1 |
Trust Management Systems: Reference Architecture and PersonalizationRashad, Hisham S. M. 20 September 2017 (has links)
Trust is the cornerstone of success in any relationship between two or more parties. Generally, we do not socialize, seek advice, consult, cooperate, buy or sell goods and services from/to others unless we establish some level of mutual trust between interacting parties. When e-commerce was merging infancy, the concept of trusting an entity in a virtual world was a huge obstacle. Gradually, increasingly-sophisticated, largely generic reputation scoring and management systems were embedded into the evolving marketplaces. Current technologies to include cloud computing, social networking, and mobile applications, coupled with the explosion in storage capacity and processing power, are evolving large-scale global marketplaces for a wide variety of resources and services, such as Amazon.com, BitTorrent, WebEx and Skype. In such marketplaces, user entities, or users for short; namely, consumers, providers and brokers, are largely autonomous with vastly diverse requirements, capabilities and trust profiles. Users' requirements may include service quality levels, cost, ease of use, etc. Users' capabilities may include assets owned or outsourced. Trustors' profiles may include what is promised and commitments to keep these promises. In such a large-scale heterogeneous marketplace, the trustworthy interactions and transactions in services and resources constitute a challenging endeavor.
Currently, solving such issues generally adopts a "one-size fits all" trust models and systems. Such approach is limiting due to variations in technology, conflicts between users' requirements and/or conflicts between user requirements and service outcomes. Additionally, this approach may result in service providers being overwhelmed by adding new resources to satisfy all possible requirements, while having no information or guarantees about the level of trust they gain in the network.
Accordingly, we hypothesize the need for personalizable customizable Trust Management Systems (TMSs) for the robustness and wide-scale adoption of large-scale marketplaces for resources and services. Most contemporary TMSs suffer from the following drawbacks:
• Oblivious to diversities in trustors' requirements,
• Primarily utilize feedback and direct or indirect experience as the only form of credentials and trust computations,
• Trust computation methodologies are generally hardcoded and not reconfigurable,
• Trust management operations, which we identify as monitoring, data management, analysis, expectation management, and decision making, are tightly coupled. Such coupling impedes customizability and personalization, and
• Do not consider context in trust computations, where trust perspectives may vary from a context to another.
Given these drawbacks and the large scale of the global marketplace of resources and services, a reference architecture for trust management systems is needed, which can incorporate current systems and may be used in guidance and development of a wide spectrum of trust management systems ranging from un-personalized to fully personalized systems. Up to our knowledge, no TMS reference architecture exists in the literature.
In this dissertation, we propose a new Reference Architecture for Trust Management (RATM). The proposed reference architecture applies separation of concern among trust management operations; namely, decision expectation, analytics, data management and monitoring. RATM defines trust management operations through five reconfigurable components which collectively can be used to implement a wide spectrum of trust management systems ranging from generic to highly personalized systems. We used RATM for trust personalization, where we propose a Personalized Trust Management System (PTMS) based on RATM. We evaluated PTMS's scalability and demonstrated its effectiveness, efficiency and resilience by contrasting against a Generic Trust Management System (GTMS). We used two case studies for our evaluations; namely, BitTorrent and a video conferencing application.
Intellectual Merit
In this work, we propose RATM, a reference architecture for trust management systems that can be used to implement a wide variety of trust management systems ranging from generic systems (un-personalized) to highly personalized systems. We assume service-based environment where consumers, brokers and service providers are interacting and transacting in services and resources to satisfying their own trust requirements. We used RATM to implement a personalized trust management system (TMS). The main contributions of this work are as follows:
• Proposing RATM for the guidance and development of a wide spectrum of TMSs ranging from un-personalized to fully personalized systems, and
• Utilizing our RATM to propose and implement a personalized, scalable TMS with varying trust computation models.
