SARNETAlliance

AmenehDeljooCeesdeLaat,TomvanEngers andLeonGommans

SystemsandNetworkingLabUniversityofAmsterdam

a.deljoo@uva.nl

Motivation

Ø Defence againstorganized attacks requirescollaborationamongstserviceproviders

Ø Protectionofthenetworkcanoftenonlybeguaranteed andfinanced asasharedeffort

ØNetworkoforganizationsevolve overtimeandbecomemorecomplex

Ø Finda“right”partnerisachallengingtask.Weneedto:Ø Defineamoresophisticated andcomputationallyexecutablemethodtoselectthe“right"partnerforsharingdataandintelligence.

RequirementsToCreateAnAlliance

AllianceStrategy

Organize,MaintainandEvaluateTrustPartnerSelection

RiskEstimation Policies &Commonrules (Governance

framework)

Contributions

• Evaluate,measureandmaintaintrustamongthealliancemembers.• Presentandimplementthecomputationaltrustmodel(SCTM).• RiskestimationthroughtheSCTMmodel.TheSCTMfacilitatesrisk-basedpartnerselectiontoselectthe“right" partnertocollaborateinjointtasks.

• Agovernancemodeltodefineasetofpoliciesandrules.

TrustanditsAntecedents• “x”expects“y”todotask(𝜏)and“y”willnotexploitvulnerabilitiesof“x”when“y”facedwiththeopportunitytodoso.Therefore,“y”:

• Hasthepotentialabilitytoperformagiventask(competence),• Adheres toasetofrules agreeduponandactsaccordinglytofulfillthecommitments(integrity),and

• Acts anddoesgood evenifunexpectedcontingenciesarise(benevolence).

kj

Competence

Integrity

Benovelence

Trustworthiness

Trustee

Trustor

Trust OutCome >= Expectation Risk Assessment

ContextA Set of

Principles

Kindship

Evidence* Current (S), Context

Current (S), Context Evidence*

Evidence

AdoptedfromMayeretal.(1995)``AnIntegrativeModelofOrganizationalTrust"

Organize,MaintainandEvaluateTrust

ComputationalTrustModel(SCTM)

• Identifythreedistinctivetrustworthinessfactors(Benevolence,IntegrityandCompetence)

• EvaluateTrustinadynamicway

• Gatherthedirectandindirectevidenceonatrustee

• UpdateTrustvaluebenevolence

Evaluation FunctionBen (x,y, si )

Trustworthiness Evaluation Function

TW (x,y, si )Trust

Tr ( x,y, si )

Ed(x, y, si ; Kbx )

Ec(x, y, si )

Ben (x,y, si )

TW (x,y, si )

competenceEvaluation Function

Com (nbry ,y, si )Com (nbry , y, si )

Kbx

Outcome of a taskTask typeReptReqtDestination’s IdOriginator’s

Id

integrityEvaluation Function

Int (nbry ,y, si )

Int (nbry , y, si )

Inordertodefinethesituationsthatleadtoanagreementbetweenatrustorandatrustee:• d1 =trustor,• d2=trustee,

• d3 =time,

• d4=location,• d5=task,

• d6=complexity,• d7=deadline,

• d8=Outcome

• Threedifferentoutcomeoftasks

ContextDefinition

val(𝑑&) = (1, 𝑖𝑓𝑑&= 𝐹𝑑0.5, 𝑖𝑓𝑑&= 𝐹𝑑𝑑0, 𝑖𝑓𝑑&= 𝑉

EvidenceGathering:Directevidence

• AtrustorlooksatitsKbtocollecttheevidenceonatrusteebasedonpastinteractions.

