Trust Establishment in Pervasive Grid Environments

1
Trust Establishment in Pervasive Grid
Environments

• Syed Naqvi, Michel Riguidel
• TÉLÉCOM PARIS
• École Nationale Supérieur des Télécommunications
  (ENST)
• 46 Rue Barrault, Paris 75013, France
• naqvi, riguidel_at_enst.fr

2
Outline

• Introduction
• Trust Establishment
• Implementation Status
• Conclusions

3
Outline

• Introduction
• Trust Establishment
• Implementation Status
• Conclusions

4
Trust
The reliance on a property or a virtue of a
person, or the conviction that a given premise is
true. Oxford Dictionary
An entity A is considered to trust another entity
B when entity A believes that entity B will
behave exactly as expected and required. Internat
ional Telecommunication Union
5
Pervasive Grid Environments

• The Grid can be accessed from any networked
  device
• laptop, mobile phone, PDA,
• The Grid can be composed of Internet-connected
  light-weight devices
• Inherent limitations of these devices, physical
  security,
• Ubiquitous access to the computing and storage
  resources
• Adaptable to users environments available
  anywhere anytime
• Enable mobile users to launch, monitor, and steer
  applications on the Grid
• Introduces new challenges
• Bandwidth, heterogeneity, connectivity,
  scalability, interfacing
• Security physical gaps requires knowledge of
  context and state

6
The Problem Statement

• How pervasive grid nodes can trust unknown
  infrastructure with their private data and
• How a computing infrastructure can trust a mobile
  node which is seeking access to its resources.

7
Outline

• Introduction
• Trust Establishment
• Implementation Status
• Conclusions

8
Trust Requirements

• Identification, Access Control, Privacy,
• User-based Trust Relationships
• If a user has the right to use sites A and B, the
  user should be able to use sites A and B together
  without requiring the security administrators
  from sites A and B to interact.
• Distributed Trust Evaluation
• The decentralized nature of administration makes
  it difficult to establish and propagate trust. A
  distributed trust evaluation scheme is therefore
  required for the pervasive grid environments.
• Non-History-based Trust Establishment
• If there is no trust among parties and there is
  no mechanism to build some trust based on a
  history of previous interactions.

9
Trust Establishment Approach

• Delegation of trust
• Decentralized hierarchical administration,
  scalability of certificate issuing capacity,
• Continuous monitoring of the changes to the trust
  level of each node
• Dynamic evaluation of the trust relationships,
  broadcast the presence of a malicious node in the
  environment,
• Consideration of context and state
• Determination of the access control on the basis
  of users location and the state of the users
  environment.

10

• Instead of having a single value representing the
  trust-worthiness of a node, the value should be
  broken into separate attributes confidences
• Each confidence represents a characteristic of a
  node from which trust can be synthesized. For
  example
• We can trust a node to be accurate (important for
  data integrity)
• We can trust a node to complete task reliably
• We can trust nodes to return data quickly (or
  always in the guaranteed time).
• These attributes form a virtual plane to link the
  resources, users (individuals services) and the
  applications
• Virtual and extensible basis for
  synthesizingvarying types of trust
• Signifies that there is not a fix form of trust
  among the various entities
• Allows the greatest flexibility from one
  entityto the other

11

• From the functional point of view
• Attribute certificates are used in compliment
  with identity certificates provided by the
  existing infrastructure.
• Identity certificates are used to verify the
  identity of an entity in a highly anonymous
  environment (e.g. the internet)
• Attribute certificates are used to determine the
  trustworthiness of an uncertain environment
  (such as Pervasive Grid)
• For direct trust relationship within a single
  domain, a node estimates the trustworthiness of
  the node it is going to interact.
• By using the centralized credentials architecture
  to determine the trust values of the individual
  nodes.
• By maintaining a trust table of the domain.
• For indirect trust relationships across multiple
  domains, a node has to trust all the
  intermediaries that it traversed before arriving
  the second node.
• By evaluating the trust degree along the whole
  path.

12
Outline

• Introduction
• Trust Establishment
• Implementation Status
• Conclusions

13
Experimental Set-up
Exam Hall
Library
S
S
T
T
S
S
S
S
CA / Storage Display Center
14
(No Transcript)
15
Outline

• Introduction
• Trust Establishment
• Implementation Status
• Conclusions

16

• The computing world is moving from the desktop
  computing to the mobile and nomadic computing.
• The near future Grid users will prefer to access
  the grid resources from their smart devices.
• Current research efforts to address trust problem
  in a Grid environment focus on relatively static
  scenarios.
• Pervasive Grid Environments require dynamic
  establishment of trust.
• These pervasive Grid environments may be few
  years ahead but its important to envision how
  things will be dealt with in the future.
• Our future directions include
• Implementation of deeper and fine grained
  interactions among the various entities of the
  Pervasive Grid Environments.
• Implementation of our trust model as an extension
  to the GSI.

17
(No Transcript)