Wenjuan Li,Lingdi Ping

DOI: https://doi.org/10.1007/978-3-642-10665-1_7

2009-01-01

Abstract:Trust is one of the most important means to improve security and enable interoperability of current heterogeneous independent cloud platforms. This paper first analyzed several trust models used in large and distributed environment and then introduced a novel cloud trust model to solve security issues in cross-clouds environment in which cloud customer can choose different providers' services and resources in heterogeneous domains can cooperate. The model is domain-based. It divides one cloud provider's resource nodes into the same domain and sets trust agent. It distinguishes two different roles cloud customer and cloud server and designs different strategies for them. In our model, trust recommendation is treated as one type of cloud services just like computation or storage. The model achieves both identity authentication and behavior authentication. The results of emulation experiments show that the proposed model can efficiently and safely construct trust relationship in cross-clouds environment.

Wenjuan Li,Lingdi Ping,Xuezeng Pan

DOI: https://doi.org/10.1109/iceie.2010.5559829

2010-01-01

Abstract:Security and interoperability is the biggest challenge to promote cloud computing currently. Trust has proved to be one of the most important and effective alternative means to construct security in distributed systems. In order to efficiently and safely construct entities' trust relationship in cloud and cross-clouds environment, this paper proposed a novel cloud trust model and a new cloud security framework. The propose trust model is domain-based. It divides one cloud provider's resource nodes into the same trust domain. It designs different trust strategies for different roles. Trust recommendation is treated as one type of cloud services just like computation or storage. Based on the proposed trust model, it introduced a novel cloud security framework with an independent trust management module. Using the proposed security model, it introduced some trust-based security mechanisms. Results of simulation experiments show that the proposed security model can achieve high transaction success rate with high trust accuracy.

ZHU Lei,ZHOU Ming-Hui,LIU Tian-Cheng,MEI Hong

DOI: https://doi.org/10.3321/j.issn:0254-4164.2005.04.027

2005-01-01

Chinese Journal of Computers

Abstract:Service Oriented Architecture (SOA) is a method to design and construct loose coupling software systems. It turns the distributed applications developed on middleware into software services on Internet. Traditional permission management system on middleware has good flexibility and basically, meets the security requirements of closed system, but under SOA, it cannot meet the authorization requirements of requesting services and sharing resources between different nodes and systems. This paper proposes a service oriented permission management model, supporting delegation and reasoning to provide application developers with improved permission management mechanism and to expand capabilities of middleware to share resources and services across organizations. The above model is implemented and validated in a J2EE application server. The experiments show that the model has high flexibility and scalability, and it is reasonable that when over 50 clients request at the same time, response time increases a lot because of signature verifications and file IO operations.

Manling Zhu,Zhi Jin

DOI: https://doi.org/10.1007/978-3-540-92803-4_9

2008-01-01

Abstract:In this paper, we propose an agent-based trust modeling architecture for service-oriented computing. A Trust Ontology is built to offer better understanding to the trust relationships in service-oriented systems. Based on this ontology, algorithms have been given for supporting trust analysis, reasoning and computing. Finally a case study is presented to illustrate how this formalism of service trust framework can be used. We argue that our trust model can assist service agents to make rational trading decisions by measuring the trustworthiness of the potential partners.

HL Hu,D Chen,CQ Huang

DOI: https://doi.org/10.1007/11428862_31

2005-01-01

Abstract:The open and anonymous of grid make the task of controlling access to sharing information more difficult, which cannot be addressed by traditional access control methods. In this paper, we identify access control requirements in such environments and propose a trust based access control framework for grid resource sharing. The framework is an integrated solution involving aspects of trust and recommendation models, based the discretionary access control (DAC), and are applied to grid resource-sharing systems. In this paper, we integrate technology of web services into idea of trust for describing resources.

Xiaofei Zhang,Hui Liu,Bin Li,Xing Wang,Haiqiang Chen,Shizhong Wu

DOI: https://doi.org/10.1109/cloudcom.2010.86

2010-11-01

Abstract:The emergence and application of cloud computing can help users access to various computing resources and services more conveniently. However, it also brings forth many security challenges. This paper proposes the application oriented remote verification trust model, which is capable of adjusting the user's trust authorization verification contents according to the specific security requirements of different applications. The model also dynamically adjusts the users' trust value with the trust feedback mechanism to determine whether or not the requested resource or service should be provided, so as to guarantee the security of information resources. This paper provides a formal description of the basic components and trust properties of the model with a belief formula, and describes the framework for the implementation of the model.

