CS 6910: Advanced Computer and Information Security Lecture 1 Introduction to Trust in Computing* - PowerPoint PPT Presentation

Loading...

PPT – CS 6910: Advanced Computer and Information Security Lecture 1 Introduction to Trust in Computing* PowerPoint presentation | free to view - id: 477d3c-YjVjY



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

CS 6910: Advanced Computer and Information Security Lecture 1 Introduction to Trust in Computing*

Description:

CS 6910: Advanced Computer and Information Security Lecture 1 Introduction to Trust in Computing* Prof. Leszek Lilien Western Michigan University and – PowerPoint PPT presentation

Number of Views:315
Avg rating:3.0/5.0
Slides: 23
Provided by: llil1
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: CS 6910: Advanced Computer and Information Security Lecture 1 Introduction to Trust in Computing*


1
CS 6910 Advanced Computer and Information
Security Lecture 1 Introduction to Trust in
Computing
  • Prof. Leszek Lilien
  • Western Michigan University and
  • Center for Education and Research in Information
    Assurance and Security (CERIAS),
  • Purdue University
  • with contributions from
  • Prof. Bharat Bhargava
  • Department of Computer Sciences and CERIAS,
    Purdue University
  • Supported in part by NSF grants IIS-0209059,
    IIS-0242840, ANI-0219110, and Cisco URP grant.

2
Introduction to Trust
  • Outline
  • 1) Trust in Social Computing Systems
  • 2) Selected Trust Characteristics
  • 3) Selected Research Issues in Trust
  • 4) Avoiding Traps of Trust Complexity
  • 5) Trust and Privacy
  • incl. Trading Privacy Loss for Trust Gain
  • 6) Trust Pervasive Computing

3
1) Trust in Social Computg Systems (1)
  • Trust The American Heritage Dictionary
    of the English Language, 4th ed., Houghton
    Mifflin, 2000
  • reliance on the integrity, ability, or
    character of a person or thing
  • Trust is pervasive in social systems
  • Constantly used it in interactions among
  • People / Organizations / Animals / Artifacts
    (sic!)
  • E.g., Can I trust my car on this long vacation
    trip?
  • Used instinctively and implicitly in closed and
    static systems
  • Example In a small village everybody knows
    everybody
  • Villagers instinctively use their knowledge or
    stereotypes to trust/distrust others
  • Used consciously and explicitly in open or
    dynamic systems
  • Example In a big city - explicit rules of
    behavior in diverse trust relationships
  • E.g., Build up trust by asking friends or
    recommendation services for a dependable plumber

4
1) Trust in Social Computing Systems (2)
  • Establishing Trust by Interactions
  • Social or computer-based interactions
  • From a simple transaction to a complex
    collaboration
  • Adequate degree of trust required for
    interactions
  • How to establish initial trust?
  • Build up trust in interactions with strangers or
    known partners
  • Human or artificial partners
  • Offline or online
  • Trust Degradation and Recovery
  • Identification and isolation of violators
  • Dynamic trust updated according to interaction
    histories and recommendations
  • Fast degradation of trust and its slow recovery
  • This defends against smart violators

5
1) Trust in Social Computing Systems (3)
  • Trust is pervasive beneficial in complex social
    systems -
  • Why not exploit pervasive trust as a paradigm in
    computing?
  • Use it also in non-pervasive computing (not a
    contradiction!)
  • Trust is already common, used extensively in
    computing systems
  • Although usually subconsciously
  • Examples of users trust-based decisions
  • Search for reputable ISPs / e-banking sites
  • Ignoring emails from Nigerians asking for
    transferring millions of dollars
  • But should be even more pervasive in computing
    systems
  • Challenge for exploiting trust in computing
  • Extending trust-based solutions to
  • 1) Artificial entities (such as software agents
    or subsystems)
  • 2) Subconscious choices made by human users

