Qi Jing,Jianbin Hu,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1109/IMCCC.2011.123

2011-01-01

Abstract:A wireless Ad Hoc network is an infrastructureless self-organizing network. Access control problem of strangers may happen because of its strong openness. Trust management based on policy can dealt with such problem, which can deliver access control policies to strangers through credential-delegation to give them permissions. But the delegation frameworks are somewhat coarse-grained and subjective. This paper proposes a trust evaluation based authorization model for ad hoc networks (TEAMA), which extends the basic model TBM with trust degree, which is generated by trust evaluation and helps the decisions of credential-grants in trust management based on policy, gives a more objective fine-grained evaluation than usual subjective methods.

Yan He,Miaoliang Zhu

DOI: https://doi.org/10.4108/infoscale.2007.888

2007-01-01

Abstract:Traditional security model, where the identity of all possible requesting subjects must be pre-registered in advance, is not suitable for the distributed applications with strong real-time requirements, especially recently popular P2P networks and Grid computing. A promising approach is represented by automated trust negotiation, which establishes trust between strangers through the exchange of digital credentials and the use of access control policies. An automated trust negotiation strategy needs to be adopted to establish trust between two parties based on their disclosure policies. Previously proposed negotiation strategies may fail when in fact success is possible, disclose irrelevant credentials, or have high communication or computational complexity. In this paper, we model the policies participating trust negotiation as Negotiation Petri Net and propose a trust negotiation Strategy based on Negotiation Petri Net (SNPN) by combining the characteristics of Negotiation Petri Net architecture with the behaviors of auto trust negotiation. We prove that SNPN is efficient with O(n) communication complexity and O(nm) computational complexity including Negotiation Petri Net building process and the negotiation process in the worst case, where n is the number of credentials and m is the size of the credential disclosure policies. Meanwhile SNPN is complete and makes sure that no irrelevant credentials will be disclosed during negotiations.

SHI Wenbo,CAO Chun

DOI: https://doi.org/10.3778/j.issn.1002-8331.1208-0528

2013-01-01

Abstract:Trust Management implements the authorization procedure and access control decision in an open network environment according to the credential issuing and the chain discovery algorithms. However, because of the complexity and dynamic of the trust network, the traditional trust-management system results in a low efficiency in credential discovery. To address the shortage, this paper proposes an autonomous trust-management system which introduces the concept of authority routing table.The system makes sure the direction of the search guides directly to the requester while finding the credential chain. While the trust network is complex and the right request happens frequently, the autonomous trust-management system can reduce the search cost and improve the efficiency in credential discovery.

谭良,徐志伟

DOI: https://doi.org/10.3969/j.issn.1002-137x.2008.10.003

2008-01-01

Computer Science

Abstract:The issue of the transitive trusted chain is the foundation for trusted computing.This paper surveys the technologies and the theories of the transitive trusted chain,including the technology projects of the transitive trusted chain,the technologies of the trust for measurement,the theories of the transitive trusted chain and the trust for measurement.Some fields are worthy to be explored are pointed out including some key technologies,such as the static trust for measurement and the dynamic trust for measurement,and some foundation theories,such as the level model of the trusted chain,the trust loss model and the theory of the dynamic trust for measurement for software,and so on.

Tong Sun,Borui Li,Yixiao Teng,Yi Gao,Wei Dong

DOI: https://doi.org/10.1109/ipsn61024.2024.00021

2024-01-01

Abstract:Internet of Things (IoT) applications have recently been widely used in safety-critical scenarios. To prevent sensitive information leaks, IoT device vendors provide hardware-assisted protections, called Trusted Execution Environments (TEEs), like ARM Trust-Zone. Programming a TEE-based application requires separate code for two components, significantly slowing down the development process. Existing solutions tackle this issue by automatic code partition while not successfully applying it in two complicated scenarios: adding trusted logic and interactions with secure peripherals.We propose dTEE, a declarative approach to secure IoT applications based on TrustZone. dTEE proposes a rapid approach that enables developers to declare tiered-sensitive variables and functions of existing applications. Besides, dTEE automatically transforms device drivers into trusted ones. We evaluate dTEE on four real-world IoT applications and seven micro-benchmarks. Results show that dTEE achieves high expressiveness for supporting 50% more applications than existing approaches and reduces 90% of the lines of code against handcrafted development.

