 |
Trust and Trustworthiness 2015 (Part 1) |
Trust is created in information security through cryptography to assure the identity of external parties. Trust is essential to cybersecurity and to the Science of Security hard problem of composability. The research work cited here regarding trust and trustworthiness was presented in 2015.
J. M. Seigneur, “Wi-Trust: Improving Wi-Fi Hotspots Trustworthiness with Computational Trust Management,” ITU Kaleidoscope: Trust in the Information Society (K-2015), 2015, Barcelona, 2015, pp. 1-6. doi: 10.1109/Kaleidoscope.2015.7383629
Abstract: In its list of top ten smartphone risks, the European Union Agency for Network and Information Security ranks Network Spoofing Attacks as number 6. In this paper, we present how we have validated different computational trust management techniques by means of implemented prototypes in real devices to mitigate malicious legacy Wi-Fi hotspots including spoofing attacks. Then we explain how some of these techniques could be more easily deployed on a large scale thanks to simply using the available extensions of Hotspot 2.0, which could potentially lead to a new standard to improve Wi-Fi networks trustworthiness.
Keywords: smart phones; trusted computing; wireless LAN; European Union Agency for Network and Information Security; Hotspot 2.0; Wi-Fi hotspots trustworthiness; Wi-trust; computational trust management; malicious legacy Wi-Fi hotspots; network spoofing attacks; smartphone risks; Authentication; Computational modeling; Engines; IEEE 802.11 Standard; Measurement; Quality of service; Wi-Fi; computational trust; public hotspot (ID#: 16-11278)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7383629&isnumber=7383613
P. Mishra, S. Bhunia and S. Ravi, “Validation and Debug of Security and Trust Issues in Embedded Systems,” 2015 28th International Conference on VLSI Design, Bangalore, 2015, pp. 3-5. doi: 10.1109/VLSID.2015.110
Abstract: Summary form only given. Reusable hardware intellectual property (IP) based System-on-Chip (SoC) design has emerged as a pervasive design practice in the industry to dramatically reduce design/verification cost while meeting aggressive time-to-market constraints. However, growing reliance on reusable pre-verified hardware IPs and wide array of CAD tools during SoC design - often gathered from untrusted 3rd party vendors - severely affects the security and trustworthiness of SoC computing platforms. Major security issues in the hardware IPs at different stages of SoC life cycle include piracy during IP evaluation, reverse engineering, cloning, counterfeiting, as well as malicious hardware modifications. The global electronic piracy market is growing rapidly and is now estimated to be $1B/day, of which a significant part is related to hardware IPs. Furthermore, use of untrusted foundry in a fabless business model greatly aggravates the SoC security threats by introducing vulnerability of malicious modifications or piracy during SoC fabrication. Due to ever-growing computing demands, modern SoCs tend to include many heterogeneous processing cores, scalable communication network, together with reconfigurable cores e.g. embedded FPGA in order to incorporate logic that is likely to change as standards and requirements evolve. Such design practices greatly increase the number of untrusted components in the SoC design flow and make the overall system security a pressing concern. There is a critical need to analyze the SoC security issues and attack models due to involvement of multiple untrusted entities in SoC design cycle — IP vendors, CAD tool developers, and foundries — and develop low-cost effective countermeasures. These countermeasures would encompass encryption, obfuscation, watermarking and fingerprinting, and certain analytic methods derived from the behavioral aspects of SoC to enable trusted operation with untrusted components. In this tutorial, we plan to prov- de a comprehensive coverage of both fundamental concepts and recent advances in validation of security and trust of hardware IPs. The tutorial also covers the security and debug trade-offs in modern SoCs e.g., more observability is beneficial for debug whereas limited observability is better for security. It examines the state-of-the-art in research in this challenging area as well as industrial practice, and points to important gaps that need to be filled in order to develop a validation and debug flow for secure SoC systems. The tutorial presenters (one industry expert and two faculty members) will be able to provide unique perspectives on both academic research and industrial practices. The selection of topics covers a broad spectrum and will be of interest to a wide audience including design, validation, security, and debug engineers. The proposed tutorial consists of five parts. The first part introduces security vulnerabilities and various challenges associated with trust validation for hardware IPs. Part II covers various security attacks and countermeasures. Part III covers both formal methods and simulation-based approaches for security and trust validation. Part IV presents the conflicting requirements between security and debug during SoC development and ways to address them. Part V covers real-life examples of security failures and successful countermeasures in industry. Finally, Part VI concludes this tutorial with discussion on emerging issues and future directions.