6
2) Selected Trust Characteristics (1)
  • Dimensions of trust
  • Competence Does he possess qualifications to do
    it
  • Intention Is he willing to do it?
  • Degrees of trust - instead of binary
    (all-or-nothing) trust
  • You cant trust everybody but you have to trust
    somebody
  • Otherwise, youd be paranoid
  • Extreme costs of being paranoid
  • Looking over ones shoulder all the time
  • An untrusting system (even just implicitly) would
    be paranoid, inefficient
  • Trust is asymmetric
  • E.g., I trust you more than you trust me

cf. M. Reiter and M. Atallah, NSF IDM Workshop,
August 2003
7
2) Selected Trust Characteristics (2)
  • Who/what to trust?
  • Can you trust your smart refrigerator?
  • Can you trust your car, cell phone, PDA? RFID
    tags in store?
  • Devices can self-organize into malicious
    opportunistic networks
  • System loyalty (like servant loyalty)
  • Who does it work for? For insurer? For
    advertiser? For Big Brother?
  • Trust requires visibility of evidence/recommendati
    ons
  • If I dont know what the system is doing, I dont
    trust it
  • Relationship of trust to trustworhiness and
    usability
  • Trustworthiness gt ( Usability ) gt Trust
  • System excessive/insufficient trust demands can
    reduce its usability
  • If a system requires too many credentials, its
    usability decreases
  • If a system requires no credentials (e.g., no
    password), users dont trust it gt usability
    also decreases (surprise?)

8
3) Selected Research Issues in Trust
  • What incentives or penalties will foster trust
    relationships?
  • Currently incentives are often perverse
  • E.g., Smith buys security but Jones benefits
  • cf. M. Reiter and M. Atallah, NSF IDM Workshop,
    August 2003
  • Can we build trusted system from untrustworthy
    components?
  • Or Can we build a more trusted system from less
    trustworthy components?
  • In interactions
  • Seller is ultimately responsible for deciding
    on the degree of trust required to offer a
    service
  • Buyer is ultimately responsible for deciding
    on the degree of trust required to accept a
    service

9
4) Avoiding Traps of Trust Complexity (1)
  • Trust is a complex, multifaceted
    context-dependent notion
  • gt Words of caution on using the trust paradigm
  • Carefully select all and only those useful trust
    aspects needed for the system youre designing
  • Otherwise, either flexibility or performance
    suffers
  • 2) Optimize demands for evidence or credentials
  • Asking for too much - laborious and uncomfortable
  • Asking for too little will create image of a
    lax system
  • Who wants to be friends with someone who
    befriends crooks and thieves?

10
4) Avoiding Traps of Trust Complexity (2)
  • gt Words of caution on using the trust paradigm
    (cont.)
  • 3) Excessive reliance on explicit trust
    relationships hurts performance
  • Paranoid - avoid paranoia
  • E.g., modules in a well-integrated system should
    rely on implicit trust
  • Just as villagers do
  • In a crowd of entities, only some communicate
    directly
  • Only they need to use trust
  • Even fewer need to use trust explicitly

11
5) Trust and Privacy (1)
  • Privacy entitys ability to control the
    availability and exposure of information about
    itself
  • We extended the subject of privacy from a person
    in the original definition Internet Security
    Glossary, The Internet Society, Aug. 2004 to
    an entity including an organization or software
  • Maybe controversial but stimulating
  • Privacy Problem
  • Consider computer-based interactions
  • From a simple transaction to a complex
    collaboration
  • Interactions always involve dissemination of
    private data
  • It is voluntary, pseudo-voluntary, or
    compulsory
  • Compulsory - e.g., required by law
  • Threats of privacy violations result in lower
    trust
  • Lower trust leads to isolation and lack of
    collaboration

12
5) Trust and Privacy (2)
  • Thus, privacy and trust are closely related
  • Privacy-trust tradeoff Entity can trade privacy
    for a corresponding gain in its partners trust
    in it
  • The scope of an entitys privacy disclosure
    should be proportional to the benefits expected
    from the interaction
  • As in social interactions
  • E.g. a customer applying for a mortgage must
    reveal much more personal data than someone
    buying a book
  • Trust must be established before a privacy
    disclosure
  • Data provide quality an integrity
  • End-to-end communication sender authentication,
    message integrity
  • Network routing algorithms deal with malicious
    peers, intruders, security attacks

