Wen Li,Lingdi Ping,Kuijun Lu,Xiaoping Chen

DOI: https://doi.org/10.1109/ICIE.2009.33

2009-01-01

Abstract:As traditional network security cannot meet the security requirements, the international research shows that network security is on the way to Trustworthy Internet and that the trustworthy issue becomes a hot topic in the future Internet. Trust evaluation of users' behavior is an important part of Trustworthy Internet and a rational trust model plays a key role in the evaluation. This paper concludes many principles of the trust model by analyzing existing trust models and proposes a novel trust model including both the direct and indirect trust. In our model, the direct trust is more trustworthy and is weighted more with the more and more interactions and the indirect evaluation becomes less and less important. The subjective factor is considered to make the direct trust obey the principle of "rise-lowly, decline-quickly". Furthermore, recommenders' credibility is taken into account in the indirect trust evaluation, which can avoid the denigration and make indirect trust more objective. We also consider the process of referral of the credibility to gain more information to evaluate the indirect trust effectively. Credibility evaluation is the basis of the filtering of low credibility and the improvement of trust evaluation. Finally, several experiments are shown to illustrate the properties of the model. © 2009 IEEE.

Wenjuan Li,Lingdi Ping,Xuezeng Pan

DOI: https://doi.org/10.1109/iceie.2010.5559829

2010-01-01

Abstract:Security and interoperability is the biggest challenge to promote cloud computing currently. Trust has proved to be one of the most important and effective alternative means to construct security in distributed systems. In order to efficiently and safely construct entities' trust relationship in cloud and cross-clouds environment, this paper proposed a novel cloud trust model and a new cloud security framework. The propose trust model is domain-based. It divides one cloud provider's resource nodes into the same trust domain. It designs different trust strategies for different roles. Trust recommendation is treated as one type of cloud services just like computation or storage. Based on the proposed trust model, it introduced a novel cloud security framework with an independent trust management module. Using the proposed security model, it introduced some trust-based security mechanisms. Results of simulation experiments show that the proposed security model can achieve high transaction success rate with high trust accuracy.

Wenjuan Li,Lingdi Ping

DOI: https://doi.org/10.1007/978-3-642-10665-1_7

2009-01-01

Abstract:Trust is one of the most important means to improve security and enable interoperability of current heterogeneous independent cloud platforms. This paper first analyzed several trust models used in large and distributed environment and then introduced a novel cloud trust model to solve security issues in cross-clouds environment in which cloud customer can choose different providers' services and resources in heterogeneous domains can cooperate. The model is domain-based. It divides one cloud provider's resource nodes into the same domain and sets trust agent. It distinguishes two different roles cloud customer and cloud server and designs different strategies for them. In our model, trust recommendation is treated as one type of cloud services just like computation or storage. The model achieves both identity authentication and behavior authentication. The results of emulation experiments show that the proposed model can efficiently and safely construct trust relationship in cross-clouds environment.

Ji-Ming Chen,Ting-Ting Li,John Panneerselvam

DOI: https://doi.org/10.1109/access.2018.2876153

IF: 3.9

2018-01-01

IEEE Access

Abstract:Message transmission in vehicular networks is increasing in popularity which exploits the network nodes to transmit messages using cooperative communication in a multi-hop fashion. But the increasing number of malicious nodes in the high-speed Internet of Vehicles demands additional methodologies to quickly detect the presence of such nodes to avoid serious security consequences. Early detection of malicious nodes, and accurate assessment of complex data to assess the node reliability are of absolute importance in vehicular networks. To this end, this paper proposes a security scheme that uses evidence combination method to combine local data with external evidence to evaluate the reliability of multi-dimensional data received from other peer nodes. In addition, this paper uses European Telecommunications Standards Institute standard and Decentralized Environmental Notification Message, and proposes a trust calculation method based on collaborative filtering by introducing a small-time interval to detect the changes in the node behaviors. While the former solution helps more accurate computation of the direct trust value, the latter scheme can calculate the indirect trust based on recommendations received from neighbors, ultimately to obtain the global trust value. Finally, more effective traffic data can be obtained to help traffic prediction. Experiments conducted under various network scenarios demonstrate that our proposed scheme outperforms the existing trust models, such as precision or recall and can resist bad-mouth attacks, selective-misbehavior attacks, and time-dependent attacks, especially under larger proportions of malicious nodes.

Deren Chen

2010-01-01

Abstract:The probability theory and social network theory are applied to trust delivering and multiple trust route modeling.Aiming at the actual business network characteristics of C2C transaction platform,this paper presents a C2C trust evaluation model based on social network and reputation.It introduces similarity computation to establish cluster and cluster relationship to solve the common problems in C2C transaction network such as division of labor,sparse and clustering.Analysis results of TAOBAO transaction platform data show that this model has a very good improvement and complement to the existing reputation system of TAOBAO,and it simulates the interpersonal relationships of trust and recommendation in real life.