Keywords: computer debugging; embedded systems; industrial property; security of data; system-on-chip; SoC computing platforms; debug flow; formal methods; hardware IP; reusable hardware intellectual property; security attacks; security failures; security validation; security vulnerabilities; trust validation; Awards activities; Design automation; Hardware; Security; System-on-chip; Tutorials; Very large scale integration (ID#: 16-11279)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7031691&isnumber=7031671
R. Weiss et al., “Trust Evaluation in Mobile Devices: An Empirical Study,” Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 25-32. doi: 10.1109/Trustcom.2015.353
Abstract: Mobile devices today, such as smartphones and tablets, have become both more complex and diverse. This paper presents a framework to evaluate the trustworthiness of the individual components in a mobile system, as well as the entire system. The major components are applications, devices and networks of devices. Given this diversity and multiple levels of a mobile system, we develop a hierarchical trust evaluation methodology, which enables the combination of trust metrics and allows us to verify the trust metric for each component based on the trust metrics for others. The paper first demonstrates this idea for individual applications and Android-based smartphones. The methodology involves two stages: initial trust evaluation and trust verification. In the first stage, an expert rule system is used to produce trust metrics at the lowest level of the hierarchy. In the second stage, the trust metrics are verified by comparing data from components and a trust evaluation is produced for the combined system. This paper presents the results of two empirical studies, in which this methodology is applied and tested. The first study involves monitoring resource utilization and evaluating trust based on resource consumption patterns. We measured battery voltage, CPU utilization and network communication for individual apps and detected anomalous behavior that could be indicative of malicious code. The second study involves verification of the trust evaluation by comparing the data from two different devices: the GPS location from an Android smartphone in an automobile and the data from an on-board diagnostics (OBD) sensor of the same vehicle.
Keywords: Android (operating system); expert systems; mobile computing; power aware computing; program verification; resource allocation; smart phones; system monitoring; trusted computing; voltage measurement; Android smartphone; Android-based smartphones; CPU utilization; GPS location; OBD sensor; anomalous behavior detection; battery voltage measurement; expert rule system; hierarchical trust evaluation methodology; mobile devices; network communication; onboard diagnostics sensor; resource consumption patterns; resource utilization monitoring; tablets; trust metrics; trust verification; trustworthiness evaluation; Computer science; Electronic mail; Measurement; Privacy; Security; Smart phones; security (ID#: 16-11280)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345261&isnumber=7345233
T. Fadai, S. Schrittwieser, P. Kieseberg and M. Mulazzani, “Trust me, I'm a Root CA! Analyzing SSL Root CAs in Modern Browsers and Operating Systems,” Availability, Reliability and Security (ARES), 2015 10th International Conference on, Toulouse, 2015, pp. 174-179. doi: 10.1109/ARES.2015.93
Abstract: The security and privacy of our online communications heavily relies on the entity authentication mechanisms provided by SSL. Those mechanisms in turn heavily depend on the trustworthiness of a large number of companies and governmental institutions for attestation of the identity of SSL services providers. In order to offer a wide and unobstructed availability of SSL-enabled services and to remove the need to make a large amount of trust decisions from their users, operating systems and browser manufactures include lists of certification authorities which are trusted for SSL entity authentication by their products. This has the problematic effect that users of such browsers and operating systems implicitly trust those certification authorities with the privacy of their communications while they might not even realize it. The problem is further complicated by the fact that different software vendors trust different companies and governmental institutions, from a variety of countries, which leads to an obscure distribution of trust. To give insight into the trust model used by SSL this thesis explains the various entities and technical processes involved in establishing trust when using SSL communications. It furthermore analyzes the number and origin of companies and governmental institutions trusted by various operating systems and browser vendors and correlates the gathered information to a variety of indexes to illustrate that some of these trusted entities are far from trustworthy. Furthermore it points out the fact that the number of entities we trust with the security of our SSL communications keeps growing over time and displays the negative effects this might have as well as shows that the trust model of SSL is fundamentally broken.
Keywords: certification; cryptographic protocols; data privacy; message authentication; online front-ends; operating systems (computers); trusted computing; CAs; SSL communications; SSL entity authentication; SSL root; SSL-enabled services; browsers; certification authorities; entity authentication mechanisms; online communications; operating systems; privacy; root certificate programs; security; trust model; Browsers; Companies; Government; Indexes; Internet; Operating systems; Security; CA; PKI; trust
(ID#: 16-11281)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7299911&isnumber=7299862
S. Singh and J. Sidhu, “A Collaborative Trust Calculation Scheme for Cloud Computing Systems,” 2015 2nd International Conference on Recent Advances in Engineering & Computational Sciences (RAECS), Chandigarh, 2015, pp. 1-5. doi: 10.1109/RAECS.2015.7453380
Abstract: One of the major hurdles in the widespread use of cloud computing systems is the lack of trust between consumer and service provider. Lack of trust can put consumer's sensitive data and applications at risk. Consumers need assurance that service providers will provide services as per agreement and will not deviate from agreed terms and conditions. Though trust is a subjective term, it can be measured objectively also. In this paper we present the design and simulation of a collaborative trust calculation scheme in which trust on a service provider is build by participants in a collaborative way. Each collaborator shares its experience of service provider with the coordinator and then shared experiences are aggregated by coordinator to compute final trust value which represents the trustworthiness of service provider. The scheme makes use of fuzzy logic to aggregate responses and to handle uncertain and imprecise information. Collaborative trust calculation scheme makes it difficult for untrustworthy service provider to build its reputation in the system by providing quality services only to a selected set of participants. A service provider has to provide agreed services to all participants uniformly in order to build reputation in the environment. Simulation has been done using MATLAB toolkit. Simulation results show that the scheme is workable and can be adopted for use in collaborative cloud computing systems to determine trustworthiness of service providers.
