Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 6910: Advanced Computer and Information Security Lecture 1 Introduction to Trust in Computing * Prof. Leszek Lilien Western Michigan University and.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CS 6910: Advanced Computer and Information Security Lecture 1 Introduction to Trust in Computing * Prof. Leszek Lilien Western Michigan University and."— Presentation transcript:

1 CS 6910: Advanced Computer and Information Security Lecture 1 Introduction to Trust in Computing * Prof. Leszek Lilien Western Michigan University and Center for Education and Research in Information Assurance and Security (CERIAS), Purdue University with contributions from Prof. Bharat Bhargava Department of Computer Sciences and CERIAS, Purdue University * Supported in part by NSF grants IIS-0209059, IIS-0242840, ANI-0219110, and Cisco URP grant.

2 Sept. 2006 2 Introduction to Trust Outline 1) Trust in Social & Computing Systems 2) Selected Trust Characteristics 3) Selected Research Issues in Trust 4) Avoiding Traps of Trust Complexity 5) Trust and Privacy incl. Trading Privacy Loss for Trust Gain 6) Trust & Pervasive Computing

3 Sept. 2006 3 1) Trust in Social & Comput’g Systems (1) Trust [The American Heritage Dictionary of the English Language, 4th ed., Houghton Mifflin, 2000 ] = “reliance on the integrity, ability, or character of a person or thing” Trust is pervasive in social systems Constantly used it in interactions among: People / Organizations / Animals / Artifacts (sic!) E.g., “Can I trust my car on this long vacation trip?” Used instinctively and implicitly in closed and static systems Example: In a small village – everybody knows everybody Villagers instinctively use their knowledge or stereotypes to trust/distrust others Used consciously and explicitly in open or dynamic systems Example: In a big city - explicit rules of behavior in diverse trust relationships E.g., Build up trust by asking friends or recommendation services for a dependable plumber

4 Sept. 2006 4 1) Trust in Social & Computing Systems (2) Establishing Trust by Interactions Social or computer-based interactions: From a simple transaction to a complex collaboration Adequate degree of trust required for interactions How to establish initial trust? Build up trust in interactions with strangers or known partners Human or artificial partners Offline or online Trust Degradation and Recovery Identification and isolation of violators Dynamic trust updated according to interaction histories and recommendations Fast degradation of trust and its slow recovery This defends against smart violators

5 Sept. 2006 5 1) Trust in Social & Computing Systems (3) Trust is pervasive & beneficial in complex social systems - Why not exploit pervasive trust as a paradigm in computing? Use it also in non-pervasive computing (not a contradiction!) Trust is already common, used extensively in computing systems Although usually subconsciously Examples of users’ trust-based decisions: Search for reputable ISPs / e-banking sites Ignoring emails from “Nigerians” asking for transferring millions of dollars But should be even more pervasive in computing systems Challenge for exploiting trust in computing: Extending trust-based solutions to: 1) Artificial entities (such as software agents or subsystems) 2) Subconscious choices made by human users’

6 Sept. 2006 6 2) Selected Trust Characteristics (1)  Dimensions of trust  Competence – Does he possess qualifications to do it  Intention – Is he willing to do it?  Degrees of trust - instead of binary (all-or-nothing) trust  “ You can’t trust everybody but you have to trust somebody”  Otherwise, you’d be paranoid  Extreme costs of being paranoid  Looking over one’s shoulder all the time  An untrusting system (even just implicitly) would be paranoid, inefficient  Trust is asymmetric  E.g., “I trust you more than you trust me”  In general, trust is bidirectional  But one direction can be implicit [cf. M. Reiter and M. Atallah, NSF IDM Workshop, August 2003]

7 Sept. 2006 7 2) Selected Trust Characteristics (2) Who/what to trust? Can you trust your smart refrigerator? Can you trust your car, cell phone, PDA? RFID tags in store? Devices can self-organize into malicious “opportunistic” networks System loyalty (like servant loyalty) : Who does it work for? For insurer? For advertiser? For Big Brother? Trust requires visibility of evidence/recommendations If I don’t know what the system is doing, I don’t trust it Relationship of trust to trustworhiness and usability Trustworthiness => ( Usability ) => Trust System excessive/insufficient trust demands can reduce its usability If a system requires too many credentials, its usability decreases If a system requires no credentials (e.g., no password), users don’t trust it => usability also decreases (surprise?)