Broader Impact
RATM provides reference architecture for trust management which can be used to develop and evaluate a wide spectrum of TMSs. Personalization, in general, paves the road for reaching high levels of satisfaction, where interacting parties' requirements are individually considered and thus consumers are served the best suited service(s). Hence, we claim that PTMS would largely enhance large-scale heterogeneous systems offering services and resources. This could lead to more cooperation, more transactions, more satisfaction, less malicious behavior and lower costs. / PHD / Trust is the cornerstone of success in any relationship between two or more persons. Generally, we do not socialize, seek advice, consult, cooperate, buy or sell goods and services from/to others unless we establish some level of mutual trust between interacting parties. When ecommerce was firstly used, the concept of trusting a service delivered by someone who is not physically in the same place was a huge obstacle. Gradually, more sophisticated, largely generic reputation scoring and management systems were used into the new internet marketplaces. A reputation scoring and management system is a system which collects feedback from different users about service providers in a certain marketplace on the internet and uses them to anticipate future behavior of these providers. Current computer technologies to include cloud computing, social networking, and mobile applications, coupled with the explosion in computer and mobile devises’ storage capacity and processing power, are evolving large-scale global marketplaces offering a wide variety of resources and services to consumers across the globe. Examples include Amazon.com, BitTorrent, WebEx and Skype. In such marketplaces, consumers, providers and brokers, are largely autonomous with vastly diverse requirements, capabilities and trust profiles. By autonomous we mean acting in accordance with one's moral duty rather than one's desires. Users’ requirements may include service quality levels, cost, ease of use, etc. Users’ capabilities may include assets owned or leased from others. Trustors’ profiles may include what is promised and commitments to keep these promises. In such a large-scale marketplace, the trustworthy interactions and transactions in services and resources constitute a challenging endeavor. By trustworthy interaction we mean transactions which deliver results that are accepted by all parties.
Currently, solving such issues of trust generally adopts a “one-size fits all” trust models and systems. By trust models and systems we mean computer programs which perform the reputation scoring and management. i.e. select a single service which can serve all requirements. Such approach is limiting due to variations in technology, conflicts between users’ requirements and/or conflicts between user requirements and service outcomes. Additionally, this approach may result in service providers being overwhelmed by adding new resources to satisfy all possible requirements, while having no information or guarantees about the level of trust they gain in the eye of their consumers.
Accordingly, we hypothesize the need for personalizable customizable Trust Management Systems (TMSs) for the robustness and wide-scale adoption of large-scale marketplaces for resources and services. In other words, we assume the need for a trust management system which can select services satisfying transaction parties’ requirements. Most contemporary TMSs suffer from the following drawbacks:
• Select one size fits all service,
• Utilize one and only one type of data for calculating the score used for anticipating the future behavior of a party,
• Utilize one and only one method to calculate the score value used for anticipating the future behavior of a party,
• Trust scoring calculation method does cannot be reprogrammed,
• Trust scoring calculation method does not consider the context in which the data was collected.
Given these drawbacks and the large scale of the global marketplace of resources and services, a reference architecture for trust management systems is needed, which can incorporate current systems and may be used in guidance and development of a wide spectrum of trust management systems ranging from un-personalized to fully personalized systems. Up to our knowledge, no TMS reference architecture exists in the literature.
In this dissertation, we propose a new Reference Architecture for Trust Management (RATM), which overcomes the drawbacks of current systems. It proposes evaluating trust by number of flexible operations namely, decision expectation, analytics, data management and monitoring. These operations collectively can be used to implement a wide spectrum of trust management systems ranging from generic to highly personalized systems. We used RATM for trust personalization, where we propose a Personalized Trust Management System (PTMS) based on RATM. We evaluated PTMS’s ability to sustain the increasing number of users and demonstrated its effectiveness, efficiency and its ability to resist attacks. We achieved that by contrasting experimentation results against that of a Generic Trust Management System (GTMS). We used two case studies for our evaluations; namely, BitTorrent and a video conferencing application.