Keywords: cloud computing; fuzzy logic; trusted computing; Matlab toolkit; cloud computing systems; collaborative trust calculation scheme; consumer sensitive data; final trust value; untrustworthy service provider; Aggregates; Cloud computing; Collaboration; Computational modeling; Fuzzy logic; Quality of service; Security; trustworthiness (ID#: 16-11282)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7453380&isnumber=7453273
G. Ducatel, “Identity as a Service: A Cloud Based Common Capability,” Communications and Network Security (CNS), 2015 IEEE Conference on, Florence, 2015, pp. 675-679. doi: 10.1109/CNS.2015.7346886
Abstract: Driven by benefits in cost efficiency, scale, ease of access and of resource, service and information sharing, the cloud is becoming the power engine to pervasive ICT (Information and Communication Technology). Identity and Access Management has become a prime target to enable trust establishment for cloud services and IoT (Internet of Things). Turning IAM (Identity and Access Management) solutions into IDaaS (Identity as a Service) helps providing ubiquitous identity solutions. In this paper we present a framework for IDaaS emphasizing the aspects relating to identity federation and lifecycle management. Our design approach allows re-sellers and users to view and validate compliance requirements. We present identity as holistic and centralised function and we articulate the benefit of such approach emphasizing on improvements in assurance and trustworthiness. We investigate specific trust issues and suggest identity assurance checks that give organisations the required insight to understand risks, and techniques to mitigate these risks.
Keywords: Internet of Things; cloud computing; security of data; ubiquitous computing; IDaaS; Internet-of-things; IoT; assurance improvement; cloud based common capability; cloud services; cost efficiency; ease-of-access; identity federation; identity-and-access management; identity-as-a-service; information sharing; information-and-communication technology; lifecycle management; pervasive ICT; power engine; resource sharing; service sharing; trustworthiness improvement; Cloud computing; Conferences; Cryptography; Privacy; Standards; IAM; identity (ID#: 16-11283)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7346886&isnumber=7346791
X. Shen, H. Long and C. Ma, “Incorporating Trust Relationships in Collaborative Filtering Recommender System,” Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), 2015 16th IEEE/ACIS International Conference on, Takamatsu, 2015, pp. 1-8. doi: 10.1109/SNPD.2015.7176248
Abstract: Nowadays with the readily accessibility of online social networks (OSNs), people are facilitated to share interesting information with friends through OSNs. Undoubtedly these sharing activities make our life more fantastic. However, meanwhile one challenge we have to face is information overload that we do not have enough time to review all of the content broadcasted through OSNs. So we need to have a mechanism to help users recognize interesting items from a large pool of content. In this project, we aim at filtering unwanted content based on the strength of trust relationships between users. We have proposed two kinds of trust models-basic trust model and source-level trust model. The trust values are estimated based on historical user interactions and profile similarity. We estimate dynamic trusts and analyze the evolution of trust relationships over dates. We also incorporate the auxiliary causes of interactions to moderate the noisy effect of user's intrinsic tendency to perform a certain type of interaction. In addition, since the trustworthiness of diverse information sources are rather distinct, we further estimate trust values at source-level. Our recommender systems utilize several types of Collaborative Filtering (CF) approaches, including conventional CF (namely user-based, item-based, singular value decomposition (SVD)based), and also trust-combined user-based CF. We evaluate our trust models and recommender systems on Friendfeed datasets. By comparing the evaluation results, we found that the recommendations based on estimated trust relationships were better than conventional CF recommendations.