𝑣𝑎𝑙5 . ⟶ [0,1]𝐸𝑑(𝑥, 𝑦, 𝑠=; 𝑘𝑏A) = {𝑑&(x,y,𝑠=) ∈ 𝑘𝑏A}

𝑣𝑎𝑙5 𝐸𝑑(𝑥, 𝑦, 𝑠=; 𝑘𝑏A) = EFG∑ 𝑣𝑎𝑙 𝑑&(x,y,𝑠=)�5J(A,K,LM)∈N5(A,K,LM;OPG)

val(𝑑&) = (1, 𝑖𝑓𝑑&= 𝐹𝑑0.5, 𝑖𝑓𝑑&= 𝐹𝑑𝑑0, 𝑖𝑓𝑑&= 𝑉

,𝑁A = 𝑛𝑢𝑚𝑏𝑒𝑟𝑜𝑓𝑒𝑛𝑟𝑡𝑖𝑒𝑠𝑖𝑛𝑡ℎ𝑒𝐾𝑏[𝑠

Z

WD

A

Y

X

C

B

M

N

Request the evidence

Ed (X,Y)

benevolenceEvaluation Function

Ben (x,y, si )

Trustworthiness Evaluation Function

TW (x,y, si )Trust

Tr ( x,y, si )

Ed(x, y, si ; Kbx )

Ec(x, y, si )

Ben (x,y, si )

TW (x,y, si )

competenceEvaluation Function

Com (nbry ,y, si )Com (nbry , y, si )

Kbx

Outcome of a taskTask typeReptReqtDestination’s IdOriginator’s

Id

integrityEvaluation Function

Int (nbry ,y, si )

Int (nbry , y, si )

EvidenceGathering:Indirectevidence

• Atrustorasksatrustee’sdirectneighborstosendhimtheirevidenceonagiventrustee.

𝑣𝑎𝑙\ . ⟶ [0,1]

Ec(𝑛𝑏𝑟K,y,𝑠=) ={Ed(u,y,𝑠=;𝑘𝑏b)|𝑢 ∈ 𝑛𝑏𝑟K}𝑣𝑎𝑙\ 𝐸𝑐(𝑥, 𝑦, 𝑠=) = E

Fefg∑ 𝑣𝑎𝑙5 𝐸𝑑(u,y,𝑠=;𝑘𝑏b)�N5(b,K,LM;OPG)∈N\(hPij,K,LM)

Z

WD

A

Y

X

C

B

M

N

Request the evidence

Ec (W,Y)

Ec (Z,Y)

Ec (A,Y)

Ec (M,Y)

𝑁hPi = 𝑛𝑢𝑚𝑏𝑒𝑟𝑜𝑓𝑛𝑒𝑖𝑔ℎ𝑏𝑜𝑟𝑠𝑡ℎ𝑎𝑡𝑐𝑜𝑛𝑡𝑟𝑖𝑏𝑢𝑡𝑒𝑡𝑜𝑡ℎ𝑒𝑣𝑎𝑙\

SCTM

benevolenceEvaluation Function

Ben (x,y, si )

Trustworthiness Evaluation Function

TW (x,y, si )Trust

Tr ( x,y, si )

Ed(x, y, si ; Kbx )

Ec(x, y, si )

Ben (x,y, si )

TW (x,y, si )

competenceEvaluation Function

Com (nbry ,y, si )Com (nbry , y, si )

Kbx

Outcome of a taskTask typeReptReqtDestination’s IdOriginator’s

Id

integrityEvaluation Function

Int (nbry ,y, si )

Int (nbry , y, si )

Z

WD

A

Y

X

C

B

M

N

Request the evidence

Ed (X,Y)

Z

WD

A

Y

X

C

B

M

N

Request the evidence

Ec (W,Y)

Ec (Z,Y)

Ec (A,Y)

Ec (M,Y)

SCTM

benevolenceEvaluation Function

Ben (x,y, si )

Trustworthiness Evaluation Function

TW (x,y, si )Trust

Tr ( x,y, si )

Ed(x, y, si ; Kbx )

Ec(x, y, si )

Ben (x,y, si )

TW (x,y, si )

competenceEvaluation Function

Com (nbry ,y, si )Com (nbry , y, si )

Kbx

Outcome of a taskTask typeReptReqtDestination’s IdOriginator’s

Id

integrityEvaluation Function

Int (nbry ,y, si )

Int (nbry , y, si )

Z

WD

A

Y

X

C

B

M

N

Request the evidence

Ed (X,Y)

BenevolenceFunction

• Basedonthedirect interactionsbetween𝑡𝑟𝑢𝑠𝑡𝑜𝑟 𝑥𝑎𝑛𝑑𝑡𝑟𝑢𝑠𝑡𝑒𝑒𝑦 inthesituation𝑠=.

