Spelling suggestions: "subject:"trust establishment"" "subject:"crust establishment""
1 |
Trust Evaluation and Establishment for Multi-Agent SystemsAref, Abdullah 09 May 2018 (has links)
Multi-agent systems are increasingly popular for modeling distributed environments that are highly complex and dynamic such as e-commerce, smart buildings, and smart grids. Often in open multi-agent systems, agents interact with other agents to meet their own goals. Trust is considered significant in multi-agent systems to make interactions effectively, especially when agents cannot assure that potential partners share the same core beliefs about the system or make accurate statements regarding their competencies and abilities. This work describes a trust model that augments fuzzy logic with Q-learning, and a suspension technique to help trust evaluating agents select beneficial trustees for interaction in uncertain, imprecise, and the dynamic multi-agent systems. Q-Learning is used to evaluate trust on the long term, fuzzy inferences are used to aggregate different trust factors and suspension is used as a short-term response to dynamic changes. The performance of the proposed model is evaluated using simulation. Simulation results indicate that the proposed model can help agents select trustworthy partners to interact with. It has a better performance compared to some of the popular trust models in the presence of misbehaving interaction partners.
When interactions are based on trust, trust establishment mechanisms can be used to direct trustees, instead of trustors, to build a higher level of trust and have a greater impact on the results of interactions. This work also describes a trust establishment model for intelligent agents using implicit feedback that goes beyond trust evaluation to outline actions to guide trustees (instead of trustors). The model uses the retention of trustors to model trustors’ behaviours. For situations where tasks are multi-criteria and explicit feedback is available, we present a trust establishment model that uses a multi-criteria approach to help trustees to adjust their behaviours to improve their perceived trust and attract more interactions with trustors. The model calculates the necessary improvement per criterion when only a single aggregated satisfaction value is provided per interaction, where the model attempts to predicted both the appropriate value per criteria and its importance. Then we present a trust establishment model that integrates the two major sources of information to produce a comprehensive assessment of a trustor’s likely needs in multi-agent systems. Specifically, the model attempts to incorporates explicit feedback, and implicit feed-back assuming multi-criteria tasks. The proposed models are evaluated through simulation, we found that trustees can enhance their trustworthiness, at a cost, if they tune their behaviour in response to feedback (explicit or implicit) from trustors. Using explicit feedback with multi-criteria tasks, trustees can emphasize on important criterion to satisfy need of trustors. Trust establishment based on explicit feedback for multi-criteria tasks, can result in a more effective and efficient trust establishment compared to using implicit feedback alone. Integrating both approaches together can achieve a reasonable trust level at a relatively lower cost.
|
2 |
Designing Robust Trust Establishment Models with a Generalized Architecture and a Cluster-Based Improvement MethodologyTempleton, Julian 18 August 2021 (has links)
In Multi-Agent Systems consisting of intelligent agents that interact with one another, where the agents are software entities which represent individuals or organizations, it is important for the agents to be equipped with trust evaluation models which allow the agents to evaluate the trustworthiness of other agents when dishonest agents may exist in an environment. Evaluating trust allows agents to find and select reliable interaction partners in an environment. Thus, the cost incurred by an agent for establishing trust in an environment can be compensated if this improved trustworthiness leads to an increased number of profitable transactions. Therefore, it is equally important to design effective trust establishment models which allow an agent to generate trust among other agents in an environment. This thesis focuses on providing improvements to the designs of existing and future trust establishment models.
Robust trust establishment models, such as the Integrated Trust Establishment (ITE) model, may use dynamically updated variables to adjust the predicted importance of a task’s criteria for specific trustors. This thesis proposes a cluster-based approach to update these dynamic variables more accurately to achieve improved trust establishment performance. Rather than sharing these dynamic variables globally, a model can learn to adjust a trustee’s behaviours more accurately to trustor needs by storing the variables locally for each trustor and by updating groups of these variables together by using data from a corresponding group of similar trustors.
This work also presents a generalized trust establishment model architecture to help models be easier to design and be more modular. This architecture introduces a new transaction-level preprocessing module to help improve a model’s performance and defines a trustor-level postprocessing module to encapsulate the designs of existing models. The preprocessing module allows a model to fine-tune the resources that an agent will provide during a transaction before it occurs. A trust establishment model, named the Generalized Trust Establishment Model (GTEM), is designed to showcase the benefits of using the preprocessing module.
