded as an important problem. At present, there are lots of researches on trust model for pervasive computing. In this paper, a novel trust framework for pervasive computing is presented. The hybrid framework is based on a trust model, a security model, and a risk model. From the framework presented, uncertainty problem in pervasive computing environments can be solved well. Moreover, from the simulation results, we can see that the framework is dynamic and lightweight enough to be applicable to in pervasive computing environments.

HE Hong-Jun,CAO Si-Hua,LUO Li,FENG Tao,PAN Li,ZOU Zhi-Ji

2006-01-01

Chinese Journal of Computers

Abstract:In this paper, the authors point out that the deep reason why modern computer system fails to defense malware lies in that user has no right to control the access of information. Based on it, the authors propose an explicit authorization mechanism, and give a formal definition of malware that steals or destroys information. Further, they prove that computer based on this novel mechanism can protect information from attacking reliably, and present two trusted secure computer systems based on it. In the first system, the explicit authorization mechanism is embedded into operating system, and the system can prevent information from being attacked by arbitrary malware or malicious application. The system is highly compatible with current computer hardware and software. In the second system, slight changes are made to hardware and operating system. However, the system has stronger anti-attack ability and can prevent attack from operating system itself reliably and timely.

H Jameel,LX Hung,U Kalim,A Sajjad,S Lee,YK Lee

DOI: https://doi.org/10.1109/ism.2005.22

2005-01-01

Abstract:Ubiquitous Computing foresees a massively networked world supporting a population of diverse but cooperating mobile devices where, trust relationships between entities are uncertain. Though there have been lots of effort focusing on trust for Ubiquitous Systems, they did not attach enough importance to uncertainty in their model. On the other hand, most of the works draw a general picture without a detailed computational model. In this paper we present a trust model based on the vectors of trust values of different entities. The evaluation of trust depends upon the recommendation of peer entities common to the interacting entities. These recommendations are weighted according to the number and time of past interactions. Furthermore we present a method of handling false recommendations without introducing significant computational burden. The model can. calculate trust between two entities in situations both in which there is past experience among the interacting entities and in which the two entities are communicating for the first time. Several tuning parameters are suggested which can be adjusted to meet the security requirement of a ubiquitous system.

OU Wei,WANG Yong-jun,HAN Wen-bao

DOI: https://doi.org/10.3969/j.issn.1007-130X.2013.05.008

2013-01-01

Abstract:Traditional authorization and authentication solves the problem of trust of user identify , but not solves the problem of trust of user behavior.Therefore , the paper proposed a new trustworthy model based on user behavior so as to meet the needs of security systems.In this model , users of network service are regarded as subjects , and files and data in computer are regarded as objects.Different subjects and objects are assigned to different levels of confidentiality and integrity.A user'service request on system is mapped into the access from a subject to an object.In this model , security attributes and security strategies and rules used to restrict users'behavior are all defined.Hence , a security and trustworthy computer system is made up.

Anuoluwapo A. Adewuyi,Hui Cheng,Qi Shi,Jiannong Cao,Xingwei Wang,Bo Zhou

DOI: https://doi.org/10.1109/jiot.2021.3097980

IF: 10.6

2022-03-01

IEEE Internet of Things Journal

Abstract:A future Internet of Things (IoT) will feature a service-oriented architecture consisting of lightweight computing platforms offering individual, loosely coupled microservices. Often, an end-user will request a bespoke service that will require a composition of two or more microservices offered by different service providers. However, the underlying complexities of soft compositions and the increased security risks are inherent in such a massively decentralized and distributed architecture. The use of trust management to secure the IoT is well studied in the literature. However, there are limitations to its use in service compositions in the IoT. Specifically, transparent (agnostic) trust composition and decomposition remain key problems for this area. A novel model for trustworthy service compositions in the IoT, SC-TRUST, is therefore proposed to deal with these challenges. In this study, the trust properties of service compositions and the effect of service workflows on transparent trust composition and decomposition are investigated. Based on the findings, relevant trust evaluation functions are derived to guide the compositions. SC-TRUST was implemented in a suitable application and its performance, in terms of the utility derived and the trust accuracy, convergence, and resiliency, was evaluated. The results show that SC-TRUST improves the quality of service compositions and adequately mitigates trust-related attacks, thus increasing both efficiency and security.

computer science, information systems,telecommunications,engineering, electrical & electronic

张润莲,武小年

DOI: https://doi.org/10.3724/sp.j.1087.2010.02383

2010-01-01

Journal of Computer Applications

Abstract:It is very difficult to identify the malicious acts of users and to control the future acts of users for the existing static certificate-based user management in an open grid environment because of the dynamics and uncertainty of user behavior. To address the problem, a method for user security management based on trust constraints was proposed. In this method, according to the result of trust computation, the trust black-list and white-list were established by monitoring the change of trust level of users, and trust policies that stated the relationship between user trust and asset value were set. The testing results show that, as a dynamic trust constraint of access control mechanism, the trust black-list, white-list and trust policies strengthen the constraints on the system authorization, and effectively control the user behaviors by associating user's capacity accessing to resources with his or her history behaviors, which improves system security.

