By Swetha Namburi.  Trust  Trust Model ◦ Reputation-based Systems ◦ Architectural Approach to Decentralized Trust Management.

Slides:



Advertisements
Similar presentations
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Advertisements

Research Issues in Web Services CS 4244 Lecture Zaki Malik Department of Computer Science Virginia Tech
Chapter 19: Network Management Business Data Communications, 5e.
ARCH-01: Introduction to the OpenEdge™ Reference Architecture Don Sorcinelli Applied Technology Group.
PACE: An Architectural Style for Trust Management in Decentralized Applications Girish Suryanarayana Justin Erenkrantz Scott Hendrickson.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Security and Trust Software Architecture Lecture 21.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
OASIS Reference Model for Service Oriented Architecture 1.0
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Chapter 19: Network Management Business Data Communications, 4e.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Security and Trust Software Architecture Lecture 21.
The Architecture Design Process
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.
Chapter 10: Analyzing Systems Using Data Dictionaries Instructor: Paul K Chen.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 14 Slide 1 Object-oriented design 2.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Course Instructor: Aisha Azeem
Event Based Implicit Invocation By Ajay Mansata. INTRODUCTION An Architectural style defines a family of systems. An Architectural style defines a family.
Key Management in Cryptography
Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.
1 Data Strategy Overview Keith Wilson Session 15.
The chapter will address the following questions:
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 11 Slide 1 Architectural Design.
What is Software Architecture?
The Design Discipline.
Chapter 13 Starting Design: Logical Architecture and UML Package Diagrams.
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
11 1 Object oriented DB (not in book) Database Systems: Design, Implementation, & Management, 6 th Edition, Rob & Coronel Learning objectives: What.
1/19 Component Design On-demand Learning Series Software Engineering of Web Application - Principles of Good Component Design Hunan University, Software.
Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.
SecureMR: A Service Integrity Assurance Framework for MapReduce Author: Wei Wei, Juan Du, Ting Yu, Xiaohui Gu Source: Annual Computer Security Applications.
Security and Trust By Troy Lee. Overview Security Design Principles Architectural Access Control Access Control Models Connector-centric Architectural.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
SAML CCOW Work Item HL7 Working Group Meeting San Antonio - January 2008 Presented by: David Staggs, JD CISSP VHA Office of Information Standards.
Architectural Design lecture 10. Topics covered Architectural design decisions System organisation Control styles Reference architectures.
1 Network Management: SNMP The roots of education are bitter, but the fruit is sweet. - Aristotle.
Storing Organizational Information - Databases
1 Vigil : Enforcing Security in Ubiquitous Environments Authors : Lalana Kagal, Jeffrey Undercoffer, Anupam Joshi, Tim Finin Presented by : Amit Choudhri.
SWE © Solomon Seifu ELABORATION. SWE © Solomon Seifu Lesson 12-5 Software Engineering Design Goals.
GRASP: Designing Objects with Responsibilities
© 2005 Prentice Hall9-1 Stumpf and Teague Object-Oriented Systems Analysis and Design with UML.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
1 What is OO Design? OO Design is a process of invention, where developers create the abstractions necessary to meet the system’s requirements OO Design.
Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.
CSCI 578 Software Architectures Exam #2 Review. Materials you are responsible for Chapters 9-17 in the text book –Also Chapter 8 on Architectural Analysis.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Designing for NFPs Infosys, Mysore December 21, 2009.
1 5/18/2007ã 2007, Spencer Rugaber Architectural Styles and Non- Functional Requirements Jan Bosch. Design and Use of Software Architectures. Addison-Wesley,
REST By: Vishwanath Vineet.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P System Aameek Singh, Ling Liu College of Computing, Georgia Tech International.
XACML Showcase RSA Conference What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation logic n.
CS223: Software Engineering Lecture 13: Software Architecture.
Copyright © 2004, Keith D Swenson, All Rights Reserved. OASIS Asynchronous Service Access Protocol (ASAP) Tutorial Overview, OASIS ASAP TC May 4, 2004.
Decentralized Trust Management for Ad-Hoc Peer-to-Peer Networks Thomas Repantis Vana Kalogeraki Department of Computer Science & Engineering University.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Security and Trust Software Architecture.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 10Slide 1 Chapter 5:Architectural Design l Establishing the overall structure of a software.
Lan Zhou, Vijay Varadharajan, and Michael Hitchens
Module 8: Securing Network Traffic by Using IPSec and Certificates
Software Architecture
Module 8: Securing Network Traffic by Using IPSec and Certificates
Chapter 6: Architectural Design
Presentation transcript:

by Swetha Namburi

 Trust  Trust Model ◦ Reputation-based Systems ◦ Architectural Approach to Decentralized Trust Management

 Trust ◦ Trust is a particular level of the subjective probability with which an agent assesses that another agent will perform a particular action in a context that affects his actions [Gambetta, 1990]  Trust Model ◦ Describes the trust relationships between entities.  Reputation ◦ Expectation about an entity’s behavior based on past behavior [Abdul-Rahman, 2000] ◦ May be used to determine trust