Keywords: collaborative filtering; recommender systems; security of data; singular value decomposition; social networking (online); user interfaces; Friendfeed datasets; OSN; basic trust model; collaborative filtering recommender system; historical user interactions; interesting item recognition; item-based type; online social networks; profile similarity; sharing activities; singular value decomposition-based type; source-level trust model; trust relationship evolution; trust value estimation; trust-combined user-based CF; user-based type; Analytical models; Collaboration; Computational modeling; Facebook; Recommender systems; Collaborative Filtering; Online Social Network; Recommender System; Trust Relationship; User Interaction (ID#: 16-11284)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7176248&isnumber=7176160
K. Gomathi and B. Parvathavarthini, “A Secure Clustering in MANET Through Direct Trust Evaluation Technique,” Cloud Computing (ICCC), 2015 International Conference on, Riyadh, 2015, pp. 1-6. doi: 10.1109/CLOUDCOMP.2015.7149624
Abstract: Ad hoc network is a self organizing wireless network, made up of mobile nodes that act in both way as node and router. Wired network with fixed infrastructure defense against attacks using firewalls and gateways, nevertheless for wireless network with dynamic structure attacks can come from anywhere and at any time, because mobile nodes are unguarded to security attacks. To ensure secure data transmission and for proper functioning of network operations trustworthiness of the node has to be proved before initiating any group activity. When MANET nodes are used for large scale operations, dynamic nature of the MANET induces many problems in terms of routing delay, bandwidth and resource consumption. Consequently many clustering algorithms invented by researchers for betterment of MANET resources. With this objective trust based clustering is used to divide the whole network into sub groups based on trust value. The trustworthiness of the node is evaluated by direct trust evaluation technique and the trust value at each node is calculated as fuzzy value and it lies in between zero and one. The sub group(cluster) security is ensured by electing trustworthy node as Cluster Head(CH). Finally the proposed Trust based Clustering Algorithm(TBCA) is proved its superiority with existing Enhanced Distributed Weighted Clustering Algorithm(EDWCA) based on some metrics like delay, PDR, packet drop and overhead etc.
Keywords: fuzzy set theory; mobile ad hoc networks; pattern clustering; telecommunication security; trusted computing; EDWCA; MANET nodes; TBCA; ad hoc network; cluster head; clustering algorithms; direct trust evaluation technique; enhanced distributed weighted clustering algorithm; fuzzy value; mobile nodes; node trustworthiness; objective trust based clustering; secure data transmission; security attacks; self organizing wireless network; trust based clustering algorithm; trust value; Clustering algorithms; Delays; Mobile ad hoc networks; Nominations and elections; Routing; Thigh (ID#: 16-11285)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7149624&isnumber=7149613
M. S. Khan, D. Midi, M. I. Khan and E. Bertino, “Adaptive Trust Update Frequency in MANETs,” Parallel and Distributed Systems (ICPADS), 2015 IEEE 21st International Conference on, Melbourne, VIC, 2015, pp. 132-139. doi: 10.1109/ICPADS.2015.25
Abstract: Most of the existing trust-based security schemes for MANETs compute and update the trustworthiness of the other nodes with a fixed frequency. Although this approach works well in some scenarios, some nodes may not be able to afford the periodical trust update due to the limited resources in energy and computation power. To avoid energy depletion and extend the network lifetime, trust-based security schemes need approaches to update the trust taking into account the network conditions at each node. At the same time, a trade-off in terms of packet loss rate, false positives, detection rate, and energy of nodes is needed for network performance. In this paper, we first investigate the impact of trust update frequency on energy consumption and packet loss rate. We then identify network parameters, such as packet transmission rate, packet loss rate, remaining node energy, and rate of link changes, and leverage these parameters to design an Adaptive Trust Update Frequency scheme that takes into account runtime network conditions. The evaluation of our prototype shows significant improvements in the tradeoff between energy saving and packet loss rate over traditional fixed-frequency approaches.
Keywords: energy consumption; mobile ad hoc networks; telecommunication security; MANET; adaptive trust update frequency; energy depletion; energy saving; packet loss rate; packet transmission rate; remaining node energy; runtime network conditions; trust-based security schemes; trustworthiness; Ad hoc networks; Energy consumption; Mobile computing; Monitoring; Packet loss; Security (ID#: 16-11286)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7384288&isnumber=7384203
J. R. Gandhi and R. H. Jhaveri, “Addressing Packet Forwarding Misbehaviour Using Trust-Based Approach in Ad-Hoc Networks: A Survey,” Signal Processing and Communication Engineering Systems (SPACES), 2015 International Conference on, Guntur, 2015, pp. 391-396. doi: 10.1109/SPACES.2015.7058292
Abstract: Mobile ad hoc networks (MANETs) are spontaneously deployed over a geographically limited area without well-established infrastructure. In a distributed Mobile Ad Hoc Network (MANET), collaboration and cooperation is critical concern to managing trust. The networks work well only if the mobile nodes are trusty and behave cooperatively. Due to the openness in network topology and absence of a centralized administration in management, MANETs are very vulnerable to various attacks from malicious nodes. In order to reduce the hazards from such nodes and enhance the security of network, trust-based model is used to evaluate the trustworthiness of nodes. Trust-based approach provides a flexible and feasible approach to choose the shortest route that meets the security requirement of data packets transmission. This paper focuses on trust management with their properties and provides a survey of various trust-based approaches and it proposes some novel conceptions on trust management in MANETs.