𝐵𝑒𝑛 𝑥, 𝑦, 𝑠= = 𝑣𝑎𝑙5 𝐸𝑑(𝑥, 𝑦, 𝑠=, 𝑘𝑏A)

CompetenceFunction

• EvaluatebasedontheallavailableevidenceonTrustee(e.g.y,z)

𝐶𝑜𝑚 𝑛𝑏𝑟K, 𝑦, 𝑠= = 𝑣𝑎𝑙\ Ec(𝑛𝑏𝑟K[,y,𝑠=) , 𝑛𝑏𝑟K[ = 𝑛𝑏𝑟K\{𝑥}

Deljoo,Ameneh,etal."TheImpactofCompetenceandBenevolenceinaComputationalModelofTrust."IFIPInternationalConferenceonTrust Management.Springer,Cham,2018.

Z

WD

A

Y

X

C

B

M

N

Request the evidence

Ec (W,Y)

Ec (Z,Y)

Ec (A,Y)

Ec (M,Y)

IntegrityFunction

• Thegiventrustee’sintegrityiscomputedby:

𝐼𝑛𝑡 𝑛𝑏𝑟K, 𝑦, 𝑠= =∑ 𝑁p5�qPr∈hPij (𝐾𝑏b, 𝑦)

𝑁N\

where𝑁p5 𝐾𝑏b, 𝑦 = | 𝐸𝑑 𝑢, 𝑦, 𝑠=, 𝑘𝑏b |𝑢 ∈ 𝑛𝑏𝑟K&𝑣𝑎𝑙 𝑑&(𝑢, 𝑦, 𝑠=) = 𝐹𝑑|

EstimatingTrustbasedonCompetenceandBenevolencefunctions

𝑇𝑤(𝑥, 𝑦, 𝑠=) =13(𝐶𝑜𝑚(𝑛𝑏𝑟K, 𝑦, 𝑠=) + 𝐼𝑛𝑡(𝑛𝑏𝑟K, 𝑦, 𝑠=) + 𝐵𝑒𝑛 𝑥, 𝑦, 𝑠= )

𝑇𝑟 𝑥, 𝑦, 𝑠= = 𝑇𝑤(𝑥, 𝑦, 𝑠=)

RiskEstimation

RiskEstimation

InteractionRisk(𝑅= 𝑥, 𝑦, 𝑠= ) intheAllianceConsistsof:

• RelationalRisk 𝑅i 𝑥, 𝑦, 𝑠= :Theprobability andconsequence ofnothavingasuccessfulcooperation(Benevolentbehavior).

• PerformanceRisk(𝑅z 𝑥, 𝑦, 𝑠= ):Theprobability andconsequences thatallianceobjectives arenotrealized despitesatisfactorycooperationamongthepartner(thecompetenceofthegivenmember).

RiskEstimation

Interactionrisk

InteractionRiskisgivenby:

𝑅= 𝑥, 𝑦, 𝑠= = 𝑅i 𝑥, 𝑦, 𝑠= + 𝑅z 𝑥, 𝑦, 𝑠=

𝑅= 𝑥, 𝑦, 𝑠= = 𝑤E(1 − 𝐶𝑜𝑚 𝑥, 𝑦; 𝑠= ) +𝑤| 1 − 𝐵𝑒𝑛 𝑥, 𝑦; 𝑠=

𝑅= 𝑥, 𝑦, 𝑠= = 𝛼 1 − 𝐶𝑜𝑚 𝑛𝑏𝑟K, 𝑦, 𝑠= + 1 − α 1 − 𝐵𝑒𝑛 𝑥, 𝑦, 𝑠= , 0 ≤ 𝛼 ≤ 1

Perceived Interaction Risk( Ri ( x,y, Si ))

Benevolence Function

Risk Estimation

Competence Function

Relation Risk (Rr ( x,y, Si ) ) Performance Risk (Rp ( x,y, Si ))

W1W2

𝑤E =𝛼, 𝑤|= 1 − 𝛼T. Das, B.-S. Teng, Risk types and inter-frim alliance structures, Journal of management studies 33 (6) (1996) 827{843.