Chao Chen,Ke Wang,Shuren Liao,Qiuyan Zhang,Yiqi Dai

DOI: https://doi.org/10.1109/CSE.2009.319

2009-01-01

Abstract:The trustworthiness of application plays a key role in the overall trustworthiness of computer systems. However, the current uncontrolled way of application execution brings difficulties in providing sufficient application trustworthiness. In this paper we present a server-based application execution architecture to reinforce the application-level trustworthiness, with reference to trusted computing and the software identification scheme. A system agent is introduced in the architecture to employ the TPM to implement integrity measurement, and communicate with the server to determine whether executions of applications are permitted based on their identification(indicating application trustworthiness), and therefore improves the trustworthiness and security of the system. To further enable necessary executions of untrusted applications, the concept of multi-level security is adopted to design a configurable strategy to maintain a balance between system security and usability. Experimental results show that with acceptable system cost, trustworthiness of application is guaranteed and appropriate execution flexibility can be achieved.

Mauling Zhu,Zhi Jin

2008-01-01

Abstract:In this paper, we propose an agent-based trust modeling architecture for service-oriented computing. A Trust Ontology is built to offer better understanding to the trust relationships in service-oriented systems. Based on this ontology, algorithms have been given for supporting trust analysis, reasoning and computing. Finally a case study is presented to illustrate how this formalism of service trust framework can be used. We argue that our trust model can assist service agents to make rational trading decisions by measuring the trustworthiness of the potential partners.

Yuan Wang,Feng Xu,Ye Tao,Chun Cao,Jian Lü

DOI: https://doi.org/10.1007/11839569_23

2006-01-01

Abstract:Trust management is an efficient approach to ensure the security and reliability in the autonomic and coordination systems. Various trust management systems are proposed from different viewpoints. However, evaluating different trust management approaches is usually more intuitive than formal. This paper presents a role-based formal framework to specify trust management systems. By quantifying two types of trust commonly occurring in the existing trust management systems, the framework proposes a set of elements to express the assertions and recommendation relationships in trust management. Furthermore, some facilities are provided to specify the semantics of trust engines. The framework makes it more convenient to understand, compare, analyze and design trust management systems.

Ming-Hui ZHOU,Hong MEI,Wen-Pin JIAO

DOI: https://doi.org/10.3321/j.issn:0372-2112.2005.05.011

2005-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:Being confronted with the trust crisis under the Internet environment, people have endeavored to develop technologies for supporting and measuring trust. Basically, traditional models and mechanisms seldom studied trust from the perspective of the trust itself and most of them can only deal with trust on a single aspect. Those traditional approaches can not manage or support trust in consistent ways when systems are required to be in possession of multiple trust properties. Regarding software services in the Internet environment as the investigating entities, this paper is devoted to build uniform view for multiple trust properties. Firstly, a trust management model based on middleware is built. Secondly, based on the model, a trust management framework is built, which is customizable and extendable. Thirdly, by analyzing various trust properties deeply, a viable trust-measuring model is setup. At last, the framework is implemented on the top of a middleware platform, i.e. the PKUAS. This paper also compares our research with the related work.

Keting Yin,Bo Zhou,Shuai Zhang,Yixi Chen,Dangxing Chu

DOI: https://doi.org/10.1109/WiCom.2008.2875

2008-01-01

Abstract:The authenticity of advertised QoS for web services is of particular relevance during service discovery and selection. Reputation of a service is often used as a measure of its trustworthiness. Currently, reputation is usually computed from the users' feedbacks and represents a snapshot for the interactions in a past time slot. However, in an open environment, reputation is a volatile property, which is subject to change. A more effective measure is needed for the users to pick up trustable web services.In this paper, we propose a novel measure to evaluate the authenticity of web services based on reputation. To enhance the traditional service trustworthiness measurement that depends mainly on services' current reputation, our measure incorporates historical reputation data of services and service providers' reputation into the evaluation of users' trust in services. Experiments are presented to evaluate the effectiveness of our approach.

Jun Li,Xiaolin Zheng,Deren Chen,William Wei Song

DOI: https://doi.org/10.4018/jwsr.2012070102

2012-01-01

International Journal of Web Services Research

Abstract:In a service-oriented environment, it is inevitable and indeed quite common to deal with web services, whose reliability is unknown to the users. The reputation system is a popular technique currently used for providing a global quality score of a service provider to requesters. However, such global information is far from sufficient for service requesters to choose the most qualified services. In order to tackle this problem, the authors present a trust based architecture containing a computational trust model for quantifying and comparing the trustworthiness of services. In this trust model, they firstly construct a network based on the direct trust relations between participants and rating similarity in service oriented environments, then propose an algorithm for propagating trust in the social network based environment which can produce personalized trust information for a specific service requester, and finally implement the trust model and simulate various malicious behaviors in not only dense but also sparse networks which can verify the attack-resistant and robustness of the proposed approach. The experiment results also demonstrate the feasibility and benefit of the approach.

Manling Zhu,Zhi Jin

DOI: https://doi.org/10.1109/compsac.2009.45

2009-01-01

Abstract:Trust is central to effective interactions in service-oriented computing in which service consumers select the right partners who can and will provide expected services. Available trust models lack of the analysis and reasoning on trustworthiness. This paper proposes an agent-based framework to support the trust evaluation for service selection. A trust ontology has been provided to analyze and reason the relations among trust concepts.