Keywords: mobile ad hoc networks; telecommunication network topology; telecommunication security; MANET; centralized administration; data packets transmission; geographically limited area; malicious nodes; network security; network topology; packet forwarding misbehaviour; trust management; trust-based approach; trust-based model; Ad hoc networks; Delays; Mobile computing; Quality of service; Routing; Routing protocols; Security; Properties of Trust; Trust; Trust Management (ID#: 16-11287)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058292&isnumber=7058196
N. Djedjig, D. Tandjaoui and F. Medjek, “Trust-based RPL for the Internet of Things,” 2015 IEEE Symposium on Computers and Communication (ISCC), Larnaca, 2015, pp. 962-967. doi: 10.1109/ISCC.2015.7405638
Abstract: The Routing Protocol for Low-Power and Lossy Networks (RPL) is the standardized routing protocol for constrained environments such as 6LoWPAN networks, and is considered as the routing protocol of the Internet of Things (IoT). However, this protocol is subject to several internal and external attacks. In fact, RPL is facing many issues. Among these issues, trust management is a real challenge when deploying RPL. In this paper, we highlight and discuss the different issues of trust management in RPL. We consider that using only TPM (Trust Platform Module) to ensure trustworthiness between nodes is not sufficient. Indeed, an internal infected or selfish node could participate in constructing RPL topology. To overcome this issue, we propose to strengthen RPL by adding a new trustworthiness metric during RPL construction and maintenance. This metric represents the level of trust for each node in the network, and is calculated using selfishness, energy, and honesty components. It allows a node to decide whether or not to trust the other nodes during the construction of the topology.
Keywords: Internet of Things; routing protocols; telecommunication network topology; TPM; energy component; honesty component; routing protocol for low-power and lossy network; selfishness component; standardized routing protocol; trust platform module; trust-based RPL topology; Measurement; Routing; Routing protocols; Security; Topology; Wireless sensor networks (ID#: 16-11288)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7405638&isnumber=7405441
A. M. Shabut, K. Dahal, I. Awan and Z. Pervez, “Route Optimisation Based on Multidimensional Trust Evaluation Model in Mobile Ad Hoc Networks,” 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec), Cape Town, 2015, pp. 28-34. doi: 10.1109/InfoSec.2015.7435502
Abstract: With the increased numbers of mobile devices working in an ad hoc manner, there are many problems in secure routing protocols. Finding a path between source and destination faces more challenges in Mobile ad hoc network (MANET) environment because of the node movement and frequent topology changes, besides, the dependence on the intermediate nodes to relay packets. Therefore, trust technique is utilised in such environment to secure routing and stimulate nodes to cooperate in packet forwarding process. In this paper, an investigation of the use of trust to choose the optimised path between two nodes is provided. It comes up with a proposal to select the most reliable path based on multidimensional trust evaluation technique to include number of hubs, trust opinion, confidence in providing trust, and energy level of nodes on the path. The model overcomes the limitation of considering only trustworthiness of the nodes on the path and uses a route optimisation approach to select the path between source and destination. The empirical analysis shows robustness and accuracy of the trust model in a dynamic MANET environment.
Keywords: mobile ad hoc networks; relay networks (telecommunication); routing protocols; telecommunication network topology; telecommunication security; dynamic MANET environment; empirical analysis; frequent topology changes; intermediate nodes; mobile ad hoc network; mobile device; multidimensional trust evaluation model; node movement; packet forwarding process; relay packet; route optimisation approach; routing protocol security; Algorithm design and analysis; Heuristic algorithms; Mobile ad hoc networks; Optimization; Routing; Routing protocols; Security; routing optimisation; routing protocol; selection algorithm; trust; trustworthiness (ID#: 16-11289)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7435502&isnumber=7435496
M. S. Khan, D. Midi, M. I. Khan and E. Bertino, “Adaptive Trust Threshold Strategy for Misbehaving Node Detection and Isolation,” Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 718-725. doi: 10.1109/Trustcom.2015.439
Abstract: Due to dynamic network topology, distributed architecture and absence of a centralized authority, mobile ad hoc networks (MANETs) are vulnerable to various attacks from misbehaving nodes. To enhance security, various trust-based schemes have been proposed that augment traditional cryptography-based security schemes. However, most of them use static and predefined trust thresholds for node misbehavior detection, without taking into consideration the network conditions locally at each node. Using static thresholds for misbehavior detection may result in high false positives, low malicious node detection rate, and network partitioning. In this paper, we propose a novel Adaptive Trust Threshold (ATT) computation strategy, that adapts the trust threshold in the routing protocol according to network conditions such as rate of link changes, node degree and connectivity, and average neighborhood trustworthiness. We identify the topology factors that affect the trust threshold at each node, and leverage them to build a mathematical model for ATT computation. Our simulation results indicate that the ATT strategy achieves significant improvements in packet delivery ratio, reduction in false positives, and increase in detection rate as compared to traditional static threshold strategies.
