A trust based approach to mobile multi-agent systems

Jones, Kevin I.

January 2010

This thesis undertakes to provide an architecture and understanding of the incorporation of trust into the paradigm of mobile multi-agent systems. Trust deliberation is a soft security approach to the problem of mobile agent security whereby an agent is protected from the malicious behaviour of others within the system. Using a trust approach capitalises on observing malicious behaviour rather than preventing it. We adopt an architectural approach to trust such than we do not provide a model in itself, numerous mathematical models for the calculation of trust based on a history of observations already exist. Rather we look to provide the framework enabling such models to be utilised by mobile agents. As trust is subjective we envisage a system whereby individual agents will use different trust models or different weighting mechanisms. Three architectures are provided. Centralised whereby the platform itself provides all of the services needed by an agent to make observations and calculate trust. Decentralised in which each individual agent is responsible for making observations, communicating trust and the calculation of its own trust in others. A hybrid architecture such that trust mechanisms are provided by the platform and additionally are embedded within the agents themselves. As an optimisation of the architectures proposed in this thesis, we introduce the notion of trust communities. A community is used as a means to represent the trust information in categorisations dependant upon various properties. Optimisation occurs in two ways; firstly with subjective communities and secondly with system communities. A customised implementation framework of the architectures is introduced in the form of our TEMPLE (Trust Enabled Mobile-agent PLatform Environment) and stands as the underpinning of a case-study implementation in order to provide empirical evidence in the form of scenario test-bed data as to the effectiveness of each architecture. The case study chosen for use in a trust based system is that of a fish market' as given the number of interactions, entities, and migration of agents involved in the system thus, providing substantial output data based upon the trust decisions made by agents. Hence, a good indicator of the effectiveness of equipping agents with trust ability using our architectures.

005.1

Trust-based routing in pure ad-hoc wireless networks

Pirzada, Asad Amir

January 2007

[Truncated abstract] An ad-hoc network of wireless nodes is a temporarily formed network, created, operated and managed by the nodes themselves. Due to its peculiar establishment and operational properties it is also often termed an infrastructure-less, self-organised, or spontaneous network. In order to extend the communication range of the nodes, beyond a single hop, specially configured routing protocols are used. The unique feature of these protocols is their ability to form routes in spite of a dynamic topology. For effective functioning of the network it is essential that the network nodes execute the routing protocols in a truthful manner regardless of their contemporary commitments and workload. In real life, this is more than often extremely difficult to realise, and so we often find malicious nodes also present in the same network. These nodes can either join externally or may originate internally by compromis- ing an existing benevolent node in the network. These malicious nodes can carry out an array of attacks against the routing protocols leading to route severing, unavailability of service or deception. A number of secure routing protocols, which make use of cryptographic algorithms to secure the routes, have recently been proposed. ... In order to sustain the improvised nature of ad-hoc networks, in this thesis, we have moved from the common mechanism of achieving trust via security to enforcing dependability through collaboration. We desist from the customary strategy of employing cryptography and instead use a trust model that is influ- enced by the human behavioural model. All nodes in the network independently execute this trust model and maintain their own assessment concerning other nodes in the network. Each node, based upon its individual experiences, rewards collabo- rating nodes for their benevolent behaviour and penalises malicious nodes for their malevolent conduct. To highlight the efficacy of this unique approach, we apply the trust model to three contemporary reactive routing protocols in a pure ad-hoc network. These trust reinforced routing protocols locate dependable routes in the network by observing the sincerity in participation of other nodes using a set of trust categories. The routes worked out in this way are neither protected in terms of security nor minimal in terms of hops. However, these routes traverse nodes, which have been identified as more trustworthy than others and for this reason are more dependable in extemporised circumstances. Through the help of extensive simulations, we have demonstrated that the usage of these protocols significantly improves the overall performance of the network even in the presence of a high percentage of malicious nodes. These protocols, being independent of a trust infrastructure, also enable rapid deployment and improved operation with dynamic adaptation to the current scenario. The prime advantage being gained is the ability to seamlessly integrate ad-hoc wireless networks belonging to dissimilar organisations.

Routing (Computer network management)

Ad hoc networks (Computer networks)

Trust security

Mobile

SDP And VPN For Remote Access : A Comparative Study And Performance Evaluation

Sintaro, Abel Tariku, Komolafe, Yemi Emmanuel

January 2021

Remote access is a way of providing access to networks from outside the premises of the network. Virtual Private Network (VPN) is one solution used to provide remote access. Software-Defined Perimeter (SDP) is another solution that is capable of providing access to resources from a remote location. These two technologies use different security models yet provide comparable remote access functionalities. This thesis project investigates the basic components, architecture, and security services of SDP and IPSec VPN. Additionally, a performance evaluation is conducted on SDPand VPN on their connection setup time and network throughput. Our result shows that both SDP and VPN provide secure access, however, SDP has additional features that make it a more secure solution. This thesis project is written in the hopes that it can help enterprises with or without a VPN solution already in place to consider SDP as an alternative solution and learn SDP in comparison with VPN.

Zero-Trust security model

Perimeter-based security model

Software- defined perimeter

IPSec VPN

performance evaluation

comparative study

Computer Systems

Datorsystem

Communication Systems

Kommunikationssystem