|
2 |
Towards Secure and Trustworthy Wireless Ad hoc NetworksRen, Yonglin 19 June 2012 (has links)
Due to the attractive advantages of wireless communication technologies, wireless networking and mobile computing has developed expeditiously and gained ample prevalence. Thereby, many practical applications are being designed for the use of wireless ad hoc networks in both military and civilian scenarios. However, some security concerns have arisen from such networks, especially in that misbehaving nodes pose a major threat during the construction of a trusted network. Therefore, security is one of the key challenges in wireless ad hoc networks, requiring significant attention due to their own features and concerns. This thesis presents several computational models and security strategies for the design of secure, trustworthy networks, which are able to make rational decisions when encountering potential threats. In this thesis, we first propose a distributed network management model for secure group communication. Our approach simplifies the complexity of traditional group management and supports the inclusion of other security mechanisms for the purpose of secure communications. As a decentralized management method, trust can perform well in a dynamic and agile environment. Our proposed trust system defines the concept of trust, establishes the trust relationship between distributed nodes, involves the novel and effective computational model, and specifies a set of trust-based rules in this system for wireless nodes. We also propose a hybrid cryptosystem through the application of both symmetric and asymmetric key algorithms to provide reliable and secure protection of data confidentiality. With the design of selective encryption, uncertainty is incorporated into data encryption and the overhead spent on the data protection is significantly reduced. Thus, the communicating parties not only obtain reliable security protection, but also improve the efficiency of data communication. Through security analysis and simulation experiments, we have shown how decentralized management is useful in wireless and ad hoc scenarios, how trust provides feasible solutions for misbehavior detection, and how our proposed strategies offer security properties.
|
3 |
Autoregression Models for Trust Management in Wireless Ad Hoc NetworksLi, Zhi 05 October 2011 (has links)
In this thesis, we propose a novel trust management scheme for improving routing reliability in wireless ad hoc networks. It is grounded on two classic autoregression models, namely Autoregressive (AR) model and Autoregressive with exogenous inputs (ARX) model. According to this scheme, a node periodically measures the packet forwarding ratio of its every neighbor as the trust observation about that neighbor.
These measurements constitute a time series of data. The node has such a time series for each neighbor. By applying an autoregression model to these time series, it predicts the neighbors future packet forwarding ratios as their trust estimates, which in turn facilitate it to make intelligent routing decisions. With an AR model being applied, the
node only uses its own observations for prediction; with an ARX model, it will also take into account recommendations from other neighbors. We evaluate the performance of
the scheme when an AR, ARX or Bayesian model is used. Simulation results indicate that the ARX model is the best choice in terms of accuracy.
|
4 |
Towards Secure and Trustworthy Wireless Ad hoc NetworksRen, Yonglin 19 June 2012 (has links)
Due to the attractive advantages of wireless communication technologies, wireless networking and mobile computing has developed expeditiously and gained ample prevalence. Thereby, many practical applications are being designed for the use of wireless ad hoc networks in both military and civilian scenarios. However, some security concerns have arisen from such networks, especially in that misbehaving nodes pose a major threat during the construction of a trusted network. Therefore, security is one of the key challenges in wireless ad hoc networks, requiring significant attention due to their own features and concerns. This thesis presents several computational models and security strategies for the design of secure, trustworthy networks, which are able to make rational decisions when encountering potential threats. In this thesis, we first propose a distributed network management model for secure group communication. Our approach simplifies the complexity of traditional group management and supports the inclusion of other security mechanisms for the purpose of secure communications. As a decentralized management method, trust can perform well in a dynamic and agile environment. Our proposed trust system defines the concept of trust, establishes the trust relationship between distributed nodes, involves the novel and effective computational model, and specifies a set of trust-based rules in this system for wireless nodes. We also propose a hybrid cryptosystem through the application of both symmetric and asymmetric key algorithms to provide reliable and secure protection of data confidentiality. With the design of selective encryption, uncertainty is incorporated into data encryption and the overhead spent on the data protection is significantly reduced. Thus, the communicating parties not only obtain reliable security protection, but also improve the efficiency of data communication. Through security analysis and simulation experiments, we have shown how decentralized management is useful in wireless and ad hoc scenarios, how trust provides feasible solutions for misbehavior detection, and how our proposed strategies offer security properties.
|
5 |
Autoregression Models for Trust Management in Wireless Ad Hoc NetworksLi, Zhi 05 October 2011 (has links)
In this thesis, we propose a novel trust management scheme for improving routing reliability in wireless ad hoc networks. It is grounded on two classic autoregression models, namely Autoregressive (AR) model and Autoregressive with exogenous inputs (ARX) model. According to this scheme, a node periodically measures the packet forwarding ratio of its every neighbor as the trust observation about that neighbor.