Keywords: cryptography; mobile ad hoc networks; routing protocols; telecommunication network topology; telecommunication security; ATT computation strategy; MANETs; adaptive trust threshold strategy; cryptography-based security schemes; distributed architecture; dynamic network topology; high false positive reduction; low malicious node detection rate; mathematical model; misbehaving node detection; misbehaving node isolation; network partitioning; packet delivery ratio; predefined trust thresholds; routing protocol; static threshold strategy; trust-based schemes; Ad hoc networks; Adaptation models; Measurement; Mobile computing; Network topology; Routing; Security; Trust-based security; adaptive threshold; static threshold; threshold computation (ID#: 16-11290)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345347&isnumber=7345233
M. Xiang, W. Liu, Q. Bai and A. Al-Anbuky, “Simmelian Ties and Structural Holes: Exploring Their Topological Roles in Forming Trust for Securing Wireless Sensor Networks,” Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 96-103. doi: 10.1109/Trustcom.2015.362
Abstract: Due to the nature of wireless sensor networks (WSNs) in open-access and error-prone wireless environments, the security issues are always crucial. The traditional security mechanisms such as Public Key Infrastructure (PKI) is no longer as feasible in protecting WSN as in wired networks. The new concept of trust has emerged in recent studies as an alternative mechanism to address the security concerns in WSNs. Most recent studies on trust are mainly focused on how to model and evaluate trust so as to effectively detect, isolate, and avoid any malicious activity in the network. In this paper, we have introduced the new angle of adaptive network approach to study 'dynamics on networks' i.e., trust state transition on a network with a fixed topology or 'dynamics of networks' i.e., topological transformation of a network with no dynamic trust state changes separately so as to discover the interplay between network overlay entities' trust evaluation and its underlie topological connectivity. Inspired from the trust studies in sociology, we propose that the Simmelian tie structured networks enable more positive impact on fostering trustworthiness among sensor nodes, while structural hole characterized networks provide more opportunity for misbehaviors and have negative impact to secure WSNs. These hypothesis have been confirmed by the extensive simulation studies.
Keywords: public key cryptography; telecommunication network topology; telecommunication security; wireless sensor networks; PKI; Simmelian tie structured networks; WSN; adaptive network approach; error-prone wireless environments; fixed topology; network dynamics; open-access; public key infrastructure; sociology; structural holes; topological roles; topological transformation; trust formation; trust state transition; underlie topological connectivity; wired networks; wireless sensor network security; Adaptive systems; Measurement; Network topology; Security; Sociology; Topology; Wireless sensor networks; Adaptive networks; Security; Simmelian tie and structural hole; Topological metrics; Trust and reputation management; (ID#: 16-11291)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345270&isnumber=7345233
M. Mayhew, M. Atighetchi, A. Adler and R. Greenstadt, “Use of Machine Learning in Big Data Analytics for Insider Threat Detection,” Military Communications Conference, MILCOM 2015 - 2015 IEEE, Tampa, FL, 2015, pp. 915-922. doi: 10.1109/MILCOM.2015.7357562
Abstract: In current enterprise environments, information is becoming more readily accessible across a wide range of interconnected systems. However, trustworthiness of documents and actors is not explicitly measured, leaving actors unaware of how latest security events may have impacted the trustworthiness of the information being used and the actors involved. This leads to situations where information producers give documents to consumers they should not trust and consumers use information from non-reputable documents or producers. The concepts and technologies developed as part of the Behavior-Based Access Control (BBAC) effort strive to overcome these limitations by means of performing accurate calculations of trustworthiness of actors, e.g., behavior and usage patterns, as well as documents, e.g., provenance and workflow data dependencies. BBAC analyses a wide range of observables for mal-behavior, including network connections, HTTP requests, English text exchanges through emails or chat messages, and edit sequences to documents. The current prototype service strategically combines big data batch processing to train classifiers and real-time stream processing to classifier observed behaviors at multiple layers. To scale up to enterprise regimes, BBAC combines clustering analysis with statistical classification in a way that maintains an adjustable number of classifiers.
