Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trust and Security Third Workshop Yonatan Zetuny, Gabor Terstyanszky, Stephen Winter, Peter Kacsuk Centre for Parallel Computing Cavendish School of Informatics.

Similar presentations


Presentation on theme: "Trust and Security Third Workshop Yonatan Zetuny, Gabor Terstyanszky, Stephen Winter, Peter Kacsuk Centre for Parallel Computing Cavendish School of Informatics."— Presentation transcript:

1 Trust and Security Third Workshop Yonatan Zetuny, Gabor Terstyanszky, Stephen Winter, Peter Kacsuk Centre for Parallel Computing Cavendish School of Informatics University of Westminster 08 July, 2008 Key words: Grid Security, Reputation, Policy, Trust Model, Resource Selection http://www.cpc.wmin.ac.uk

2 Research Background Toward Reputation-Policy Based Trust in Grid computing Reputation-Policy Trust Model Grid Reputation-Policy Trust Management Service Architecture Test bed deployment, simulation & experiments Summary Yonatan Zetuny - Trust and Security Third Workshop2

3  Two common approaches for managing trust:  Policy based: Web services, E-Commerce  Reputation based: P2P, Ad-hoc networks  Traditional Grids use CA security measurements to enable trust between parties  Current research efforts focus on integrating one of the two approaches for managing trust.  Identified needs for:  Establishing dynamic evaluation of resources to manage risk of workflow execution failure  Autonomic trust decision making based on reputation evaluation strategy  Expressing reputation using policy assertions in order to promote semantic interoperability. Yonatan Zetuny - Trust and Security Third Workshop3

4  Provided argument that:  Reputation-policy based approach should be considered in order to provide a complete resolution for dynamic trust establishment between Grid resources.  Reputation provides trust evaluation measurements in dynamic scenarios where parties are not known to each other.  Policy provides strong ties to standards and interoperability.  Suggested synergistic approach where:  Grid clients (e.g. brokers, monitoring toolkits) are able to encapsulate reputation evaluation requirements inside a policy file.  These requirements constitute as a complete blueprint for a trust metrics algorithm.  Novelty points:  Synergistic model - combining policy framework with a reputation algorithm (not used in Grid computing so far)  modelling reputation as policy assertions –  Trust model integrates an evaluation model as well as a decision model.  Exoteric and extensible trust metrics algorithm.  Use of fuzzy logic to model uncertainties and subjective opinions on trust. Yonatan Zetuny - Trust and Security Third Workshop4

5 Traditional Grid security research addressed trust through security mechanisms. The need for reputation evaluation of Grid resources as Grid shifts to ubiquitous and pervasive computing models. Few attempts to apply Reputation based TMS (GridEigenTrust, PathTrust, PeerTrust, etc) Limitations of current solutions – single, deterministic, community based reputation algorithm disallowing user participation in the trust evaluation process. Grid clients are not able to calculate the trust value of a Grid resource by specifying their own trust evaluation criteria and as a result, they are obliged to rely on a community reputation algorithm to compute trust values. Yonatan Zetuny - Trust and Security Third Workshop5

6  Allowing Grid clients to carry out an active involvement in the trust and reputation evaluation process.  Enabling Grid clients to augment their existing reputation queries with a set of reputation policy statements.  Encapsulating both evaluation decision models, therefore providing complete trust metrics for the reputation algorithm and allowing decision support based on supplied criteria.  Three properties: Synergistic, Exoteric, Heuristic. Yonatan Zetuny - Trust and Security Third Workshop6

7 Distributed data model: trust data is divided between Grid client and reputation algorithm. Model contains three artefacts: ◦ Trust Decision Strategy (TDS) > Heuristics  Trust Evaluation Model > Subjective view  Trust Decision Model > Opportunistic view ◦ Opinion Matrices (OM)  Store and manipulate historical execution data ◦ Correlation Process (CP)  Correlates each opinion element in the TDS with its historical ratings in the OM.  Computes trust values using an Opinion Summary Table (OST). Yonatan Zetuny - Trust and Security Third Workshop7

8  Represented by Fuzzy Tree Model (FTM) expressing reputation-policy statements which are defined by trusting agents.  Ramified into two branches:  Trust Evaluation Model (TEM) ▪ Permutation of opinions representing subjective trust building blocks (e.g. availability, reliability, cost, etc).  Trust Decision Model (TDM) ▪ Potential trust value calculation outcomes and opportunistic correspondent courses of actions.  Provides complete trust metrics for the reputation algorithm. Yonatan Zetuny - Trust and Security Third Workshop8