These measurements constitute a time series of data. The node has such a time series for each neighbor. By applying an autoregression model to these time series, it predicts the neighbors future packet forwarding ratios as their trust estimates, which in turn facilitate it to make intelligent routing decisions. With an AR model being applied, the
node only uses its own observations for prediction; with an ARX model, it will also take into account recommendations from other neighbors. We evaluate the performance of
the scheme when an AR, ARX or Bayesian model is used. Simulation results indicate that the ARX model is the best choice in terms of accuracy.
|
6 |
Reputation-based Trust Management in Peer-to-Peer File Sharing SystemsMekouar, Loubna January 2010 (has links)
Trust is required in file sharing peer-to-peer (P2P) systems to achieve better cooperation among peers and reduce malicious uploads. In reputation-based P2P systems, reputation is used to build trust among peers based on their past transactions and feedbacks from other peers. In these systems, reputable peers will usually be selected to upload requested files, decreasing significantly malicious uploads in the system.
This thesis surveys different reputation management systems with a focus on reputation based P2P systems. We breakdown a typical reputation system into functional components. We discuss each component and present proposed solutions from the literature. Different reputation-based systems are described and analyzed. Each proposed scheme presents a particular perspective in addressing peers’ reputation.
This thesis also presents a novel trust management framework and associated schemes for partially decentralized file sharing P2P systems. We address trust according to three identified dimensions: Authentic Behavior, Credibility Behavior and Contribution Behavior. Within our trust management framework, we proposed several algorithms for reputation management. In particular, we proposed algorithms to detect malicious peers that send inauthentic files, and liar peers that send wrong feedbacks.
Reputable peers need to be motivated to upload authentic files by increasing the benefits received from the system. In addition, free riders need to contribute positively to the system. These peers are consuming resources without uploading to others. To provide the right incentives for peers, we develop a novel service differentiation scheme based on peers’ contribution rather than peers’ reputation. The proposed scheme protects the system against free-riders and malicious peers and reduces the service provided to them.
In this thesis, we also propose a novel recommender framework for partially decentralized file sharing P2P systems. We take advantage from the partial search process used in these systems to explore the relationships between peers. The proposed recommender system does not require any additional effort from the users since implicit rating is used. The recommender system also does not suffer from the problems that affect traditional collaborative filtering schemes like the Cold start, the Data sparseness and the Popularity effect.
Over all, our unified approach to trust management and recommendations allows for better system health and increased user satisfaction.
|
7 |
Reputation-based Trust Management in Peer-to-Peer File Sharing SystemsMekouar, Loubna January 2010 (has links)
Trust is required in file sharing peer-to-peer (P2P) systems to achieve better cooperation among peers and reduce malicious uploads. In reputation-based P2P systems, reputation is used to build trust among peers based on their past transactions and feedbacks from other peers. In these systems, reputable peers will usually be selected to upload requested files, decreasing significantly malicious uploads in the system.
This thesis surveys different reputation management systems with a focus on reputation based P2P systems. We breakdown a typical reputation system into functional components. We discuss each component and present proposed solutions from the literature. Different reputation-based systems are described and analyzed. Each proposed scheme presents a particular perspective in addressing peers’ reputation.
This thesis also presents a novel trust management framework and associated schemes for partially decentralized file sharing P2P systems. We address trust according to three identified dimensions: Authentic Behavior, Credibility Behavior and Contribution Behavior. Within our trust management framework, we proposed several algorithms for reputation management. In particular, we proposed algorithms to detect malicious peers that send inauthentic files, and liar peers that send wrong feedbacks.
Reputable peers need to be motivated to upload authentic files by increasing the benefits received from the system. In addition, free riders need to contribute positively to the system. These peers are consuming resources without uploading to others. To provide the right incentives for peers, we develop a novel service differentiation scheme based on peers’ contribution rather than peers’ reputation. The proposed scheme protects the system against free-riders and malicious peers and reduces the service provided to them.