8 Sept. 2006 8 3) Selected Research Issues in Trust What incentives or penalties will foster trust relationships? Currently incentives are often perverse E.g., Smith buys security but Jones benefits [cf. M. Reiter and M. Atallah, NSF IDM Workshop, August 2003] Can we build trusted system from untrustworthy components? Or: Can we build a more trusted system from less trustworthy components? In interactions: “Seller” is ultimately responsible for deciding on the degree of trust required to offer a service “Buyer” is ultimately responsible for deciding on the degree of trust required to accept a service

9 Sept. 2006 9 4) Avoiding Traps of Trust Complexity (1) Trust is a complex, multifaceted & context-dependent notion => Words of caution on using the trust paradigm: 1)Carefully select all and only those useful trust aspects needed for the system you’re designing Otherwise, either flexibility or performance suffers 2) Optimize demands for evidence or credentials Asking for too much - laborious and uncomfortable Asking for too little – will create image of a lax system Who wants to be friends with someone who befriends crooks and thieves?

10 Sept. 2006 10 4) Avoiding Traps of Trust Complexity (2) => Words of caution on using the trust paradigm (cont.): 3) Excessive reliance on explicit trust relationships hurts performance Paranoid - avoid paranoia E.g., modules in a well-integrated system should rely on implicit trust Just as villagers do In a crowd of entities, only some communicate directly Only they need to use trust Even fewer need to use trust explicitly

11 Sept. 2006 11 5) Trust and Privacy (1) Privacy = entity’s ability to control the availability and exposure of information about itself We extended the subject of privacy from a person in the original definition [“Internet Security Glossary,” The Internet Society, Aug. 2004 ] to an entity— including an organization or software Maybe controversial but stimulating Privacy Problem Consider computer-based interactions From a simple transaction to a complex collaboration Interactions always involve dissemination of private data It is voluntary, “pseudo-voluntary,” or compulsory Compulsory - e.g., required by law Threats of privacy violations result in lower trust Lower trust leads to isolation and lack of collaboration

12 Sept. 2006 12 5) Trust and Privacy (2) Thus, privacy and trust are closely related Privacy-trust tradeoff:Entity can trade privacy for a corresponding gain in its partners’ trust in it The scope of an entity’s privacy disclosure should be proportional to the benefits expected from the interaction As in social interactions E.g.: a customer applying for a mortgage must reveal much more personal data than someone buying a book Trust must be established before a privacy disclosure Data – provide quality an integrity End-to-end communication – sender authentication, message integrity Network routing algorithms – deal with malicious peers, intruders, security attacks

13 Sept. 2006 13 5) Trust and Privacy (3) Optimize degree of privacy traded to gain trust Disclose minimum needed for gaining partner’s necessary trust level To optimize, need privacy & trust measures Once measures available: Automate evaluations of the privacy loss and trust gain Quantify the trade-off Optimize it Privacy-for-trust trading requires privacy guarantees for further dissemination of private info Disclosing party needs satisfactory limitations on further dissemination (or the lack of thereof) of traded private information E.g., needs partner’s solid privacy policies Merely perceived danger of a partner’s privacy violation can make the disclosing party reluctant to enter into a partnership E.g., a user who learns that an ISP has carelessly revealed any customer’s email will look for another ISP

14 Sept. 2006 14 5) Trust and Privacy (4) Summary: Trading Information for Trust in Symmetric and Asymmetric Negotiations - When/how can partners trust each other? Symmetric „disclosing:” Initial degree of trust / stepwise trust growth / establishes mutual „full” trust Trades info for trust (info is private or not) Symmetric „preserving:” (from distrust to trust) Initial distrust / no stepwise trust growth / establishes mutual „full” trust No trading of info for trust (info is private or not) Asymmetric: Initial „full” trust of Weaker into Stronger and no trust of Stronger into Weaker / stepwise trust growth / establishes „full” trust of Stronger into Weaker Trades private info for trust

15 Sept. 2006 15 5) Trust and Privacy (5) Privacy-Trust Tradeoff: Trading Privacy Loss for Trust Gain We’re focusing on asymmetric trust negotiations: The weaker party trades a (degree of) privacy loss for (a degree of) a trust gain as perceived by the stronger party Approach to trading privacy for trust: [Zhong and Bhargava, Purdue]  Formalize the privacy-trust tradeoff problem  Estimate privacy loss due to disclosing a credential set  Estimate trust gain due to disclosing a credential set  Develop algorithms that minimize privacy loss for required trust gain Bec. nobody likes loosing more privacy than necessary

16 Sept. 2006 16 6) Trust & Pervasive Computing (1) People surrounded by zillions of computing devices of all kinds, sizes, and aptitudes [“Sensor Nation: Special Report,” IEEE Spectrum, vol. 41, no. 7, 2004 ] Most with limited / rudimentary capabilities Quite small, e.g., RFID tags, smart dust Most embedded in artifacts for everyday use, or even human bodies Possible both beneficial and detrimental (even apocalyptic) consequences