9 9

10  Provides subjective view on trust.  A Client defines a finite set of opinions where each opinion represents a building block of trust (e.g. availability, data accuracy, cost, etc)  Client opinions must be a subset of opinions applicable for the VO (Defined by MP).  Each opinion is dependent on one or more sources of references for historical trust data.  A source can have one of the following values: experience, reputation or combination of experience and reputation.  A weight rule is a special constraint which indicates the importance of one set item over another (decisions, opinions, sources).  Each weight rule uses a fuzzy value [0…1] to indicate a degree of importance. Yonatan Zetuny - Trust and Security Third Workshop10

11  Provides opportunistic view on trust  A client defines a finite set of decision rules to indicate potential trust value calculation outcomes and potential courses of action.  Trust values are fuzzified using membership functions defined by the client.  Rules are modelled as fuzzy logic sets where each trust level calculation is coupled with it’s membership function to indicate a degree of belonging to each set. Yonatan Zetuny - Trust and Security Third Workshop11

12 Yonatan Zetuny - Trust and Security Third Workshop12 TDS = {TEM; (TDR1;TDR2; … ;TDRn)}

13  Tabular data structures which store the historical evaluation feedback values reported by trusting agents.  For each opinion defined in the MP universe there is one and only one correspondent matrix, storing evaluation feedback data regarding that opinion.  When an execution is completed, a trusting agent is required to rate the quality of the transaction using an evaluation feedback mechanism. This mechanism gathers a score value for each opinion originally defined by the trusting agent using the trust decision strategy. Yonatan Zetuny - Trust and Security Third Workshop13

14 Yonatan Zetuny - Trust and Security Third Workshop14  M(O) Matrix M for an Opinion O  Calculation of matrix value V(i,j) Values are based on time series distribution, trust decay function, cut off time and weighted mean

15  Involves matching each opinion defined in TDS with its historical references in the OMs and calculating the trust value for that opinion.  Each TDS opinion type is routed via the MP in order to return a correspondent OM.  The CP examines the opinion’s source nodes (experience, reputation) and their weight factors.  The CP generates two vectors: experience vector and reputation vector and calculates the opinion value using a standard mean: Yonatan Zetuny - Trust and Security Third Workshop15

16 Yonatan Zetuny - Trust and Security Third Workshop16

17 Yonatan Zetuny - Trust and Security Third Workshop17 GREPTrust is comprised of three domains: Client Domain – Grid Client, TDS Data Store Service Domain – Querying Manager, Feedback Manager and Admin Manager Data Domain – Reputation-Policy Data Store

18  There are three major scenarios regarding reputation-policy querying management:  The Grid client submits a Reputation-Policy Query (RPQ) to the GREPTrust resource.  The GREPTrust resource processes the RPQ, generates Reputation-Policy Report (RPR) and delivers it to the Grid client.  The Grid client utilises the RPR in order to make a decision on which resource(s) to submit the job to. Yonatan Zetuny - Trust and Security Third Workshop18

19 Yonatan Zetuny - Trust and Security Third Workshop19

20  The Grid client contacts the TDS data store using a strategy identifier specified by the user when he submitted the job.  The TDS data store returns the TDS file back to the Grid client.  The Grid client assembles a reputation-policy query containing the following parameters:  Identifier of the Grid client.  Identifiers of the resources to be evaluated. (This is assumed to be previously obtained via a Grid Information Service).  Cut-off date - the start date of which to gather the feedback data. Null value assumes to use the earliest date a feedback was ever submitted  Trust decay function identifier – the rate of trust of trust decay. This results in assigning a weight to each submitted feedback given higher precedence of importance to feedbacks submitted recently. The Grid client can submit custom decay functions but for the purpose of the simulation 3 functions are supported: (1/x, 1/x^2 and exp (x)). Null value assumes no trust decay function to be used.  The TDS file to be processed.  The Grid client submits the reputation-policy query to the GREPTrust resource for processing the TDS and returning a reputation-policy report. Yonatan Zetuny - Trust and Security Third Workshop20

21 ParameterValueType ClientID1String Resources1,2String[] CutoffDateTime20080520Date TrustDecayFunction3 (Exponential)String TrustDecisionStrategy String Yonatan Zetuny - Trust and Security Third Workshop21 Grid ClientGREPTrust