In this thesis, we also propose a novel recommender framework for partially decentralized file sharing P2P systems. We take advantage from the partial search process used in these systems to explore the relationships between peers. The proposed recommender system does not require any additional effort from the users since implicit rating is used. The recommender system also does not suffer from the problems that affect traditional collaborative filtering schemes like the Cold start, the Data sparseness and the Popularity effect.
Over all, our unified approach to trust management and recommendations allows for better system health and increased user satisfaction.
|
8 |
Autoregression Models for Trust Management in Wireless Ad Hoc NetworksLi, Zhi 05 October 2011 (has links)
In this thesis, we propose a novel trust management scheme for improving routing reliability in wireless ad hoc networks. It is grounded on two classic autoregression models, namely Autoregressive (AR) model and Autoregressive with exogenous inputs (ARX) model. According to this scheme, a node periodically measures the packet forwarding ratio of its every neighbor as the trust observation about that neighbor.
These measurements constitute a time series of data. The node has such a time series for each neighbor. By applying an autoregression model to these time series, it predicts the neighbors future packet forwarding ratios as their trust estimates, which in turn facilitate it to make intelligent routing decisions. With an AR model being applied, the
node only uses its own observations for prediction; with an ARX model, it will also take into account recommendations from other neighbors. We evaluate the performance of
the scheme when an AR, ARX or Bayesian model is used. Simulation results indicate that the ARX model is the best choice in terms of accuracy.
|
9 |
Autoregression Models for Trust Management in Wireless Ad Hoc NetworksLi, Zhi January 2011 (has links)
In this thesis, we propose a novel trust management scheme for improving routing reliability in wireless ad hoc networks. It is grounded on two classic autoregression models, namely Autoregressive (AR) model and Autoregressive with exogenous inputs (ARX) model. According to this scheme, a node periodically measures the packet forwarding ratio of its every neighbor as the trust observation about that neighbor.
These measurements constitute a time series of data. The node has such a time series for each neighbor. By applying an autoregression model to these time series, it predicts the neighbors future packet forwarding ratios as their trust estimates, which in turn facilitate it to make intelligent routing decisions. With an AR model being applied, the
node only uses its own observations for prediction; with an ARX model, it will also take into account recommendations from other neighbors. We evaluate the performance of
the scheme when an AR, ARX or Bayesian model is used. Simulation results indicate that the ARX model is the best choice in terms of accuracy.
|
10 |
Towards Secure and Trustworthy Wireless Ad hoc NetworksRen, Yonglin January 2012 (has links)
Due to the attractive advantages of wireless communication technologies, wireless networking and mobile computing has developed expeditiously and gained ample prevalence. Thereby, many practical applications are being designed for the use of wireless ad hoc networks in both military and civilian scenarios. However, some security concerns have arisen from such networks, especially in that misbehaving nodes pose a major threat during the construction of a trusted network. Therefore, security is one of the key challenges in wireless ad hoc networks, requiring significant attention due to their own features and concerns. This thesis presents several computational models and security strategies for the design of secure, trustworthy networks, which are able to make rational decisions when encountering potential threats. In this thesis, we first propose a distributed network management model for secure group communication. Our approach simplifies the complexity of traditional group management and supports the inclusion of other security mechanisms for the purpose of secure communications. As a decentralized management method, trust can perform well in a dynamic and agile environment. Our proposed trust system defines the concept of trust, establishes the trust relationship between distributed nodes, involves the novel and effective computational model, and specifies a set of trust-based rules in this system for wireless nodes. We also propose a hybrid cryptosystem through the application of both symmetric and asymmetric key algorithms to provide reliable and secure protection of data confidentiality. With the design of selective encryption, uncertainty is incorporated into data encryption and the overhead spent on the data protection is significantly reduced. Thus, the communicating parties not only obtain reliable security protection, but also improve the efficiency of data communication. Through security analysis and simulation experiments, we have shown how decentralized management is useful in wireless and ad hoc scenarios, how trust provides feasible solutions for misbehavior detection, and how our proposed strategies offer security properties.
|
Page generated in 0.0313 seconds