17 Sept. 2006 17 6) Trust & Pervasive Computing (2) New threats to security in pervasive environments Example: Malevolent opportunistic sensor networks — pervasive devices self-organizing into huge spy networks Able to spy anywhere, anytime, on everybody and everything Need means of detection and neutralization To tell which and how many snoops are active, what data they collect, and who they work for An advertiser? a nosy neighbor? Big Brother? Questions such as “Can I trust my refrigerator?” will not be jokes The refrigerator snitching on its owner’s dietary misbehavior for her doctor

18 Sept. 2006 18 6) Trust & Pervasive Computing (3) Radically changed, pervasive computing environments demand new approaches to computer privacy & security Our belief: Socially based paradigms (such as trust-based paradigms for privacy & security) will play a big role in pervasive computing Solutions will vary (as in social settings) Heavyweighty solutions for entities of high intelligence and capabilities (such as humans and intelligent systems) interacting in complex and important matters Lightweight solutions for less intelligent and capable entities interacting in simpler matters of lesser consequence

19 Sept. 2006 19 6) Trust & Pervasive Computing (4)  Example: Use of Pervasive Trust for Access Control  Use of pervasive trust for access control  perimeter-defense authorization model  Investigated by B. Bhargava, Y. Zhong, et al., 2002 - 2003  using trust ratings:  direct experiences  second-hand recommendations  using trust ratings to enhance the role-based access control (RBAC) mechanism

20 Sept. 2006 20 References & Bibliography (1) Slides based on BB+LL part of the paper: Bharat Bhargava, Leszek Lilien, Arnon Rosenthal, Marianne Winslett, “Pervasive Trust,” IEEE Intelligent Systems, Sept./Oct. 2004, pp.74-77 “Private and Trusted Interactions,” by B. Bhargava and L. Lilien, March 2004. “Trust, Privacy, and Security. Summary of a Workshop Breakout Session at the National Science Foundation Information and Data Management (IDM) Workshop held in Seattle, Washington, September 14 - 16, 2003” by B. Bhargava, C. Farkas, L. Lilien and F. Makedon, CERIAS Tech Report 2003-34, CERIAS, Purdue University, November 2003. http://www2.cs.washington.edu/nsf2003http://www2.cs.washington.edu/nsf2003 or https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2003-34.pdf Paper References: 1. The American Heritage Dictionary of the English Language, 4th ed., Houghton Mifflin, 2000. 2. B. Bhargava et al., Trust, Privacy, and Security: Summary of a Workshop Breakout Session at the National Science Foundation Information and Data Management (IDM) Workshop held in Seattle,Washington, Sep. 14–16, 2003, tech. report 2003-34, Center for Education and Research in Information Assurance and Security, Purdue Univ., Dec. 2003; www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2003-34.pdf. 3. “Internet Security Glossary,” The Internet Society, Aug. 2004; www.faqs.org/rfcs/rfc2828.html. 4. B. Bhargava and L. Lilien “Private and Trusted Collaborations,” to appear in Secure Knowledge Management (SKM 2004): A Workshop, 2004. 5. “Sensor Nation: Special Report,” IEEE Spectrum, vol. 41, no. 7, 2004.

21 Sept. 2006 21 References & Bibliography (2) 5. 6. R. Khare and A. Rifkin, “Trust Management on the World Wide Web,” First Monday, vol. 3, no. 6, 1998; www.firstmonday.dk/issues/issue3_6/khare. 7. M. Richardson, R. Agrawal, and P. Domingos,“Trust Management for the Semantic Web,” Proc. 2nd Int’l Semantic Web Conf., LNCS 2870, Springer-Verlag, 2003, pp. 351–368. 8. P. Schiegg et al., “Supply Chain Management Systems—A Survey of the State of the Art,” Collaborative Systems for Production Management: Proc. 8th Int’l Conf. Advances in Production Management Systems (APMS 2002), IFIP Conf. Proc. 257, Kluwer, 2002. 9.N.C. Romano Jr. and J. Fjermestad, “Electronic Commerce Customer Relationship Management: A Research Agenda,” Information Technology and Management, vol. 4, nos. 2–3, 2003, pp. 233–258. 10.“On Security Study of Two Distance Vector Routing Protocols for Mobile Ad Hoc Networks,” by W. Wang, Y. Lu and B. Bhargava, Proc. of IEEE Intl. Conf. on Pervasive Computing and Communications (PerCom 2003), Dallas-Fort Worth, TX, March 2003. http://www.cs.purdue.edu/homes/wangwc/PerCom03wangwc.pdf http://www.cs.purdue.edu/homes/wangwc/PerCom03wangwc.pdf 11.“Fraud Formalization and Detection,” by B. Bhargava, Y. Zhong and Y. Lu, Proc. of 5th Intl. Conf. on Data Warehousing and Knowledge Discovery (DaWaK 2003), Prague, Czech Republic, September 2003. http://www.cs.purdue.edu/homes/zhong/papers/fraud.pdfhttp://www.cs.purdue.edu/homes/zhong/papers/fraud.pdf 12.“e-Notebook Middleware for Accountability and Reputation Based Trust in Distributed Data Sharing Communities,” by P. Ruth, D. Xu, B. Bhargava and F. Regnier, Proc. of the Second International Conference on Trust Management (iTrust 2004), Oxford, UK, March 2004. http://www.cs.purdue.edu/homes/dxu/pubs/iTrust04.pdf http://www.cs.purdue.edu/homes/dxu/pubs/iTrust04.pdf 13.“Position-Based Receiver-Contention Private Communication in Wireless Ad Hoc Networks,” by X. Wu and B. Bhargava, submitted to the Tenth Annual Intl. Conf. on Mobile Computing and Networking (MobiCom’04), Philadelphia, PA, September - October 2004. http://www.cs.purdue.edu/homes/wu/HTML/research.html/paper_purdue/mobi04.pdf http://www.cs.purdue.edu/homes/wu/HTML/research.html/paper_purdue/mobi04.pdf