22  GREPTrust resource receives a new RPQ:  RPQ is dispatched to the Query Manager (QM)  The QM validates the RPQ and submits it to the Reputation Algorithm (RA) for processing: ▪ Step 1: Processing the TDS Evaluation Model ▪ Step 2: Processing the TDS Decision Model ▪ Step 3: Generating Reputation-Policy Report Yonatan Zetuny - Trust and Security Third Workshop22

23 Yonatan Zetuny - Trust and Security Third Workshop23

24 Yonatan Zetuny - Trust and Security Third Workshop24 STEP1: Process TDS Evaluation Model STEP2: Process TDS Decision Model STEP3: Generate Reputation-Policy Report

25 Yonatan Zetuny - Trust and Security Third Workshop25

26 Yonatan Zetuny - Trust and Security Third Workshop26

27 Yonatan Zetuny - Trust and Security Third Workshop27

28 Yonatan Zetuny - Trust and Security Third Workshop28 Permutation of opinions Permutation of Sources

29 Yonatan Zetuny - Trust and Security Third Workshop29 Term names The value of the trust_value variable has to be converted into degrees of membership for the membership functions defined on the variable. Input variable Membership functions

30 Yonatan Zetuny - Trust and Security Third Workshop30 Trust Value: 0.11 Good: 0.22 Poor: 0.78 Excl: 0.00

31 Yonatan Zetuny - Trust and Security Third Workshop31 IF trust_value IS poor THEN trust_level IS none IF trust_value IS good THEN trust_level IS limited IF trust_value IS excellent THEN trust_level IS full trust level: 0.32 Accumulation Method: MAX Defuziffication Method: COG Implication Method: MIN trust value: 0.11

32 Yonatan Zetuny - Trust and Security Third Workshop32 Output variable A linguistic variable – trust_level for an output variable has to be converted into a value. Membership functions

33 Yonatan Zetuny - Trust and Security Third Workshop33 The inference of the fuzzy algorithm is defined in one or more rule blocks. Each rule block defines a predicate based on de Morgan’s Law. Each rule block has a unique name defining a distinct set. M = {(x1,μM(x1)), (x2,μM(x2)),,..,(xn,μM(xn))}, xi mem G, i=1,2,..n (A.1) ConclusionConditionRule block/ID Output variable

34 Yonatan Zetuny - Trust and Security Third Workshop34 TDM: Trust Level TDM: Degree membership Quantitative methodologies for modelling Subjective & Opportunistic perception on trust… Quantitative methodologies for modelling Subjective & Opportunistic perception on trust…

35 Yonatan Zetuny - Trust and Security Third Workshop35 Decoupling the model’s logic from the actual domain using IQueryManager interface GridSIM simulation environment Providing both scheduled and manual based approaches Historical Data Strategy Selection Reputation- Policy Query Reputation Analytics – Evaluations and decisions based on existing and preselected data Reports

36  Performance studies – Does this model really allow prudent resource selection? Behaviour – How does this model behaves under various conditions? How will different strategies effect the recommended resources? What are the limitations?  Time series analysis  Correlation analysis  Epistemology studies– How does the knowledge provided manage execution risk? How can Grid client applications make use of the model? Analytics - statistical analysis in order to discover and understand historical patterns  Cognitive studies - can we use this model to develop patterns for resource selection? Machine learning? Knowledge management?  Repercussions and merits of the model on Grid computing Yonatan Zetuny - Trust and Security Third Workshop36

37  Reputation-Policy Trust Model behaviour - experiment with different test case scenarios.  Deployment on simulation environment.  Scalability and performance of the GREPTrust architecture. Yonatan Zetuny - Trust and Security Third Workshop37

38 Novel paradigm for managing trust in Grid computing. Adaptable Reputation-policy trust model vs. current Grid reputation models which offer single, community-based deterministic reputation algorithm. Reputation-policy trust model allows fine-grained resource selection based on a trust decision strategy defined by a trusting agent as opposed to the reputation algorithm. Synergistic TDS - trust decision strategy definition using opinions, sources and rules. Internal artefacts of the model TDS, OM and CMP were proposed in order to support trust data. Questions/Comments/Suggestions? Yonatan Zetuny - Trust and Security Third Workshop38


Download ppt "Trust and Security Third Workshop Yonatan Zetuny, Gabor Terstyanszky, Stephen Winter, Peter Kacsuk Centre for Parallel Computing Cavendish School of Informatics."

Similar presentations


Ads by Google