Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Introduction to Decentralized Trust Management Sandro Etalle University of Twente thanks to William H. Winsborough – University of Texas S. Antonio.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "An Introduction to Decentralized Trust Management Sandro Etalle University of Twente thanks to William H. Winsborough – University of Texas S. Antonio."— Presentation transcript:

1 An Introduction to Decentralized Trust Management Sandro Etalle University of Twente thanks to William H. Winsborough – University of Texas S. Antonio. The DTM team of the UT (Ha, Marcin, Jeroen Jerry)

2 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 2 Overview Reputation-based trust management Rule-based trust management Problems & Challenges (rule-based systems)  scalability & chain discovery  trust negotiation  integrity constraints Conclusions

3 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 3 Reputation-based TM concrete community of cooks (200 people) need to interact with someone you don’t know,  to extablish trust: you ask your friends  and friends of friends ... some recommendations are better than other you check the record (if any)  after success trust increases reputation-based TM – rule-based TM – problems & challenges - conclusions

4 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 4 Reputation-based TM virtual p2p community of hackers (2000 people)  exchange programs & scripts need to interact with someone you don’t know, ... difference with concrete community:  larger, faster trust establishment has to be to some extent automatic reputation-based TM – rule-based TM – problems & challenges - conclusions

5 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 5 for instance reputation-based TM – rule-based TM – problems & challenges - conclusions

6 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 6 challenges trust metrics  how to model and compute trust  evaluating initial trust value  combining evidences, recommendations, reputation management of reputation data  secure & efficient retrieval of reputation data automating trust based decision closing the circle: using experience as feedback reputation-based TM – rule-based TM – problems & challenges - conclusions

7 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 7 Reputation-based TM: salient features open system (different security domains) trust is a measure & changes in time risk-based recommendation based (NOT identity-based) peers are not continuously available Some systems:  PGP,  EigenTrust Algorithm (Stanford) reputation-based TM – rule-based TM – problems & challenges - conclusions

8 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 8 rule-based TM: concrete example reputation-based TM – rule-based TM – problems & challenges - conclusions

9 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 9 rule-based tm, virtual scalability reputation-based TM – rule-based TM – problems & challenges - conclusions

10 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 10 RT: a language for rule-based tm family of languages [Li, Mitchell, Winsborough] four types of credentials EPub.discount  Alice EPub.discount  UTwente.student EPub.discount  FAB.accredited.student EPub.discount  UTwente.student  UTwente.student principal role name principal.rolename = Role trusting principaltrusted principal (somewhere else: delegation) reputation-based TM – rule-based TM – problems & challenges - conclusions attribute-based delegation

11 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 11 some language requirements [Bertino] Monotonicity Constraints (omitted) Credential combination Sensitive Policies reputation-based TM – rule-based TM – problems & challenges - conclusions

12 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 12 Reputation vs rule based TM open system (different security domains) trust is a measure & changes in time risk-based recommendation based (NOT identity-based) peers are not continuously available Some systems: PGP TBD open system (different security domains) trust is boolean & less time- dependent no risk rule (credential) based (NOT identity-based) peers are not continuously available Some systems: keynote, Trust-X reputation-based TM – rule-based TM – problems & challenges - conclusions

13 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 13 Problem 1: scalability attribute-based delegation:  accepting student ID from any university EPub.discount  FAB.accred.student FAB.accredited  UnivTwente UnivTwente.student  Alice Credential chain proves authorization. Scalability problem reputation-based TM – rule-based TM – problems & challenges - conclusions

14 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 14 Problem 2: trust negotiations credentials can be confidential credential disclosure is a matter of... trust three strategies [Seamons]  Naive  Reasonable  Informed additional problem: what do you do with the info in a credential after it has been disclosed reputation-based TM – rule-based TM – problems & challenges - conclusions

15 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 15 Problem 3: control Policies change in time: P  P1 ...  Pn A principal controls only a portion of the policy Delegating trust implies an understanding between principals,  Trusted principals need assistance  Who could get access to what? (Safety)  Who could be denied? (Availability) “No-one should ever be both a buyer and an accountant”  Mutual Exclusion reputation-based TM – rule-based TM – problems & challenges - conclusions