Li-ming Hao,Shu-tang Yang,Song-nian Lu,Gong-liang Chen

DOI: https://doi.org/10.1007/s12204-008-0086-8

2008-01-01

Abstract:Trust is one of the most important security requirements in the design and implementation of peer-to-peer (P2P) systems. In an environment where peers’ identity privacy is important, it may conflict with trustworthiness that is based on the knowledge related to the peer’s identity, while identity privacy is usually achieved by hiding such knowledge. A trust model based on trusted computing (TC) technology was proposed to enhance the identity privacy of peers during the trustworthiness evaluation process between peers from different groups. The simulation results show that, the model can be implemented in an efficient way, and when the degree of anonymity within group (DAWG) is up to 0.6 and the percentage of malicious peers is up to 70%, the service selection failure rate is less than 0.15.

George S. Oreku,Jianzhong Li,Fredrick J. Mtenzi

DOI: https://doi.org/10.1504/ijitst.2009.023903

2009-01-01

International Journal of Internet Technology and Secured Transactions

Abstract:Traditional access control a.k.a. authorisation for e commerce systems is not flexible and efficient enough to combat the new emerging security challenges and public remains concerned about the security of online transactions as can be seen from http://www.security-survey.gov.uk. Challenges like changes in consumer's behaviour, advances in broadband technology, industrial maturity and entropy converging to usher in a new era of e-commerce security. The authors' proposed framework provides trust transformation rules which have associated conditions for authorisations to control access. The introduction of trust method formalises the conditions within logical perspective. The authors aim to build the architecture and trust model for trust and authorisation within an e-commerce service system. The architecture will help to build a secure e-commerce service system. The underlying framework will not only inform researchers of a better design for secure e-commerce service, but also assist e-commerce systems developers in the understanding of intricate constructions within trust and authorisation. This includes protecting transactions records of customers in terms of information privacy and access. The authors also propose rigorous logical foundation for trust and authorisation in e-commerce service environments based on ABLP.

Lu Chen,Qing Zhou,Gaofeng Huang,Liqiang Zhang

DOI: https://doi.org/10.1109/CIS.2014.47

2014-01-01

Abstract:Resource sharing is one of the main applications of network. How to establish a trust relationship between resources requestor and provider, and enforce authority is the key issue of efficient resource sharing. Existing models and methods are mostly focus on identity, recommendation and other information, but lack of the considering of resource requestor's conduct and environment of computing. And once authorized, it will not be able to track and control user behavior dynamically. It may cause more risks when sharing resources. Aiming to resolve the above problems, a trust-role based context aware access control model is proposed relying on the measurement and verification of the \"trust credentials and evidences\" which embody the context information of user behavior and platform environment to achieve the security, dependable and dynamic access control for resource sharing.

S. Udhaya Shree,Dr. M. S. Saleem Basha

DOI: https://doi.org/10.5121/ijwsc.2014.5301

2014-10-14

Abstract:Most of the peers accessing the services are under the assumption that the service accessed in a P2P network is utmost secured. By means of prevailing hard security mechanisms, security goals like authentication, authorization, privacy, non repudiation of services and other hard security issues are resolved. But these mechanisms fail to provide soft security. An exhaustive survey of existing trust and reputation models in P2P network regarding service provisioning is presented and challenges are listed.p2p Trust issues like trust bootstrapping, trust evidence procurement, trust assessment, trust interaction outcome evaluation and other trust based classification of peers behaviour into trusted, inconsistent, un trusted, malicious, betraying, redemptive are discussed.

Cryptography and Security,Networking and Internet Architecture

Wang Huaimin,Tang Yangbin,Yin Gang,Li Lei

DOI: https://doi.org/10.1007/s11432-006-2024-4

2006-01-01

Abstract:Recent years see an increasing concern over the trustworthiness of Internet-based software. By analyzing the trustworthiness of Internet-based software and the nature of the Internet applications, we point out that, on the one hand, due to the openness and dynamic nature of the Internet, the identity trustworthiness and the capability trustworthiness of the software are facing serious challenges; on the other hand, in order to ensure the trustworthiness of the whole system, emerging computing paradigms based on the collaboration of autonomous software need some impacts on the behavior of the software. Here we put forward a conceptual model for the trustworthiness of Internet-based software, and propose a trustworthy assurance framework for Internet-based virtual computing environment (iVCE). This framework deals with the trustworthy properties of software on identity, capability and behavior in a combinated way. The authorization management in inter-domain computing environment, assurance on high availability of service and incentive mechanism for autonomic collaboration are taken as three core mechanisms of iVCE trustworthy assurance.