CaseStudy

Z

WD

A

Y

X

C

B

M

N

ACollaborativeNetwork

Notation

1Dimensions are: d1 = trustor, d2= trustee , d3 = time, d4= location, d5= task, d6=complexity, d7= deadline, d8= Outcome

1

val(𝑑&) = (1, 𝑖𝑓𝑑&= 𝐹𝑑0.5, 𝑖𝑓𝑑&= 𝐹𝑑𝑑0, 𝑖𝑓𝑑&= 𝑉

CalculatetheOutcome

benevolenceEvaluation Function

Ben (x,y, si )

Trustworthiness Evaluation Function

TW (x,y, si )Trust

Tr ( x,y, si )

Ed(x, y, si ; Kbx )

Ec(x, y, si )

Ben (x,y, si )

TW (x,y, si )

competenceEvaluation Function

Com (nbry ,y, si )

Com (nbry , y, si )

Kbx

Outcome of a taskTask typeReptReqtDestination’s IdOriginator’s

Id

vd8=OutcomevThreedifferentoutcomeoftasks

𝐹𝑑 𝐹𝑢𝑙𝑙𝑓𝑖𝑙𝑑𝑢𝑡𝑦𝐹𝑑𝑑 𝐹𝑢𝑙𝑙𝑓𝑖𝑙𝑑𝑢𝑡𝑦𝑤𝑖𝑡ℎ𝑑𝑒𝑙𝑎𝑦

𝑉 𝑉𝑖𝑜𝑙𝑎𝑡𝑒

Simulationsettingsandtheirillustrations

Z

WD

A

Y

X

C

B

M

N

Scenario

Domain“N”wantstochooseidealdomainsforcollaborationinordertomitigateanddefendagainstacertainattack.

Task(𝜏):Mitigateanddefendagainstacertainattack.

Sub-tasks:• 𝜏LE:provideresourceswithinacertaintimewindow,• 𝜏L|:monitoracertaintraffic,• 𝜏L�:blockacertainlink,• 𝜏L�:implementacertaincountermeasurement.

Selectinga“right”partneralgorithm

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

Com

pete

nce,

Ben

evol

ence

, Ri

s1

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1s2

Domains

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1s3

Domains

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1s4

Com

pete

nce,

Ben

evol

ence

, Ri

T

TT

T

Competence

Benevolence

Ri

Competence

Benevolence

Ri

Z

ZM YAX X

XX A M Y

A

A

M

M

Y

Y

Z

Z

Result

EvaluationResult

Members0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

The

valu

e of

ben

evol

ence

SELCSPSCTMSOLUM

X Y M Z A XMembers

0.4

0.6

0.8

0.9

The

valu

e of

com

pete

nce

SELCSPSCTMSOLUM

YM AZ

Thevalueofbenevolenceforthreedifferentalgorithms Thevalueofcompetenceforthreedifferentalgorithms

Governanceframework

• WeusetheServiceProviderGroup(SPG)frameworktodefineasetofcommonrulesandPolicies

• AnormativeAgentBasedModel(N-BDI*)tomonitorthemembers’behavior• Eduroam,CyberthreatAlliance• DigitalDataMarketPlacehttps://klm-4tlas.herokuapp.com/

• Employtheblockchainandsmartcontracttoimplementtherules.• StabilityoftheDigitalDataMarketplace.

Policies &Commonrules (Governance

framework)

Conclusion

• Toevaluate thetrustworthiness ofatrusteethedirect andindirect evidenceonthegiventrusteeweretakenintoaccount.

• Thetrust valueiscomputedbythree trustfactors,namelycompetence,integrityandbenevolence.

• Benevolence iscomputedfromdirect evidencebetweenatrusteeandatrustor• Competenceandintegrity areassessedonthebaseofthereceivedfeedbackfromtheotheralliancemembers(atrustee'sdirectneighbors).

• Weareabletocollectavarietyofevidenceonatrusteebyintroducingeightdimensionsforeachcontext.

Conclusion

• TheinteractionriskestimatedthroughtheSCTM bycombiningbenevolence andcompetence.

• Theweightingfactors usedtodeterminedifferentweightstoselectthepartnersbasedonthetask.

• WeevaluatedtheSCTMframeworkwithSARNETEmulation developedbyRalph.• TheN-BDI*frameworkdefinedtomonitorthemember’sbehavior.

Thank you.

Ameneh Deljooa.deljoo@uva.nl