16 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 16 Conclusions Context:  2 or more parties in an open system.  parties are not in the same security domain. Goal  establish trust between parties to exchange information and services (access control) Constraint  access control decision is made NOT according to the party identity BUT according to the credentials it has reputation-based TM – rule-based TM – problems & challenges - conclusions

17 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 17 Open problems Analysis  safety analysis we are now working with Spin in RT0, for RTC (with constraints) nothing is available  of negotiations protocols w.r.t. the TM goals. Integration with other systems  e.g. privacy protection location-dependent policies  ambient calculi? DRM Semantics is not correct when considering:  chain discovery  negotiations is not modular  certainly possible to improve this using previous work on omega-semantics. Types

18 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 18 Integrity Constraints: General Form General: L.l ⊒ R.r  Formally, L.l ⊒ R.r holds in P ( P ⊢ L.l ⊒ R.r) iff [[L.l]] P  [[R.r]] P  sets and intersections are allowed Special cases  Membership: A.r ⊒ { D 1, …, D n }  Boundedness: { D 1, …, D n } ⊒ A.r  expressiveness is limited (it is a universal formula) but we can express all safety properties of [LWM03]  counterexample: at least a manager should have access to the DB

19 IPA Herfstdagen SecurityEtalle: Decentralized Trust Management. 19 Examples buyers and accountants should be disjoint   ⊒ A.buyer  A.accountant every employee should have access to the WLAN network  WLAN.access ⊒ UT.employee welders of BOVAG-accredited workshops should be fellows of the British Institute of Welding Bovag.welder  Bovag.accr.welder Bovag.accr  PietersWorkshop PietersWorkshop.welder  Pieter  BIW.fellow ⊒ Bovag.welder

Download ppt "An Introduction to Decentralized Trust Management Sandro Etalle University of Twente thanks to William H. Winsborough – University of Texas S. Antonio."

Similar presentations

Logical Model and Specification of Usage Control Xinwen Zhang, Jaehong Park Francesco Parisi-Presicce, Ravi Sandhu George Mason University.

Logical Model and Specification of Usage Control Xinwen Zhang, Jaehong Park Francesco Parisi-Presicce, Ravi Sandhu George Mason University.
Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun. 2005 Ionut Constandache Daniel Olmedilla.

Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun Ionut Constandache Daniel Olmedilla.
University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.

University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.
An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.

An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.
Decentralized Trust Management Sandro Etalle Jerry den Hartog.

Decentralized Trust Management Sandro Etalle Jerry den Hartog.
Rule based Trust management using RT - second lecture Sandro Etalle thanks to Ninghui Li - Purdue William H. Winsborough – University of Texas S. Antonio.

Rule based Trust management using RT - second lecture Sandro Etalle thanks to Ninghui Li - Purdue William H. Winsborough – University of Texas S. Antonio.
Deeper Security Analysis of Web-based Identity Federation Apurva Kumar IBM Research – India.

Deeper Security Analysis of Web-based Identity Federation Apurva Kumar IBM Research – India.
The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Responding to Policies at Runtime in TrustBuilder Bryan Smith, Kent E. Seamons, and Michael D. Jones Computer Science Department Brigham Young University.

Responding to Policies at Runtime in TrustBuilder Bryan Smith, Kent E. Seamons, and Michael D. Jones Computer Science Department Brigham Young University.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.

1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.
Enterprise Privacy Promises and Enforcement Adam Barth John C. Mitchell.

Enterprise Privacy Promises and Enforcement Adam Barth John C. Mitchell.
Trust, Privacy, and Security Moderator: Bharat Bhargava Purdue University.

Trust, Privacy, and Security Moderator: Bharat Bhargava Purdue University.
Trust Management II Anupam Datta Fall 2007-08 18739A: Foundations of Security and Privacy.

Trust Management II Anupam Datta Fall A: Foundations of Security and Privacy.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
11 World-Leading Research with Real-World Impact! RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman.

11 World-Leading Research with Real-World Impact! RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
RETSINA: A Distributed Multi-Agent Infrastructure for Information Gathering and Decision Support The Robotics Institute Carnegie Mellon University PI:

RETSINA: A Distributed Multi-Agent Infrastructure for Information Gathering and Decision Support The Robotics Institute Carnegie Mellon University PI:
First Practice - Information Security Management System Implementation and ISO 27001 Certification.

First Practice - Information Security Management System Implementation and ISO Certification.

Similar presentations

Ads by Google