Lu Chen,Qing Zhou,Gaofeng Huang,Liqiang Zhang

DOI: https://doi.org/10.1109/CIS.2014.47

2014-01-01

Abstract:Resource sharing is one of the main applications of network. How to establish a trust relationship between resources requestor and provider, and enforce authority is the key issue of efficient resource sharing. Existing models and methods are mostly focus on identity, recommendation and other information, but lack of the considering of resource requestor's conduct and environment of computing. And once authorized, it will not be able to track and control user behavior dynamically. It may cause more risks when sharing resources. Aiming to resolve the above problems, a trust-role based context aware access control model is proposed relying on the measurement and verification of the \"trust credentials and evidences\" which embody the context information of user behavior and platform environment to achieve the security, dependable and dynamic access control for resource sharing.

Xiao Feng,Zheng Yuan

DOI: https://doi.org/10.1155/2022/3015206

2022-08-11

Wireless Communications and Mobile Computing

Abstract:The purpose of this paper is to build a novel trust evaluation mechanism model for edge devices of the Internet of Things (IoT). First, we use the SM9 authentication mechanism to authenticate the identity of the terminal device. Authentication includes both single-domain and cross-domain authentication of devices, reducing the time overhead of the authentication process. Then, we use the satisfaction function and the time degradation factor to improve the direct trust in the behavioural trust of Bayesian equations. Next, the weight of indirect trust of each device is calculated to improve the gray association method, and the accuracy of indirect trust is improved. Finally, the trust value of the edge device is obtained by combining the authentication result and the behaviour trust. Simulation results verify that the trust evaluation model proposed in this paper has certain advantages for the reliability, accuracy, and efficiency of trust evaluation.

computer science, information systems,telecommunications,engineering, electrical & electronic

Fujun Feng,Chuang Lin,Junshan Li

DOI: https://doi.org/10.1109/NSWCTC.2009.405

2009-01-01

Abstract:Trustworthy network is the inevitable trend in the development of high trusted computing and Internet. It is beyond the traditional information security including confidentiality, integrity and availability, but on the survivability and controllability. Trustworthiness of users on identity and behaviors is very important for trustworthy network, which can be realized by access control technology. Firstly, we discuss the security requirements of access control in trustworthy network. Then we propose a Trust and Context based Access Control (TCAC) model, and describe the core, hierarchical and constrained TCAC in detail. Finally, a trust evaluation mechanism is presented.

Xuefei Li,Ru Li

DOI: https://doi.org/10.48550/arXiv.2210.14566

2022-10-26

Networking and Internet Architecture

Abstract:The distributed structure of the Internet of things has gradually replaced the centralized structure because of its scalability, security, and single point of failure. The huge scale of information recording of the Internet of things brings challenges and opportunities to the trust management of the Internet of things. Through the analysis of a variety of existing trust management schemes, this paper proposes a unified data structure for distributed access service records, TokenChain, in which triple DES data encryption is used to ensure privacy and traceability, to achieve a unified trust management scheme. Based on TokenChain, a three-tier trust management architecture (TokenChain-Based Trust Management, TBTM) is implemented in the data layer, computing layer, and control layer. Trust evaluation is affected by four statistics and finally converges to a real value under certain conditions. Based on TBTM, we carry out theoretical analysis, malicious attack resistance, simulation, and performance evaluation in various complex scenarios. The results show that TBTM satisfies service prediction, global trust analysis, high security, and excellent performance in multi-domain complex scenarios. Compared with the existing trust management schemes, TBTM realizes cross-scenario interaction and two-way trust management, and simultaneously meets the characteristics of traceability, tamper-proof, attack resistance, and distribution. Finally, this paper is summarized.

Zhu Chang-sheng,Gao Ying-ying,Lei Qian,Wang Qing-rong

DOI: https://doi.org/10.1109/CINC.2010.5643720

2010-01-01

Abstract:Fuzzy set has become the focus method of trust model. Based on the exisdng research, this trust model give a description of the trust with fuzzy set theory, and trust assessment is separated two aspects which are subjective trust assessment and objective environment impact. In order to adapt to the dynamic of credibility, we use close function which from fuzzy set and distributed storage method in trust update model. Simulation experiment results show that this model is effective and rational. ©2010 IEEE.

Feng Li,Yali Si

DOI: https://doi.org/10.4028/www.scientific.net/AMM.397-400.1949

2013-01-01

Abstract:Trust mechanism has been identified as one of key areas in the field of Internet security. Our objective in this paper is to develop a dynamic trust evaluation model for Internet computing. The proposed scheme divides the recommendation trust into the direct recommendation trust and the indirect recommendation trust, and considers variety of factors to calculate the two types of recommendation trust degree. Simulation results show that, compared to the existing trust model, the model can effectively improve the accuracy of trust evaluation, and provide a better capacity of resisting malicious entities.