彭志宇,李善平,杨朝晖,林欣

DOI: https://doi.org/10.3785/j.issn.1008-973X.2010.05.011

2010-01-01

Abstract:An anonymous authorization mechanism was proposed to protect the user's privacy in the process of authorization in trust management. User requested for services using their real identification in most of the classic trust-management language system, which potentially leaded to the privacy leaking. Through dynamically searching for the delegation roles which take over the request, the anonymous authorization mechanism retained the right behavior of credential chain discovery and achieved a quantitative way of anonymity against the resource provider. Results showed that the anonymous mechanism shared the same worst-case time complexity with the traditional forward credential-chain-searching method. A method of caching all the members in the nodes was proposed to improve the performance in time spending. Simulation results showed that the performance in time spending greatly improved in the relative stable systems, in which the credentials change slowly.

Qixu Wang,Peng Xiao,Xiang Li,Yunxiang Qiu,Tao Zheng,Zhiguang Qin

DOI: https://doi.org/10.1007/s12083-024-01701-2

IF: 3.488

2024-04-30

Peer-to-Peer Networking and Applications

Abstract:Green edge-assisted unmanned aerial vehicle (eUAV) network is an emerging network architecture enhanced with the energy efficiency technology that provides an ubiquitous communication for air and ground. It is considered a promising technology that can maintain a balance between a clean environment and a rich human life to build a sustainable world. However, the security issues exposed by UAVs have raised concerns about the trust and security for adopting eUAV network for communication. To this end, a trust assessment as a service (TaaS) scheme for secure communication of green eUAV network is proposed. The TaaS can effectively collect the valid data of UAVs about diverse and dynamic quality of service (QoS) attributes related to energy efficiency. To predict the actual data of UAVs about QoS attributes in the real green eUAV environment, an service level object calibration method is presented in TaaS. In addition, to accurately obtain the trust level of UAVs in the eUAV network, TaaS presents a trust level assessment method integrated the interval multi-attribute decision-making method and the objective weight assignment method based on deviation maximization. A case study with open source dataset and a performance analysis experiment are conducted to show that the proposed TaaS scheme can accurately and effectively assess the trust level of UAVs while outperforming other traditional trust assessment methods.

computer science, information systems,telecommunications

Fujun Feng,Chuang Lin,Junshan Li

DOI: https://doi.org/10.1109/NSWCTC.2009.405

2009-01-01

Abstract:Trustworthy network is the inevitable trend in the development of high trusted computing and Internet. It is beyond the traditional information security including confidentiality, integrity and availability, but on the survivability and controllability. Trustworthiness of users on identity and behaviors is very important for trustworthy network, which can be realized by access control technology. Firstly, we discuss the security requirements of access control in trustworthy network. Then we propose a Trust and Context based Access Control (TCAC) model, and describe the core, hierarchical and constrained TCAC in detail. Finally, a trust evaluation mechanism is presented.

JeeHyun Hwang,Tao Xie,Vincent Hu,Mine Altunay

DOI: https://doi.org/10.1109/POLICY.2010.22

2010-01-01

Abstract:Access control mechanisms are a widely adopted technology for information security. Since access decisions (i.e., permit or deny) on requests are dependent on access control policies, ensuring the correct modeling and implementation of access control policies is crucial for adopting access control mechanisms. To address this issue, we develop a tool, called ACPT (Access Control Policy Testing), that helps to model and implement policies correctly during policy modeling, implementation, and verification.

wu liu,ping ren,donghong sun,ke liu,jianping wu

DOI: https://doi.org/10.1016/j.aasri.2013.10.090

2013-01-01

AASRI Procedia

Abstract:This paper proposed a Trust based Admission Control Model (TACM) for P2P network, and implemented a P2P social network system TrustP2PNet based on TACM. The TrustP2PNet is composed of application layer proxies with P2P structure. Additionally, a admission control model based on recommendations from trustable friend in social networks is proposed to prevent malicious peers fromthe TrustP2PNet. Both the simulation results and the practical application of TACM in the system TrustP2Pnet show that, with our model, it can not only effectively protect the system from malicious peers but alsopossessvery good scalability.

Xinliang Miao,Fanlang Zeng,Rui Chang,Chenyang Yu,Zijun Zhang,Liehui Jiang,Yongwang Zhao

DOI: https://doi.org/10.1145/3545258.3545281

2022-01-01

Abstract:The challenge of requirements for the finer-grained isolated domain in Trusted Execution Environment (TEE) has been increasing, including the accuracy and security of resource management. However, the current access control mechanism for TEE cannot provide strict security assurances due to a lack of strict formal verification. In order to address the problem, in this paper, we first present the definition of multi-domain TEE, and propose a verified tag-based access control framework called REAL to provide the strict access control policy. We develop a high-level formal functional specification of REAL, and prove its correctness and security properties with 119 lemmas/theorems and ∼ 4,000 LOC of Isabelle/HOL. We also implement a page-level access control prototype called SOP-TEE and demonstrate that it correctly achieve the security objectives while merely incurring less than 0.3% overhead.