Simulated comparisons between a cluster-based version of ITE and ITE indicate that the cluster-based approach helps trustees better meet the expectations of trustors while minimizing the cost of doing so. Comparing GTEM to itself without the preprocessing module and to two existing models in simulated tests exhibits that the preprocessing module improves a trustee’s trustworthiness and better meets trustor desires at a faster rate than without using preprocessing.
|
3 |
Verifying Physical Endpoints to Secure Digital SystemsStuder, Ahren M. 01 May 2011 (has links)
The proliferation of electronic devices supporting sensing, actuation, and wireless communication enables the monitoring and/or control of a variety of physical systems with digital communication. Such “cyber physical systems” blur the boundaries of the digital and physical worlds, where correct information about the physical world is needed for the correct operation of the digital system. Often in these systems the physical source or destination of information is as important as the information itself. However, the omni-directional and invisible nature of wireless communication makes it difficult to determine communication endpoints. This allows a malicious party to intercept wireless messages or pose as other entities in the system. As such, these systems require new protocols to associate the endpoints of digital communication with physical entities.
Traditional security approaches that associate cryptographic keys with names can help verify endpoints in static systems where a string accurately describes the role of a device. In other systems, the role of a device depends on its physical properties, such as location, which change over time. This dynamic nature implies that identification of an endpoint based on a static name is insufficient. Instead, we can leverage devices’ sensing and actuation capabilities to verify the physical properties and determine the physical endpoints of communication. We investigate three different scenarios where the physical source and/or destination is important and propose endpoint verification techniques: verifying the physical endpoints during an exchange between two smartphones, verifying the receiver of information is in a physical space to enable location-based access control, and verifying the source of information to protect Vehicle-to-Vehicle (V2V) applications. We evaluate our proposals in these systems and show that our solutions fulfill the security requirements while utilizing existing hardware.
Exchanging Information Between Smartphones Shake on it (SHOT) allows users to verify the endpoints during an exchange of information between two smartphones. In our protocol, the phones use their vibrators and accelerometers to establish a human-observable communication channel. The users hold the phones together while the phones use this channel to bootstrap and verify the authenticity of an exchange that occurs over the higher-bandwidth wireless channel. Users can detect the injection of information from other devices as additional vibrations, and prevent such attacks. Our implementation of SHOT for the DROID smartphone is able to support sender and receiver verification during an exchange between two smartphones in 15 seconds on average.
Location-Based Access Control We propose using location-based access control to protect sensitive files on laptops, without requiring any effort from the user to provide security. With a purely wireless electronic system, verifying that a given device is in a physical space is a challenge; either the definition of the physical space is vague (radio waves can travel beyond walls) or the solution requires expensive hardware to measure a message’s time of flight. Instead, we use infrared as a signal that walls can contain. We develop key derivation protocols that ensure only a receiver in the physical room with access to the signal can derive the key. We implement a system that uses the laptop’s webcam to record the infrared signal, derive a key, and decrypt sensitive files in less than 5 seconds.
Source Verification for V2V Networks A number of V2V applications use information about nearby vehicles to prevent accidents or reduce fuel consumption. However, false information about the positioning of vehicles can cause erroneous behavior, including accidents that would not occur in the absence of V2V. As such, we need a way to verify which vehicle sent a message and that the message accurately describes the physical state of that vehicle. We propose using LED lights on vehicles to broadcast the certificate a vehicle is currently using. Receivers can use onboard cameras to film the encoding of the certificate and estimate the relative location of the vehicle. This visual channel allows a receiver to associate a physical vehicle at a known location with the cryptographic credentials used to sign a location claim. Our simulations indicate that even with a pessimistic visual channel, visual verification of V2V senders provides sufficient verification capabilities to support the relevant applications.