Keywords: Big Data; authorisation; data analysis; document handling; learning (artificial intelligence); pattern classification; pattern clustering; trusted computing; BBAC; English text exchanges; HTTP requests; actor trustworthiness; behavior-based access control; big data analytics; big data batch processing; chat messages; classifier training; clustering analysis; document trustworthiness; emails; enterprise environments; information trustworthiness; insider threat detection; interconnected systems; machine learning; mal-behavior; network connections; real-time stream processing; security events; statistical classification; Access control; Big data; Computer security; Electronic mail; Feature extraction; Monitoring; HTTP; TCP; big data; chat; documents; email; insider threat; machine learning; support vector machine; trust; usage patterns (ID#: 16-11292)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7357562&isnumber=7357245
A. M. Ahmed, Q. H. Mehdi, R. Moreton and A. Elmaghraby, “Serious Games Providing Opportunities to Empower Citizen Engagement and Participation in E-Government Services,” 2015 Computer Games: AI, Animation, Mobile, Multimedia, Educational and Serious Games (CGAMES), Louisville, KY, 2015, pp. 138-142. doi: 10.1109/CGames.2015.7272971
Abstract: Serious games are electronic games designed not primarily for entertainment but for purposes such as education, training, health, military, politics, advertising and business. Communication between governments and citizens via electronic channels (i.e. e-government)to deliver services is difficult in developing countries due to limited IT knowledge, user experience and trust issues. Serious games can potentially improve citizen engagement in e-services by helping users expand their personal knowledge regarding services benefits, privacy and security. The main purpose of this paper is to investigate the extent to which an extended Technology Acceptance Model (TAM) and Trustworthiness Model (TM) facilitate the use of serious games in e-government services and empower citizen engagement and participation. In this research, the benefits of serious games are assayed in terms of perceived usefulness and perceived ease of use in TAM, as well as increased Internet and government trust in TM to form a conceptual model of factors that influence citizen adoption of e-government initiatives. The model provides a new way to assist governments in increasing citizens' engagement of their online services.
Keywords: Internet; government data processing; serious games (computing); TAM; TM; citizen engagement; citizen participation; e-government initiatives; e-government services; electronic government; serious games; technology acceptance model; trustworthiness model; Computational modeling; Computers; Electronic government; Games; Privacy; Training; Citizen engagement; Serious Games; Trustworthiness; e-Government (ID#: 16-11293)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7272971&isnumber=7272892
C. A. Kamhoua, A. Ruan, A. Martin and K. A. Kwiat, “On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis,” 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC), Limassol, 2015,
pp. 217-226. doi: 10.1109/UCC.2015.38
Abstract: Trusting a cloud infrastructure is a hard problem, which urgently needs effective solutions. There are increasing demands for switching to the cloud in the sectors of financial, healthcare, or government etc., where data security protections are among the highest priorities. But most of them are left unsatisfied, due to the current cloud infrastructures' lack of provable trustworthiness. Trusted Computing (TC) technologies implement effective mechanisms for attesting to the genuine behaviors of a software platform. Integrating TC with cloud infrastructure shows a promising method for verifying the cloud's behaviors, which may in turn facilitate provable trustworthiness. However, the side effect of TC also brings concerns: exhibiting genuine behaviors might attract targeted attacks. Consequently, current Trusted Cloud proposals only integrate limited TC capabilities, which hampers the effective and practical trust establishment. In this paper, we aim to justify the benefits of a fully Open-Implementation cloud infrastructure, which means that the cloud's implementation and configuration details can be inspected by both the legitimate and malicious cloud users. We applied game theoretic analysis to discover the new dynamics formed between the Cloud Service Provider (CSP) and cloud users, when the Open-Implementation strategy is introduced. We conclude that, even though Open-Implementation cloud may facilitate attacks, vulnerabilities or misconfiguration are easier to discover, which in turn reduces the total security threats. Also, cyber threat monitoring and sharing are made easier in an Open-Implementation cloud. More importantly, the cloud's provable trustworthiness will attract more legitimate users, which increases CSP's revenue and helps lowering the price. This eventually creates a virtuous cycle, which will benefit both the CSP and legitimate users.
Keywords: cloud computing; game theory; open systems; security of data; trusted computing; CSP revenue; TC technologies; cloud details; cloud service provider; cloud trustworthiness; cyber threat monitoring; data security protections; fully open-implementation cloud infrastructure; game theoretic analysis; legitimate cloud users; malicious cloud users; open-implementation cloud; open-implementation cloud strategy; software platform; total security threats; trusted computing technologies; Cloud computing; Computational modeling; Games; Hardware; Security; Virtual machine monitors; Cloud Computing; Game Analysis; Trusted Computing (ID#: 16-11294)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7431413&isnumber=7431374
A. Gutmann et al., “ZeTA-Zero-Trust Authentication: Relying on Innate Human Ability, Not Technology,” 2016 IEEE European Symposium on Security and Privacy (EuroS&P), Saarbrucken, Germany, 2016, pp. 357-371. doi: 10.1109/EuroSP.2016.35
Abstract: Reliable authentication requires the devices and channels involved in the process to be trustworthy, otherwise authentication secrets can easily be compromised. Given the unceasing efforts of attackers worldwide such trustworthiness is increasingly not a given. A variety of technical solutions, such as utilising multiple devices/channels and verification protocols, has the potential to mitigate the threat of untrusted communications to a certain extent. Yet such technical solutions make two assumptions: (1) users have access to multiple devices and (2) attackers will not resort to hacking the human, using social engineering techniques. In this paper, we propose and explore the potential of using human-based computation instead of solely technical solutions to mitigate the threat of untrusted devices and channels. ZeTA (Zero Trust Authentication on untrusted channels) has the potential to allow people to authenticate despite compromised channels or communications and easily observed usage. Our contributions are threefold: (1) We propose the ZeTA protocol with a formal definition and security analysis that utilises semantics and human-based computation to ameliorate the problem of untrusted devices and channels. (2) We outline a security analysis to assess the envisaged performance of the proposed authentication protocol. (3) We report on a usability study that explores the viability of relying on human computation in this context.