Jason Crampton,Charles Morisset

DOI: https://doi.org/10.48550/arXiv.1111.5767

2011-11-24

Abstract:Many languages and algebras have been proposed in recent years for the specification of authorization policies. For some proposals, such as XACML, the main motivation is to address real-world requirements, typically by providing a complex policy language with somewhat informal evaluation methods; others try to provide a greater degree of formality (particularly with respect to policy evaluation) but support far fewer features. In short, there are very few proposals that combine a rich set of language features with a well-defined semantics, and even fewer that do this for authorization policies for attribute-based access control in open environments. In this paper, we decompose the problem of policy specification into two distinct sub-languages: the policy target language (PTL) for target specification, which determines when a policy should be evaluated; and the policy composition language (PCL) for building more complex policies from existing ones. We define syntax and semantics for two such languages and demonstrate that they can be both simple and expressive. PTaCL, the language obtained by combining the features of these two sub-languages, supports the specification of a wide range of policies. However, the power of PTaCL means that it is possible to define policies that could produce unexpected results. We provide an analysis of how PTL should be restricted and how policies written in PCL should be evaluated to minimize the likelihood of undesirable results.

Cryptography and Security,Logic in Computer Science

Xie Jun,Xu Feng,Huang Hao

2004-01-01

Ruan Jian Xue Bao/Journal of Software

Abstract:MLS (multilevel security) is being widely applied in many security critical systems, but it can't implement many important security policies such as channel-control. In this paper, the concept of trust degree is introduced into the MLS to implement policies like channel-control conveniently. An access control state machine model which enforces the trust degree based multilevel security policy is established, and is proved to be secure for this policy. It is also proved that this model can enforce all static information flow policies. An extension of the model is also offered to support the dynamic change of storage objects' security labels. The model avoids the disadvantage of MLS' not being able to resolve the problem of secure downgrading and not taking integrity into consideration, and at the same time it retains the advantage of easy understanding and use enjoyed by the traditional classified policy models.

Xiaoyu Du,Yinyin Li,Sufang Zhou,Yi Zhou

DOI: https://doi.org/10.1007/s12083-022-01330-7

Abstract:With the rapid development of wireless communication and edge computing, UAV-assisted networking technology has great significance in many application scenarios such as traffic forecasting, emergency rescue, military reconnaissance. However, due to dynamic topology changes of Flying Ad-hoc Networks (FANET), frequent identity authentication is easy to cause the instability of communications between UAV nodes, which makes FANET face serious identity security threats. Therefore, it is an inevitable trend to build a secure and reliable FANET. In this paper, we propose a lightweight mutual identity authentication scheme based on adaptive trust strategy for Flying Ad-hoc Networks (ATS-LIA), which selects the UAV with the highest trust value from the UAV swarm to authenticate with the ground control station (GCS). While ensuring the communication security, we reduce the energy consumption of UAV to the greatest extent, and reduce the frequent identity authentication between UAV and GCS. Through the security game verification under the random oracle model, it is proved that the proposed method can effectively resist some attacks, effectively reduce the computational overhead, and ensure the communication security of FANET. The results show that compared with the existing schemes, the proposed ATS-LIA scheme has lower computational overhead.

Wu Liu,Haixin Duan,Jianping Wu,Xing Li

DOI: https://doi.org/10.1007/11596981_76

2005-01-01

Abstract:This paper presents a policy-driven trust management framework (PDTM) which is composed of five interfaces to feature the fully decentralized and policy-driven framework. The transmission interface allows trust instances to be exchanged between principals. The trust induction interface encapsulates the evaluation of policies and answers queries made against these policies. The trust management interface allows the trust instances including collection, storage and retrieval to be downloaded from small mobile devices, where resources are limited. The policy inquiry interface is designed to facilitate communication between strangers, so that unknown policies can be discovered through a query-based process. The trust agent interface, on the other hand, is designed to automate communication between strangers.

Carlton Shepherd,Raja N. Akram,Konstantinos Markantonakis

DOI: https://doi.org/10.48550/arXiv.1804.10707

2018-11-26

Abstract:Trusted Execution Environments (TEEs) are rapidly emerging as a root-of-trust for protecting sensitive applications and data using hardware-backed isolated worlds of execution. TEEs provide robust assurances regarding critical algorithm execution, tamper-resistant credential storage, and platform integrity using remote attestation. However, the challenge of remotely managing credentials between TEEs remains largely unaddressed in existing literature. In this work, we present novel protocols using mutual attestation for supporting four aspects of secure remote credential management with TEEs: backups, updates, migration, and revocation. The proposed protocols are agnostic to the underlying TEE implementation and subjected to formal verification using Scyther, which found no attacks.