 Two types of reputation-based systems ◦ Centralized ◦ Decentralized  Centralized ◦ Relies on a single centralized authority ◦ Provides a central repository to store reputation information provided by the users  Decentralized ◦ Every entity directly evaluates other entities ◦ Interacts directly with other entities to store trust information ◦ Ex : XREP

Trust model for decentralized peer-to-peer file-sharing applications

 Each entity (peer) must protect itself against these threats  Trust Management can serve as a potential countermeasure ◦ Trust relationships between peers help establish confidence  Two types of decentralized trust management systems ◦ Credential and policy-based ◦ Reputation-based

 Decentralized trust management has received a lot of attention from researchers [Grandison and Sloman, 2000] ◦ Primary focus has been on developing new models  But how does one build a trust-enabled decentralized application? ◦ How do I pick a trust model for a given application? ◦ And, how do I incorporate the trust model within each entity?

 Select a suitable reputation-based trust model for a given application  Describe this trust model precisely  Incorporate the model within the structure (architecture) of an entity ◦ Software architectural style for trust management (PACE)  Result – entity architecture consisting of ◦ components that encapsulate the trust model ◦ additional trust technologies to counter threats

 Trust ◦ Cannot be isolated to one component ◦ Is a dominant concern in decentralized applications and should be considered early on during application development ◦ Having an explicit architecture is one way to consistently address the cross-cutting concern of trust  Architectural styles ◦ Provide a foundation to reason about specific goals ◦ Facilitate reuse of design knowledge ◦ Allow known benefits to be leveraged and induce desirable properties

 Identify threats of decentralization  Use the threats to identify guiding principles that help defend against the threats  Incorporate these principles within an architectural style focused on decentralized trust management

ThreatsStrategies ImpersonationDigital identities, signature-based verification Fraudulent ActionsExplicit trust, comparable trust MisrepresentationExplicit trust, comparable trust, separation of internal and external data CollusionExplicit trust, comparable trust, separation of internal and external data Addition of unknownsImplicit trust of user

 Basis: C2, a layered event-based style ◦ Allows the natural structuring of the four functional units according to their dependencies ◦ Facilitates reuse ◦ Extensive tool support  The resultant architectural style is called PACE (Practical Architectural approach for Composing Egocentric trust)

 Communication ◦ Responsible for external interaction with other peers including data collection and transmission; does not depend upon data storage or analysis  Information ◦ Store all data including internal beliefs and reported information  Trust ◦ Responsible for trust computation and managing credentials; depends upon internal data for computation  Application ◦ Application-specific components including user interface; Builds upon services provided by the other three

Communication Layer Information Layer Trust Layer Communication Manager External Information Internal Information Key Manager Signature Manager Trust Manager Application Trust Rules HTTP SenderCustom ProtocolsMulticast Manager Multicast Handler Credentia l Manager A P P L I C A T I O N Application Layer

 Multiple protocol handlers. Translate internal events into external messages and vice-versa  Creates and manages protocol handlers  Signs requests and verifies notifications 15 Communication Layer Information Layer Trust Layer Application Layer Communication Manager External Information Internal Information Key Manager Signature Manager Trust Manager Application Trust Rules HTTP SenderCustom ProtocolsMulticast Manager Multicast Handler Credential Manager A P P L I C A T I O N

Separates internal beliefs from reported information Stores internal beliefs persistently Communication Layer Information Layer Trust Layer Application Layer Communication Manager External Information Internal Information Key Manager Signature Manager Trust Manager Application Trust Rules HTTP SenderCustom ProtocolsMulticast Manager Multicast Handler Credential Manager A P P L I C A T I O N

Incorporates different trust models and algorithms; can assign trust values to notifications received Generates unique public-private key pairs Maintains local cache of other peers’ identities; requests public keys from peers and responds to revocations Communication Layer Information Layer Trust Layer Application Layer Communication Manager External Information Internal Information Key Manager Signature Manager Trust Manager Application Trust Rules HTTP SenderCustom ProtocolsMulticast Manager Multicast Handler Credential Manager A P P L I C A T I O N

 Domain- specific trust rules; includes context of trust  User-interface and application- specific components 18 Communication Layer Information Layer Trust Layer Application Layer Communication Manager External Information Internal Information Key Manager Signature Manager Trust Manager Application Trust Rules HTTP SenderCustom ProtocolsMulticast Manager Multicast Handler Credential Manager A P P L I C A T I O N

 User sends request for trust information  Others respond  Responses are verified and tagged with trust values  User sees these messages and makes an informed decision  Post-interaction, user can change trust information 19 Communication Layer Information Layer Trust Layer Application Layer Communication Manager External Information Internal Information Key Manager Signature Manager Trust Manager Application Trust Rules HTTP SenderCustom ProtocolsMulticast Manager Multicast Handler Credential Manager A P P L I C A T I O N

Carol Bob Alice Marvin (malicious) Mallory (malicious) Decentralized Auctioning Trust-enabled entity architecture Trust-enabled entity architecture Trust-enabled entity architecture

Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.