Daojing He,Chun Chen,Sammy Chan,Jiajun Bu,Athanasios V Vasilakos

DOI: https://doi.org/10.1109/TITB.2012.2199996

2012-01-01

IEEE Transactions on Information Technology in Biomedicine

Abstract:The development of medical sensor networks (MSNs) is imperative for e-healthcare, but security remains a formidable challenge yet to be resolved. Traditional cryptographic mechanisms do not suffice given the unique characteristics of MSNs, and the fact that MSNs are susceptible to a variety of node misbehaviors. In such situations, the security and performance of MSNs depend on the cooperative and trust nature of the distributed nodes, and it is important for each node to evaluate the trustworthiness of other nodes. In this paper, we identify the unique features of MSNs and introduce relevant node behaviors, such as transmission rate and leaving time, into trust evaluation to detect malicious nodes. We then propose an applicationindependent and distributed trust evaluation model for MSNs. The trust management is carried out through the use of simple cryptographic techniques. Simulation results demonstrate that the proposed model can be used to effectively identify malicious behaviors and thereby exclude malicious nodes. This paper also reports the experimental results of the Collection Tree Protocol with the addition of our proposed model in a network of TelosB motes, which show that the network performance can be significantly improved in practice. Further, some suggestions are given on how to employ such a trust evaluation model in some application scenarios.

Chaoqun Kang Chaoqun Kang,Erxia Li Chaoqun Kang,Dongxiao Liu Erxia Li,Xinhong You Dongxiao Liu,Xiaoyong Li Xinhong You

DOI: https://doi.org/10.53106/199115992023083404019

2023-08-01

電腦學刊

Abstract:With the diversity and complexity of user access behaviors in the “micro-segmentation” cloud computing environment, it is no longer possible to control unauthorized access of authorized users by only relying on user identity login authentication to control user access to cloud resources. The existing trust evaluation methods can not cope with the characteristics of “micro-isolated” cloud environment, which is characterized by high granularity of resources, increasing number of users’ access requests and rapid changes. Based on the zero-trust principle of “Never trust, al-ways verify”, we propose a dynamic, fine-grained user trust evaluation model for micro-segmentation cloud computing environment, which combines multiple user trust attributes and leverages the subjective-objective approach to assign weights to trust attribute indicators to achieve dynamic scoring of users’ real-time behaviors. To capture the characteristics of users’ intrinsic behaviors, we use correlation analysis to identify the correlation between users’ current and historical behaviors, and combine sliding windows and penalty functions to optimize the model. The massive simulation experiments demonstrate the effectiveness of the proposed dynamic and fine-grained method, which can effectively combine the intrinsic correlation of users’ own access behavior and the difference of access behavior among different users.  

Jie Jiang,Junhui Xiang,Hua Zhou,Xiaolin Zheng,Tianyang Dong

DOI: https://doi.org/10.1109/ijcss.2011.41

2011-01-01

Abstract:To solve the trust issue caused by malicious users in e-commerce, we propose a trust calculation model based on social network. Through analysing the trust features, social network is introduced into this trust model to get information from the most trusted source according to the subjectivity and the compositionality feature of trust to improve the buyers' situation of asymmetric information in electronic trading. In view of the advantage that conflicted evidences can be well combined by evidence theory, we resolve the conflict of information from each recommended third-party. We also introduce other various trust influence factors, such as transaction rating dictionary, transaction background important factor, transaction amount factor and trading time factor, etc. Finally, through simulation experiments, we set different confidence factors depending on different trading environment, and verify that the method to combine social network and evidence theory for obtaining a reasonable recommendation trust value is feasible. It proves that our proposed trust calculation model based on social network has a better anti-attack ability.

Yan Li,Huiping Sun,Zhong Chen,Jinqiang Ren,Haining Luo

DOI: https://doi.org/10.1109/SecTech.2008.50

2008-01-01

Abstract:With the development of grid technology, sensitive files and data protection become difficult tasks multi-domains. Traditional access control mechanisms are not suitable to such distributed environment. Several models and mechanisms utilize trust to assist access control decision. But few explicitly consider trust and risk as two separate factors which affect interactions between peers. In this paper, we present a novel mechanism which considers both trust and risk as two vital parameters to assist access control decision. In addition, a novel model of trust evaluation is proposed to represent the confidence in the peer. And to appease people’s anxiety about loss, a new model of risk assessment is also presented to indicate impacts on resources. At the end of this paper, simulation results will indicate that our mechanism is able to secure local system more efficiently and reliably.

