Trust Models for Distributed Information Systems - PowerPoint PPT Presentation

Loading...

PPT – Trust Models for Distributed Information Systems PowerPoint presentation | free to view - id: 16af8-Yzg0Y



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Trust Models for Distributed Information Systems

Description:

Quantitative completeness trust model. Challenges/open issues. Concluding remarks. 3. Toone, 'Trust Models for Distributed Information Systems' Motivation ... – PowerPoint PPT presentation

Number of Views:188
Avg rating:3.0/5.0
Slides: 30
Provided by: deve
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Trust Models for Distributed Information Systems


1
Trust Models for Distributed Information Systems
  • Brian Toone
  • December 3, 2003
  • Advisors Premkumar Devanbu and Michael Gertz

2
Outline
  • Motivation
  • Survey of surveys
  • Quantitative completeness trust model
  • Challenges/open issues
  • Concluding remarks

3
Motivation
  • Trust research is a hot topic
  • Dec 2, 2003 NSF Cyber Trust Solicitation
    (30,000,000)
  • November 16-19, 2003 CRA Grand Research
    Challenge
  • Many research agendas
  • Survivability
  • Scalable security
  • Security, privacy and trust
  • Why? Awareness of dependence

4
Distributed Information Systems
  • Critical infrastructure
  • Gas, water
  • Power
  • Banking
  • Healthcare
  • Workgroup for Electronic Data Interchange
    http//www.wedi.org
  • News
  • Stock servers
  • Slashdot (karma, moderation, meta-moderation)
  • Other
  • Free Haven Project http//www.freehaven.net
  • Freenet http//freenet.sourceforge.net/
  • Hivecache http//www.mojonation.net/
  • P2P Filesharing (gnapster, gnutella, kazaa, etc…)

5
Vulnerabilities
  • Availability
  • Denial of service (the Slashdot effect)
  • Integrity
  • Corruption of good information
  • Production of bad information
  • Authentication and Authorization
  • Spoofing
  • Poorly designed access control logic
  • Accountability

6
Outline
  • Motivation
  • Survey of Surveys
  • Presti et. al, Trust Issues in Pervasive
    Environments, Deliverable WP2-01 version 1.1,
    September 2003
  • Josang, A. and Grandison, T., Research Proposals
    on Trust Modeling, Technical Report, Imperial
    College of Science, Medicine and Technology.
    August 2002
  • Klyne, G. Framework for Security and Trust
    Standards, SWAD-Europe, December 2002
  • Trust in Cyber-societies, Integrating the Human
    and Artificial Perspectives, Springer 2001.
    Available online at http//www.informatik.uni-trie
    r.de/ley/db/conf/agents/trust2000.html
  • Grandison, T. and Sloman, M., A Survey of Trust
    in Internet Applications, IEEE Communications
    Surveys. Fourth Quarter 2000
  • Quantitative completeness trust model
  • Challenges/open issues
  • Concluding remarks

7
Trusting Information
  • Trust is a relationship
  • trustor the subject that trusts a target entity
  • trustee the entity that is trusted
  • For a distributed information system…
  • trustor the consumer of information (and/or)
    the supplier of information
  • trustee the information being consumed (or
    supplied)

8
Outline
  • Motivation
  • Survey
  • Quantitative completeness trust model
  • Challenges/open issues
  • Concluding remarks

9
Context
  • Willow survivability architecture
  • The green block is all about trust

10
Context, contd
  • Establish trust requirements
  • Assign trust ratings
  • Enhanced mediation algorithm
  • Trust model

11
Context, one last slide
  • Completeness as the trust metric
  • Other metrics exist accuracy, timeliness, hybrid
    combinations
  • Artifacts objects uniquely identified by a
    global object identifier

12
The Challenge
13
Trust Ratings
  • Trustor expectations
  • Authority (expert) evaluation

Complete
14
More Trust Ratings
  • Qualitative model stops here … SEC and Coopis
    2003 papers
  • Quantitative model goes farther … answers the
    question how much

15
Quantitative completeness ratings
  • Two parts (c, e)
  • completeness
  • excessiveness
  • Correlation
  • Complete (100,0)
  • Incomplete (
  • Excessive (100, 0)
  • Overlapping (0)
  • Wrong (0, 0)

Overlapping(80,20)
16
Now what?
  • Enhance mediation to produce trustworthy
    integrated information
  • Determine the trustworthiness of a query result
    statically
  • This trust model works … almost!
  • Probability distribution of the trustworthiness
    of the integrated result

(.80,.20)
(.80,.20)
(?,?)