22 Sept. 2006 22 THE END

Download ppt "CS 6910: Advanced Computer and Information Security Lecture 1 Introduction to Trust in Computing * Prof. Leszek Lilien Western Michigan University and."

Similar presentations

www.dynamicsoft.com Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.
Trust Management of Services in Cloud Environments:

Trust Management of Services in Cloud Environments:
1 Trust-based Privacy Preservation for Peer-to-peer Data Sharing Y. Lu, W. Wang, D. Xu, and B. Bhargava yilu, wangwc, dxu, cs.purdue.edu Department.

1 Trust-based Privacy Preservation for Peer-to-peer Data Sharing Y. Lu, W. Wang, D. Xu, and B. Bhargava yilu, wangwc, dxu, cs.purdue.edu Department.
1 CS 6910: Advanced Computer and Information Security Lecture on 11/2/06 Trust in P2P Systems Ahmet Burak Can and Bharat Bhargava Center for Education.

1 CS 6910: Advanced Computer and Information Security Lecture on 11/2/06 Trust in P2P Systems Ahmet Burak Can and Bharat Bhargava Center for Education.
GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.

GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
On the Economics of P2P Systems Speaker Coby Fernandess.

On the Economics of P2P Systems Speaker Coby Fernandess.
6. Trust Negotiations and Trading Privacy for Trust * Presented by: Prof. Bharat Bhargava Department of Computer Sciences and Center for Education and.

6. Trust Negotiations and Trading Privacy for Trust * Presented by: Prof. Bharat Bhargava Department of Computer Sciences and Center for Education and.
Trust Establishment in Pervasive Grid Environments Syed Naqvi, Michel Riguidel TÉLÉCOM PARIS ÉNST É cole N ationale S upérieur des T élécommunications.

Trust Establishment in Pervasive Grid Environments Syed Naqvi, Michel Riguidel TÉLÉCOM PARIS ÉNST É cole N ationale S upérieur des T élécommunications.
1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.

1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.
Trust, Privacy, and Security Moderator: Bharat Bhargava Purdue University.

Trust, Privacy, and Security Moderator: Bharat Bhargava Purdue University.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Distributed DBMS© 2001 M. Tamer Özsu & Patrick Valduriez Page 0.1 Outline Introduction Background Distributed DBMS Architecture Distributed Database Design.

Distributed DBMS© 2001 M. Tamer Özsu & Patrick Valduriez Page 0.1 Outline Introduction Background Distributed DBMS Architecture Distributed Database Design.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Trust, Privacy, and Security Moderator: Bharat Bhargava 1 Coordinators: Bharat Bhargava 1, Csilla Farkas 2, and Leszek Lilien 1 1 Purdue University and.

Trust, Privacy, and Security Moderator: Bharat Bhargava 1 Coordinators: Bharat Bhargava 1, Csilla Farkas 2, and Leszek Lilien 1 1 Purdue University and.
1 --- 6/16/2015 9:20:53 PM 9. Role-Based Access Control (RBAC) Role Classification Algorithm Prof. Bharat Bhargava Center for Education and Research in.

/16/2015 9:20:53 PM 9. Role-Based Access Control (RBAC) Role Classification Algorithm Prof. Bharat Bhargava Center for Education and Research in.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 3: Trust assumptions and.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 3: Trust assumptions and.
Small Worlds and the Security of Ubiquitous Computing From : IEEE CNF Author : Harald Vogt Presented by Chen Shih Yu.

Small Worlds and the Security of Ubiquitous Computing From : IEEE CNF Author : Harald Vogt Presented by Chen Shih Yu.
TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks Xiaoqi Li, Michael R. Lyu, and Jiangchuan Liu IEEE Aerospace Conference March 2004.

TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks Xiaoqi Li, Michael R. Lyu, and Jiangchuan Liu IEEE Aerospace Conference March 2004.

Similar presentations

Ads by Google