Xiaoheng Deng,Jin Liu,Leilei Wang,Zhihui Zhao

DOI: https://doi.org/10.1007/s12083-020-00889-3

2020-02-27

Abstract:In recent days, Mobile Edge Computing (MEC) emerges as a new computing paradigm that pushes computing resources towards the edge of the Internet and close to end users and more scholars begin to carry out their different kinds of research under the framework of edge computing. Unlike cloud computing however, edge computing often lacks a centralized security mechanism, which increases the security risks of resource consumers. Therefore, to address security issues for facilitating MEC well, we focus on the establishment of an effective trust evaluation system in this paper. We presented a Reputation-based Trust Evaluation and Management (RTEM) system for a secure and efficient MEC network, wherein the edge servers are adopted to execute reputation data management for mobile edge nodes. In this system, a three-tier trust evaluation framework (identity trust, capability trust, behavior trust) was proposed to ensure the edge nodes that join the network system for service interaction are qualified, capable, and reliable. In order to update and calculate reputation data more accurately, we designed a reputation-based trust evaluation model and evaluated the effectiveness and robustness of our designed model on the OMNeT++ platform. The results show that our proposed mechanism can increase the transaction success rate of the edge network by more than two times compared with the network without trust evaluation mechanism, and perform better than the traditional subject logic (TSL) trust evalaution mechanism.

computer science, information systems,telecommunications

Wu Liu,Hai-xin Duan,Ping Ren

DOI: https://doi.org/10.1007/978-3-642-24650-0_39

2011-01-01

Abstract:This paper presents a User Cooperation Trust Model (UCTM) which not only encourages the good behavior liberally, but also punishes those minatory behaviors decisively. In this model, a malicious user will be kicked out from the network system and refused from accessing resources of the network automatically when the user's reputation is lower than some threshold.

Fei Liu,Jing Wang,Hongtao Bai,Huiping Sun

DOI: https://doi.org/10.1109/ITNG.2015.34

2015-01-01

Abstract:As cloud computing technology develops rapidly, more convenience has been brought to users by various cloud providers with various cloud services. However, difficulty of management, especially when different access control protocols and personal information involved, has become one of barriers that inhibit the development process of cloud technology. In this paper, a user-centered ID MaaS (Identity Management as a Service) is proposed combined with a novel access control model based on trust and risk evaluation. Besides, a format-preserving encryption (FPE) method is proposed as an auxiliary scheme guaranteeing the effectiveness of access control. ID MaaS offers a solution that effectively alleviates the difficulty of realizing unified management of users' identity and information among diverse cloud service providers.

Peiyun Zhang,Mengchu Zhou,Yang Kong

DOI: https://doi.org/10.1109/tsmc.2019.2906310

2021-03-01

IEEE Transactions on Systems, Man, and Cybernetics: Systems

Abstract:In the last ten years, cloud services provided many applications in various areas. Most of them are hosted in a heterogeneous distributed large-scale cloud computing environment and face inherent uncertainty, unreliability, and malicious attacks that trouble both service users and providers. To solve the problems of malicious attacks (including solo and collusion deception ones) in a public cloud computing environment, we for the first time propose a double-blind anonymous evaluation-based trust model. Based on it, cloud service providers and users are anonymously matched according to user requirements. It can be used to effectively handle some malicious attacks that intend to distort trust evaluations. Providers may secretly hide gain-sharing information into service results and send the results to users to ask for higher trust evaluations than their deserved ones. This paper proposes to adopt checking nodes to help detect such behavior. It then conducts gain–loss analysis for providers who intend to perform provider–user collusion deception. The proposed trust model can be used to effectively help one recognize collusion deception behavior and allow policy-makers to set suitable loss to punish malicious providers. Consequently, provider-initiated collusion deception behavior can be greatly discouraged in public cloud computing systems. Simulation results show that the proposed method outperform two updated methods, i.e., one based on fail-stop signature and another based on fuzzy mathematics in terms of malicious node detection ratio and speed.

English Else

Xiaoqing Zheng,Zhaohui Wu,Huajun Chen,Yuxin Mao

DOI: https://doi.org/10.1007/11755593_31

2006-01-01

Abstract:The Semantic Web will only achieve its full potential when users have trust in its operations and in the quality of services and information provided, so trust is inevitably a high-level and crucial issue. Modeling trust properly and exploring techniques for establishing computational trust is at the heart of the Semantic Web to realize its vision. We propose a scalable probabilistic approach to trust evaluation which combines a variety of sources of information and takes four types of costs (operational, opportunity, service charge and consultant fee) and utility into consider during the process of trust evaluation. Our approach gives trust a strict probabilistic interpretation which can assist users with making better decisions in choosing the appropriate service providers according to their preferences. A formal robust analysis has been made to examine the performance of our method.