17
How?
  • Short answer … combinatorics
  • Long answer …

18
Trust-Enhanced Mediation Algorithm
  • Generate set of potential query plans
  • Two strategies
  • 2. Most trustworthy plan
  • highest 0 result 0
  • For each q in Q
  • If P(q) highest Then
  • highest P(q) result q
  • End If
  • Next
  • If req.satisfies(highest) And result 0 Then
  • return q
  • Else
  • Beep() Exit Application
  • End If
  • 1. First query plan that satisfies req.
  • For each q in Q
  • If req.satisfies(P(q)) Then Return q
  • End If
  • Next
  • req.satisfies ?
  • P(q)

19
Calculating P(q)
  • Query expression tree
  • Leaves source ratings
  • Nodes operations to perform
  • Example
  • q a ? b ? c
  • ratinga (.99,0)
  • ratingb (1.0,0)
  • ratingc (.95,0)
  • ratingq ?

20
You may be wondering …
  • Did you leave out something? Dont you need some
    more information … such as to? Wait a minute,
    what is to?
  • Who assigns ratings? Who/what is an authority?
  • Tell me again, did you say this relates to trust?

21
Outline
  • Motivation
  • Survey
  • Quantitative completeness trust model
  • Challenges/open issues
  • Concluding remarks

22
Challenges, Brians short list
  • Relevancy i.e., how useful is the model for
    emulating the underlying real world principles in
    the context of the distributed information system
    to which the model applies. Recall getting from
    the system diagrams to the Venn diagrams on slide
    12
  • Scalability
  • Anonymity

23
From the surveys, Brian agrees
  • Survey 11 says…
  • Mathematical properties of trust
  • Distribution and mobility
  • Intentionality
  • Initial trust
  • Dynamics of trust
  • The legal dimension
  • Survey 22 says…
  • Determing trust values
  • Trust transitivity
  • Intentionality
  • Ranking of trust levels
  • Dynamics of trust
  • Domain size ignorance
  • Dependent evidence
  • The role of insurance

1. Presti et. al, Trust Issues in Pervasive
Environments, Deliverable WP2-01 version 1.1,
September 2003
2. Josang, A. and Grandison, T., Research
Proposals on Trust Modeling, Technical Report,
Imperial College of Science, Medicine and
Technology. August 2002
24
Concluding remarks
  • Hot topic, lots of research underway and lots of
    research potential (i.e., the NSF solicitation
    for proposals)
  • Building a trust model for a distributed
    information system requires stitching together
    the necessary facets of a multi-faceted large
    concept

25
Thank you
  • Questions?
  • http//alive.cs.ucdavis.edu/research/trustmed.php
  • slides from this talk available now
  • coming soon … resources, links to references used
    in this talk

26
Resources
  • Will update with websites, urls, references

27
Outline
  • Motivation
  • Hot topic
  • NSF cyber trust proposal
  • Homeland security, critical infrastructure
    protection in the wake of 9/11 terrorist attacks
  • Citeceer top most cited papers have to do with
    distributed information systems
  • Distributed information systems
  • Lots of them!
  • Healthcare
  • Filesharing
  • Other
  • Backup solutions
  • Anonymous publication of information
  • Vulnerabilities in distributed information
    systems
  • Denial of service
  • Corruption of good information
  • Production of bad information
  • Survey (survey by grandisone and the other guy,
    the trust issues survey)
  • Trust in internet apps
  • Trust models

28
Trust Models
  • What is the purpose of a trust model?
  • What are the features/requirements of a trust
    model?

29
A Taxonomy of Trust Models
  • What are the categories of trust models?
  • What are examples of models that fit each
    category?
About PowerShow.com