|
4 |
Secure Context-Aware Mobile SIP User AgentMerha, Bemnet Tesfaye January 2009 (has links)
Context awareness is an important aspect of pervasive and ubiquitous computing. By utilizing contextual information gathered from the environment, applications can adapt to the user’s specific situation. In this thesis, user context is used to automatically discover multimedia devices and services that can be used by a mobile Session Initiation Protocol (SIP) user agent. The location of the user is captured using various sensing technologies to allow users of our SIP user agent to interact with network attached projectors, speakers, and cameras in a home or office environment. In order to determine the location of the user, we have developed and evaluated a context aggregation framework that gathers and analyzes contextual information from various sources such as passive infrared sensors, infrared beacons, light intensity, and temperature sensors. Once the location of the user is determined, the Service Location Protocol (SLP) is used to search for services. For this purpose, we have implemented a mobile SLP user agent and integrated it with an existing SIP user agent. The resulting mobile SIP user agent is able to dynamically utilize multimedia devices around it without requiring the user to do any manual configuration. This thesis also addressed the challenge of building trust relationship between the user agent and the multimedia services. We propose a mechanism which enables the user agent authenticate service advertisements before starting to redirect media streams. The measurements we have performed indicate that the proposed context aggregation framework provides more accurate location determination when additional sensors are incorporated. Furthermore, the performance measurements indicate that the delay incurred by introducing context awareness to the SIP user agent is acceptable for a small deployment such as home and office environment. In order to realize large scale deployments, future investigations are recommended to further improve the performance of the framework. / Att vara medveten om kontexten är en viktig synpunkt av präglande och allestädes närvarande uppskattning av omgivningen. Genom att utnyttja den kontextuella informationen som samlats in från omgivningen, kan applikationen anpassas till användarens specifika situation. I denna avhandling använder man användarens sammanhang för att automatiskt upptäcka multimedia utrustning och tjänster som kan användas av en mobil Session Initiation Protokoll (SIP) användaragent. Placeringen av användaren mäter man med hjälp av olika sensorer för att låta användare av vår SIP användaragent att interagera med nätverk tillkopplat projektorer, högtalare och kameror i hem eller kontorsmiljöer. För att avgöra var användaren befinner har vi utvecklat och utvärderat en sammanhangsstruktur som samlar in och analyserar innehållsbaserad information från olika källor; passiva infraröda sensorer, infraröd beacons, ljusstyrkan och temperaturgivare. Efter bestämmaning användarens placering den så kallade Service Location Protocol (SLP) användas för att söka efter tjänster. För detta ändamål har vi genomfört en mobil SLP användaragent och integrerat denna med ett befintligt SIP användaragent. Den resulterande i mobil SIP användaragent som dynamiskt kan utnyttja multimedia utrustning runt omkring utan att kräva att användaren skall kunna göra någon manuell konfiguration. Avhandlingen tar även upp den utmaningen som krävs för att bygga förtroende mellan användaragenten och multimedia tjänster. Vi föreslår en mekanism som gör det möjligt för användaragenten att verifiera tjänstannonsering innan man börjar dirigera medieströmmar. Dessutom så indikerar mätningarna av prestanda att fördröjningen som man utsätter den för genom att introducera ”medvetenhet om sammanhanget” till SIP användaragenten är acceptabel på hemma eller i en företagsmiljö. För att stora spridningar skall bli verklighet så rekommenderas det att göra mer forskning för att förbättra prestanda.
|
5 |
All Trust Is Local: Empowering Users’ Authentication Decisions on the InternetKim, Tiffany Hyun-Jin 01 October 2012 (has links)
No description available.
|
6 |
Agent-based one-shot authorisation scheme in a commercial extranet environmentAu, Wai Ki Richard January 2005 (has links)
The enormous growth of the Internet and the World Wide Web has provided the opportunity for an enterprise to extend its boundaries in the global business environment. While commercial functions can be shared among a variety of strategic allies - including business partners and customers, extranets appear to be the cost-effective solution to providing global connectivity for different user groups. Because extranets allow third-party users into corporate networks, they need to be extremely secure and external access needs to be highly controllable. Access control and authorisation mechanisms must be in place to regulate user access to information/resources in a manner that is consistent with the current set of policies and practices both at intra-organisational and cross-organisational levels. In the business-to-customer (B2C) e-commerce setting, a service provider faces a wide spectrum of new customers, who may not have pre-existing relationships established. Thus the authorisation problem is particularly complex. In this thesis, a new authorisation scheme is proposed to facilitate the service provider to establish trust with potential customers, grant access privileges to legitimate users and enforce access control in a diversified commercial environment. Four modules with a number of innovative components and mechanisms suitable for distributed authorisation on extranets are developed: * One-shot Authorisation Module - One-shot authorisation token is designed as a flexible and secure credential for access control enforcement in client/server systems; * Token-Based Trust Establishment Module - Trust token is proposed for server-centric trust establishment in virtual enterprise environment. * User-Centric Anonymous Authorisation Module - One-task authorisation key and anonymous attribute certificate are developed for anonymous authorisation in a multi-organisational setting; * Agent-Based Privilege Negotiation Module - Privilege negotiation agents are proposed to provide dynamic authorisation services with secure client agent environment for hosting these agents on user's platform
|
Page generated in 0.0975 seconds