13
5) Trust and Privacy (3)
  • Optimize degree of privacy traded to gain trust
  • Disclose minimum needed for gaining partners
    necessary trust level
  • To optimize, need privacy trust measures
  • Once measures available
  • Automate evaluations of the privacy loss and
    trust gain
  • Quantify the trade-off
  • Optimize it
  • Privacy-for-trust trading requires privacy
    guarantees for further dissemination of private
    info
  • Disclosing party needs satisfactory limitations
    on further dissemination (or the lack of thereof)
    of traded private information
  • E.g., needs partners solid privacy policies
  • Merely perceived danger of a partners privacy
    violation can make the disclosing party reluctant
    to enter into a partnership
  • E.g., a user who learns that an ISP has
    carelessly revealed any customers email will
    look for another ISP

14
5) Trust and Privacy (4)
  • Summary Trading Information for Trust in
    Symmetric and Asymmetric Negotiations - When/how
    can partners trust each other?
  • Symmetric disclosing
  • Initial degree of trust / stepwise trust growth /
    establishes mutual full trust
  • Trades info for trust (info is private or not)
  • Symmetric preserving (from distrust to trust)
  • Initial distrust / no stepwise trust growth /
    establishes mutual full trust
  • No trading of info for trust (info is private or
    not)
  • Asymmetric
  • Initial full trust of Weaker into Stronger and
    no trust of Stronger into Weaker / stepwise trust
    growth / establishes full trust of Stronger
    into Weaker
  • Trades private info for trust

15
5) Trust and Privacy (5)
  • Privacy-Trust Tradeoff Trading Privacy Loss for
    Trust Gain
  • Were focusing on asymmetric trust negotiations
  • The weaker party trades a (degree of) privacy
    loss for (a degree of) a trust gain as perceived
    by the stronger party
  • Approach to trading privacy for trust Zhong
    and Bhargava, Purdue
  • Formalize the privacy-trust tradeoff problem
  • Estimate privacy loss due to disclosing a
    credential set
  • Estimate trust gain due to disclosing a
    credential set
  • Develop algorithms that minimize privacy loss for
    required trust gain
  • Bec. nobody likes loosing more privacy than
    necessary

16
6) Trust Pervasive Computing (1)
  • People surrounded by zillions of computing
    devices of all kinds, sizes, and aptitudes
    Sensor Nation Special Report, IEEE Spectrum,
    vol. 41, no. 7, 2004
  • Most with limited / rudimentary capabilities
  • Quite small, e.g., RFID tags, smart dust
  • Most embedded in artifacts for everyday use, or
    even human bodies
  • Possible both beneficial and detrimental (even
    apocalyptic) consequences

17
6) Trust Pervasive Computing (2)
  • New threats to security in pervasive environments
  • Example Malevolent opportunistic sensor
    networks
  • pervasive devices self-organizing into huge
    spy networks
  • Able to spy anywhere, anytime, on everybody and
    everything
  • Need means of detection and neutralization
  • To tell which and how many snoops are active,
    what data they collect, and who they work for
  • An advertiser? a nosy neighbor? Big Brother?
  • Questions such as Can I trust my refrigerator?
    will not be jokes
  • The refrigerator snitching on its owners dietary
    misbehavior for her doctor

18
6) Trust Pervasive Computing (3)
  • Radically changed, pervasive computing
    environments demand new approaches to computer
    privacy security
  • Our belief Socially based paradigms (such as
    trust-based paradigms for privacy security)
    will play a big role in pervasive computing
  • Solutions will vary (as in social settings)
  • Heavyweighty solutions for entities of high
    intelligence and capabilities (such as humans and
    intelligent systems) interacting in complex and
    important matters
  • Lightweight solutions for less intelligent and
    capable entities interacting in simpler matters
    of lesser consequence

19
6) Trust Pervasive Computing (4)
  • Example Use of Pervasive Trust for Access
    Control
  • Use of pervasive trust for access control
  • perimeter-defense authorization model
  • Investigated by B. Bhargava, Y. Zhong, et al.,
    2002 - 2003
  • using trust ratings
  • direct experiences
  • second-hand recommendations
  • using trust ratings to enhance the role-based
    access control (RBAC) mechanism

