formalizing end-to-end context-aware trust relationships in collaborative activities

Download Formalizing End-to-End Context-Aware Trust Relationships in Collaborative Activities

Post on 13-Mar-2016

34 views

Category:

Documents

1 download

Embed Size (px)

DESCRIPTION

Dr Dave Bakken Dr Carl Hauser Department of Computer Science Washington State University Pullman, WA, USA Dr Deborah Frincke CyberSecurity Group Pacic Northwest National Laboratory Richland, WA, USA. Formalizing End-to-End Context-Aware Trust Relationships in Collaborative Activities. - PowerPoint PPT Presentation

TRANSCRIPT

  • Formalizing End-to-End Context-Aware Trust Relationships in Collaborative ActivitiesDr Ioanna Dionysiou Department of Computer ScienceSchool of SciencesUniversity of Nicosia, Cyprus

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, PortugalDr Dave BakkenDr Carl HauserDepartment of Computer ScienceWashington State UniversityPullman, WA, USA

    Dr Deborah FrinckeCyberSecurity Group Pacic Northwest National Laboratory Richland, WA, USA

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Talk OutlineMotivationActivity-Oriented Trust RelationshipsTrust Model OntologyTrust Model Functionality ExampleConclusionsInternational Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal*

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Motivating ScenarioConsider the North American electric power gridOperations in a geographical region controlled by a single entityElectric Market DeregulationCompetition!Choose among electricity providers, open biddingImpact on stability and security of the grid itself3500 utility organizations (public, private, federal), many points of interaction, share data Trustworthy Data exchange among these organizations and end-usersProducer of information, consumer of information

    *International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Motivating Scenario (2)*International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, PortugalU1 is the consumer of State Estimation dataPMU Aggregation is the producer of State Estimation dataWhat U1 can say about the quality of the data?

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Motivating Scenario (3)How can we answer the question?Security mechanisms are not adequateEncrypted digitally signed message Guarantee that not tampered with and no unauthorized person read itWhat about the content itself? Reliable producer, unsecure medium OR unreliable producer, secure medium?Trust and its managementAbstraction of beliefs that an entity has for specific situations and interactionsNot static but change over time Need to make decisions based on current beliefs

    *International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Generalized Scenario *International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Contributions of our workA notation for specifying trust relationships tied to a narrow context and a broad activityAn intuitive and practical way to manage trust assessment for an activitymultiple trust relationships must be examined and composed Expectations, violations, etc

    *International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Talk OutlineMotivationActivity-Oriented Trust RelationshipsTrust Model OntologyTrust Model Functionality ExampleConclusionsInternational Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal*

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Activity-Oriented Trust Relationships*International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Activity-Oriented Trust Relationships (2)*International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Talk OutlineMotivationActivity-Oriented Trust RelationshipsTrust Model OntologyTrust Model Functionality ExampleConclusionsInternational Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal*

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Trust Relationship Attributes

    *International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Trust is*International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, PortugalTrustor , based on its current trusting attitude,believes that the extent that trustee will act as expected for context c during time interval is , and this belief is subject to the satisfaction of expectation set .

    This relationship is valid for a specific interaction id and its status is indicated by s.

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Trust Level Attribute Trust is subjectiveTrustee trustworthinessTrustors requirements are not met by trustees at the same degreeExtent to which trustee honors trust, if trust is placedTrustor trustfulness Trustors willingness to trustTrusting attitude

    How do we capture this subjectivity?Trust level, value, degreeContinuous valuesDiscrete values

    *International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Expectation Attribute ExpectationRequirement and its allowed values that a trustor has for a particular interaction with the trusteeExpectation tuple is a trust requiremento is a standard relational operatoro is the observed/actual value for the requirementa is the allowed value for the requirementev are the evaluation criteria for the specific requirementCovering algorithm, triggering algorithm, aggregating algorithm

    *International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal(,o,o,a,ev)

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Expectation Attribute (2)*International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, PortugalTrust requirement : facet (coarse-grained), properties (fine-grained)

    Observed values: evidence (either internal or external)

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Expectation Attribute (3)Observed valueWhen?Triggering method: at fixed intervals, on arrival?How?Aggregating method: average, weighted average?For what?Allowed value vs. Observed valueVIOLATIONS!!!Covering method: strict, relaxed

    *International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Expectation Attribute (4)Expectation set describes all the requirements a trustor has for a trustee in a particular relationshipNot interesting by itselfBUT, operations on the set ARE interesting!Define primitive comparison relationships between elementsEqual expectationsRelaxed expectationsDefine comparison relationships between expectation setsStrictly equal expectation setsRelaxed equal expectation setsDefine operation on setsMerging

    *International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

    International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, Portugal

  • Expectation Attribute (5)*International Conference on Security and Cryptography (SECRYPT 2008), Special Session on Trust, July 26 - 29, 2008, Porto, PortugalEqual Expectations (=) Expectation (1 , o1 , o1, a1, ev1 ) is equal with expectation (2 , o2 , o2 , a2 , ev2 ) if and only if (1 = 2) (o1 = o2) (o1 = o2) (a1 = a2 ) (covering1 ev1 = covering2 ev2)

    Relaxed Equal Expectations () Expectation (1 , o1 , o1, a1, ev1 ) is relaxed equal with expectation (2 , o2 , o2 , a2 , ev2 ) if and only if ( (1 = 2) (o1 = o2) (o1 o2) (a1 a2 ) (covering1