Cryptography and Security

Xueru Du,Yue Cao,Di Wang,Chenchen Lv,Celimuge Wu,Kezhi Wang

DOI: https://doi.org/10.1109/tnse.2024.3374733

IF: 6.6

2024-01-01

IEEE Transactions on Network Science and Engineering

Abstract:With advantages of convenience and flexibility, Unmanned Aerial Vehicles (UAVs) are widely applied in various fields, such as inspection, agriculture, transportation, and so on. However, due to characteristics of Flying Ad Hoc Network (FANET) consisting of UAVs, such as dynamic topology and limited bandwidth, the security of messages is threatened by cyber attacks. A Tri-Phases Message Oriented Trust Model for FANET is proposed, called TPMOTM, to secure messages. In the proposed work, the message collection process is divided into three phases, including message generation, message transmission, and message integration. In each phase, by analyzing potential attacks and the circumstance of network, the TPMOTM quantifies the specific detection factors to obtain the trust value of messages, including timeliness, detection accuracy, message error rate, relay performance, authentication result, and message loss rate. After messages have been received by the Ground Station (GS), the GS integrates all messages in relation to the detected event, employing the message trust value as the weight, to obtain the state of detected event. Extensive simulations are conducted based on the Opportunistic Network Environment (ONE) simulator, with attack message detection rates reaching up to 95% ($\pm 0.89\%$) and event detection accuracy rates typically above 85% ($\pm 1.21\%$).

engineering, multidisciplinary,mathematics, interdisciplinary applications

Qiang Zhang,Xiaowei Wang,Zhenghu Gong

DOI: https://doi.org/10.1109/CSSE.2008.1363

2008-01-01

Abstract:We find that traditional authentication ways donpsilat act well in MANETs for the features of dynamic topology and non-existence of central facilities in mobile ad hoc networks. This paper presents a distributed trust proving language, which is based on role trust. The solution of constructing credential authentication infrastructure and the problem how to perform automated trust negotiation are also discussed. Our design defines roles and policies to make distributed trust negotiation and it can avoid unrelated credential fetching. Simulations show that Our design outperforms traditional trust negotiation ways and is more efficient as a security authentication mechanism in the MANET environments.

Han Liu,Pedro Antonino,Zhiqiang Yang,Chao Liu,A.W. Roscoe

DOI: https://doi.org/10.48550/arXiv.2112.00346

2021-12-01

Abstract:We develop the concept of Trusted and Confidential Program Analysis (TCPA) which enables program certification to be used where previously there was insufficient trust. Imagine a scenario where a producer may not be trusted to certify its own software (perhaps by a foreign regulator), and the producer is unwilling to release its sources and detailed design to any external body. We present a protocol that can, using trusted computing based on encrypted sources, create certification via which all can trust the delivered object code without revealing the unencrypted sources to any party. Furthermore, we describe a realization of TCPA with trusted execution environments (TEE) that enables general and efficient computation. We have implemented the TCPA protocol in a system called TCWasm for web assembly architectures. In our evaluation with 33 benchmark cases, TCWasm managed to finish the analysis with relatively slight overheads.

Cryptography and Security,Software Engineering

Rabimba Karanjai,Rowan Collier,Zhimin Gao,Lin Chen,Xinxin Fan,Taeweon Suh,Weidong Shi,Lei Xu

DOI: https://doi.org/10.1145/3594556.3594626

2023-08-03

Abstract:Trusted execution environment (TEE) technology has found many applications in mitigating various security risks in an efficient manner, which is attractive for critical infrastructure protection. First, the natural of critical infrastructure requires it to be well protected from various cyber attacks. Second, performance is usually important for critical infrastructure and it cannot afford an expensive protection mechanism. While a large number of TEE-based critical infrastructure protection systems have been proposed to address various security challenges (e.g., secure sensing and reliable control), most existing works ignore one important feature, i.e., devices comprised the critical infrastructure may be equipped with multiple incompatible TEE technologies and belongs to different owners. This feature makes it hard for these devices to establish mutual trust and form a unified TEE environment. To address these challenges and fully unleash the potential of TEE technology for critical infrastructure protection, we propose DHTee, a decentralized coordination mechanism. DHTee uses blockchain technology to support key TEE functions in a heterogeneous TEE environment, especially the attestation service. A Device equipped with one TEE can interact securely with the blockchain to verify whether another potential collaborating device claiming to have a different TEE meets the security requirements. DHTee is also flexible and can support new TEE schemes without affecting devices using existing TEEs that have been supported by the system.

Cryptography and Security,Hardware Architecture