Manling Zhu,Zhi Jin

DOI: https://doi.org/10.1007/978-3-540-92803-4_9

2008-01-01

Abstract:In this paper, we propose an agent-based trust modeling architecture for service-oriented computing. A Trust Ontology is built to offer better understanding to the trust relationships in service-oriented systems. Based on this ontology, algorithms have been given for supporting trust analysis, reasoning and computing. Finally a case study is presented to illustrate how this formalism of service trust framework can be used. We argue that our trust model can assist service agents to make rational trading decisions by measuring the trustworthiness of the potential partners.

Bing Zhang,Xinxin Ma,Zhiguang Qin

2011-01-01

Abstract:⎯By analyzing existed Internet of Things’ system security vulnerabilities, a security architecture on trusting one is constructed. In the infrastructure, an off-line identity authentication based on the combined public key (CPK) mechanism is proposed, which solves the problems about a mass amount of authentications and the cross-domain authentication by integrating nodes’ validity of identity authentication and uniqueness of identification. Moreover, the proposal of constructing nodes’ authentic identification, valid authentication and credible communication connection at the application layer through the perception layer impels the formation of trust chain and relationship among perceptional nodes. Consequently, a trusting environment of the Internet of Things is built, by which a guidance of designing the trusted one would be provided. Index Terms⎯Combined public key, elliptic curves cryptography, Internet of Things, radio frequency identification, security system, trusting system.

Jian-Jun Qi,Zeng-Zhi Li

DOI: https://doi.org/10.1007/11559221_77

2005-01-01

Abstract:This paper proposes a security architecture that employs trust notion to address security issues in active networks. The subjectivity of trust is discussed, and the innovative idea is that how to compute trust should be decided subjectively by an entity. Then, a general framework for a trust system is described. Finally, a flexible trust management model, which employs the features of active networks, is presented. In this model, different entities can use different methods to compute trust, and an entity can change its computing method of trust over time.

Tiange SI,Duo LIU,Yiqi DAI

DOI: https://doi.org/10.3321/j.issn:1000-0054.2007.07.034

2007-01-01

Abstract:To deal with worsening network security problems, a trusted computer system model for network applications was developed based on the transparence computing paradigm. The model effectively controls security problems within the computer by using transparence computing technology. Problems among computers inside a network can be controlled by using a star topology with the monitor in the center of the model which watches and controls communications among the system entities. The monitor can filter data transfers and dynamically isolate physical connections among host computers, between host computers and servers, as well as between host computers and the outside network. Analyses show that this model effectively solves network security problems and guarantees local area network safety.

Deqing Zou,Jong Hyuk Park,Laurence Tianruo Yang,Zhensong Liao,Tai-Hoon Kim

DOI: https://doi.org/10.1007/978-3-540-69293-5_5

2008-01-01

Abstract:There are lots of entities in the ubiquitous computing environment. For the traditional public key Infrastructure (PKI), every entity should be signed a valid certificate by the certificate authentication center. However, it's hard to construct a centralized trust management framework and assign a valid certificate for every entity in the ubiquitous computing environment because of large numbers of dynamic entities. Trust negotiation (TN) is an important means to establish trust between strangers in ubiquitous computing systems through the exchange of digital credentials and mobile access control policies specifying what combinations of credentials a stranger must submit. Current existing TN technologies, such as TrustBuilder and KeyNote, focused on how to solve a certain problem by using some special techniques. In this paper, we present a formal framework for expressing trust negotiation. The framework specifies the basic concepts, elements and the semantics of TN. By analyzing TN, we point out how to build a TN system in practice.

Jinghui Li,Bifei Mao,Zhizhang Liang,Zeqi Zhang,Qiushi Lin,Xin Yao

DOI: https://doi.org/10.1109/PerComWorkshops51409.2021.9430929

2021-01-01

Abstract:Trust and trustworthiness have been popular words in computing and communications for many years. Yet few studies investigate in-depth their definitions and how to engineer systems that are trustworthy. This paper first reviews different aspects of trust used in different disciplines. Then a comprehensive trust model is proposed, trying to capture essential elements associated with trust and trust...