Wei-Tek Tsai,Peide Zhong,Xiaoying Bai,Jay Elston

DOI: https://doi.org/10.1109/soca.2009.5410472

2009-01-01

Abstract:Trust is an important problem in a community of interest (COI) built on top of service-oriented architecture (SOA). Furthermore, ranking services, data, and workflows in service-oriented applications is also important. This paper presents a role-based trust model to address these two problems. In this paper, users are classified into different roles in COI using role ontology (RO). The RO describes their relationships, and is used as a basis for assigning a numeric value as each role's trust degree (TD). Because TD is represented as a number, the trustworthiness of service and data can be easily ranked in a COI system. Finally, this paper presents a case study to illustrate the key feature of this model.

Hong Mei

DOI: https://doi.org/10.1109/ICECCS.2005.31

2005-01-01

Abstract:Due to the widespread trust threat under the open and dynamic Internet environment, the computer community has endeavored to engage in the studies of technologies for protecting and evaluating trustworthiness. This paper firstly defines trust from three aspects: trust relationship, trust property and trust entity, and build a uniform view for multiple trust properties. Secondly, according to abstract the common characteristics over varied trust properties, a model of trust management is elaborated, in which the trust entities, measurement model and trust policy are described. Thirdly, the trust management is implemented as a kind of public service on a J2EE compliant middleware platform, i.e., the PKUAS.

Minghui Zhou,Hong Mei,Lu Zhang

DOI: https://doi.org/10.1109/QSIC.2005.5

2005-01-01

Abstract:While component software continues to grow in size and complexity, it becomes increasingly difficult to ensure qualities for component services, especially at run-time. This paper focuses on a framework on middleware for dynamic re-configuration of components of different qualities from the view of trust. Firstly, a trust management model is built, in which the management framework and measurement model are presented. Secondly, the reconfiguration algorithm is described based on the model. Thirdly, the trust management is implemented as a kind of public services and some tools on a J2EE-compliant middleware platform, i.e., PKUAS. Finally, the related work is discussed and compared with our research.

Jingfan Tang,Zhijun He

DOI: https://doi.org/10.1109/cscwd.2006.253075

2006-01-01

Abstract:This paper presents a novel model to support security in dynamic cooperation of cross-enterprise services. With the extended WSDL description and through the replication technique, the service replica can be dynamically deployed and executed on the optimum cross-enterprise server, which is selected from the registered servers in the enhanced UDDI center according to the server evaluation function. In order to ensure the safety and dynamically sharing of the cross-enterprise resources among the Web services, a security mechanism of trusted right delegation is introduced

Manling Zhu,Zhi Jin

DOI: https://doi.org/10.1109/wi-iat.2009.66

2009-01-01

Abstract:Trust is central to interactions in Web systems in which service consumers select the trustworthy service agents to provide the expected services. Currently, the analysis of the essential meaning of trust has not been paid enough attention as well as the reasoning process on trustworthiness. This paper proposes an ontology-based trust model which can offer more insightful understanding to the trust relationships among service agents in Web systems. A trust ontology with a set of trust computational rules have been given for supporting trust analysis and reasoning. Also the structure of the service-oriented agents has been given. Finally a case study is used to illustrate how the service agents collaborate with each others to determine the trustworthiness of their partners.

Ran Yang,Chuang Lin,Yixin Jiang,Xiaowen Chu

DOI: https://doi.org/10.1109/GLOCOM.2011.6134072

2011-01-01

Abstract:In the service-oriented computing, a single transaction initiated by a client might invoke many different services in other administrative domains. Existing models for authorizing the access assume that all services involved in collaboration are managed by the central authority, which is not always a realistic premise. In this paper, we propose a novel authorization model for dynamic service collaboration. With the authorization discovery process, the client can discover the needed authorization for service access available in other autonomous domains. With extensions to SoD relationship, the conflicts of client interests can be formalized and expressed as constraints. The authorization problems are formalized to choose the optimal access path for each task. At last, the example and experiments show the practicality and the effectiveness of our scheme.

Lu Chen,Qing Zhou,Gaofeng Huang,Liqiang Zhang

DOI: https://doi.org/10.1109/CIS.2014.47

2014-01-01

Abstract:Resource sharing is one of the main applications of network. How to establish a trust relationship between resources requestor and provider, and enforce authority is the key issue of efficient resource sharing. Existing models and methods are mostly focus on identity, recommendation and other information, but lack of the considering of resource requestor's conduct and environment of computing. And once authorized, it will not be able to track and control user behavior dynamically. It may cause more risks when sharing resources. Aiming to resolve the above problems, a trust-role based context aware access control model is proposed relying on the measurement and verification of the \"trust credentials and evidences\" which embody the context information of user behavior and platform environment to achieve the security, dependable and dynamic access control for resource sharing.