20
References Bibliography (1)
  • Slides based on BBLL part of the paper
  • Bharat Bhargava, Leszek Lilien, Arnon Rosenthal,
    Marianne Winslett, Pervasive Trust, IEEE
    Intelligent Systems, Sept./Oct. 2004, pp.74-77
  • Private and Trusted Interactions, by B.
    Bhargava and L. Lilien, March 2004.
  • Trust, Privacy, and Security. Summary of a
    Workshop Breakout Session at the National Science
    Foundation Information and Data Management (IDM)
    Workshop held in Seattle, Washington, September
    14 - 16, 2003 by B. Bhargava, C. Farkas, L.
    Lilien and F. Makedon, CERIAS Tech Report
    2003-34, CERIAS, Purdue University, November
    2003.
  • http//www2.cs.washington.edu/nsf2003 or
  • https//www.cerias.purdue.edu/tools_and_resources
    /bibtex_archive/archive/2003-34.pdf
  • Paper References
  • 1. The American Heritage Dictionary of the
    English Language, 4th ed., Houghton Mifflin,
    2000.
  • 2. B. Bhargava et al., Trust, Privacy, and
    Security Summary of a Workshop Breakout Session
    at the National Science Foundation Information
    and Data Management (IDM) Workshop held in
    Seattle,Washington, Sep. 1416, 2003, tech.
    report 2003-34, Center for Education and Research
    in Information Assurance and Security, Purdue
    Univ., Dec. 2003
  • www.cerias.purdue.edu/tools_and_resources/bibtex_
    archive/archive/2003-34.pdf.
  • 3. Internet Security Glossary, The Internet
    Society, Aug. 2004 www.faqs.org/rfcs/rfc2828.html
    .
  • 4. B. Bhargava and L. Lilien Private and
    Trusted Collaborations, to appear in Secure
    Knowledge Management (SKM 2004) A Workshop,
    2004.
  • 5. Sensor Nation Special Report, IEEE
    Spectrum, vol. 41, no. 7, 2004.

21
References Bibliography (2)
  • 5. 6. R. Khare and A. Rifkin, Trust Management
    on the World Wide Web, First Monday, vol. 3, no.
    6, 1998 www.firstmonday.dk/issues/issue3_6/khare.
  • 7. M. Richardson, R. Agrawal, and P.
    Domingos,Trust Management for the Semantic Web,
    Proc. 2nd Intl Semantic Web Conf., LNCS 2870,
    Springer-Verlag, 2003, pp. 351368.
  • 8. P. Schiegg et al., Supply Chain Management
    SystemsA Survey of the State of the Art,
    Collaborative Systems for Production Management
    Proc. 8th Intl Conf. Advances in Production
    Management Systems (APMS 2002), IFIP Conf. Proc.
    257, Kluwer, 2002.
  • 9. N.C. Romano Jr. and J. Fjermestad, Electronic
    Commerce Customer Relationship Management A
    Research Agenda, Information Technology and
    Management, vol. 4, nos. 23, 2003, pp. 233258.
  • 10. On Security Study of Two Distance Vector
    Routing Protocols for Mobile Ad Hoc Networks, by
    W. Wang, Y. Lu and B. Bhargava, Proc. of IEEE
    Intl. Conf. on Pervasive Computing and
    Communications (PerCom 2003), Dallas-Fort Worth,
    TX, March 2003. http//www.cs.purdue.edu/homes/wan
    gwc/PerCom03wangwc.pdf
  • 11. Fraud Formalization and Detection, by B.
    Bhargava, Y. Zhong and Y. Lu, Proc. of 5th Intl.
    Conf. on Data Warehousing and Knowledge Discovery
    (DaWaK 2003), Prague, Czech Republic, September
    2003. http//www.cs.purdue.edu/homes/zhong/papers/
    fraud.pdf
  • 12. e-Notebook Middleware for Accountability and
    Reputation Based Trust in Distributed Data
    Sharing Communities, by P. Ruth, D. Xu, B.
    Bhargava and F. Regnier, Proc. of the Second
    International Conference on Trust Management
    (iTrust 2004), Oxford, UK, March 2004.
    http//www.cs.purdue.edu/homes/dxu/pubs/iTrust04.p
    df
  • 13. Position-Based Receiver-Contention Private
    Communication in Wireless Ad Hoc Networks, by X.
    Wu and B. Bhargava, submitted to the Tenth Annual
    Intl. Conf. on Mobile Computing and Networking
    (MobiCom04), Philadelphia, PA, September -
    October 2004. http//www.cs.purdue.edu/homes/wu/HT
    ML/research.html/paper_purdue/mobi04.pdf

22
  • THE END
About PowerShow.com