Keywords: security of data; ZeTA protocol; ZeTA-Zero-Trust Authentication; authentication secrets; formal definition; human computation; innate human ability; multiple devices-channels; reliable authentication; security analysis; social engineering techniques; trustworthy; untrusted communications; untrusted devices; verification protocols; Authentication; Proposals; Protocols; Semantics; Servers; Usability (ID#: 16-11295)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7467365&isnumber=7467331
J. Ma and Y. Zhang, “Research on Trusted Evaluation Method of User Behavior Based on AHP Algorithm,” 2015 7th International Conference on Information Technology in Medicine and Education (ITME), Huangshan, 2015, pp. 588-592. doi: 10.1109/ITME.2015.39
Abstract: The research of trustworthiness measurement of user behavior is the hotpot in the network security. According to the existing problems of the user behavior trust evaluation method in the subjective weight and dynamic adaptability, in this paper, the calculation method of indirect credibility has been improved, and combined with the previously proposed user behavior evaluation method based on Analytic Hierarchy Process, the method of user behavior evaluation is more effectively and accurately. In this method, user behavior activity and reward and punishment factor, and the improved calculation method of indirect credibility are combined to evaluate the user's behavior, and the feasibility of the method is demonstrated by an example. The results show that the proposed method can adapt to the dynamic changes of user behavior trust, and can accurately evaluate the credibility of user behaviors.
Keywords: analytic hierarchy process; trusted computing; AHP algorithm; dynamic adaptability; indirect credibility calculation method; network security; reward-punishment factor; subjective weight; trusted evaluation method; trustworthiness measurement; user behavior; user behavior activity; Adaptation models; Analytic hierarchy process; Analytical models; Computational modeling; Reliability; Security; Time factors; Analytic Hierarchy Process; Indirect Credibility; User Behavior Trust (ID#: 16-11296)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7429218&isnumber=7429072
Y. Yu, C. Xia and Z. Li, “A Trust Bootstrapping Model for Defense Agents,” Communication Software and Networks (ICCSN), 2015 IEEE International Conference on, Chengdu, 2015, pp. 77-84. doi: 10.1109/ICCSN.2015.7296132
Abstract: In the system of computer network collaborative defense (CNCD), defense agents newly added to defense network lack of historical interaction, which leads to the failure of trust establishment. To solve the problem of trust bootstrapping in CNCD, a trust type based trust bootstrapping model was introduced. Trust type, trust utility and defense cost was discussed first. Then the constraints of defense tasks were gained based on the above analysis. According to the constraints obtained, we identified the trust type and assigned the initial trustworthiness to defense agents (DAs). The simulated experiment shows that the methods proposed in the present work have lower failure rate of tasks and better adaptability.
Keywords: computer bootstrapping; computer network security; trusted computing; computer network collaborative defense; defense agents; defense cost; defense network; failure rate; historical interaction; trust bootstrapping model; trust establishment; trust type; trust utility; Collaboration; Computational modeling; Computer science; Game theory; Games; Security; Waste materials; Trust bootstrapping; collaborative defense (ID#: 16-11297)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7296132&isnumber=7296115
J. Hiltunen and J. Kuusijärvi, “Trust Metrics Based on a Trusted Network Element,” Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 660-667. doi: 10.1109/Trustcom.2015.432
Abstract: In this paper we study and propose a trust model and trust metric composition models based on a trusted network element. Our proposed model, executed in a trusted network element, helps the user to make subjective decisions based on secure and trusted metric information presented in a user friendly form. The composition models present two possible solutions of how to integrate trust constructs into quantitative measurements in order to provide readily available evidence to the trustor about trustee's trustworthiness. The results show how to achieve 5% measurement error probability when detecting malicious actions and what kinds of 95% intervals of confidence the 5% measurement error probability will enable in different trust metric composition models. The presented trust metric is specifically designed for client-server and peer-to-peer communication scenarios over the Internet, such as Web browsing and/or content streaming.
Keywords: probability; trusted computing; Web browsing; client-server scenarios; composition models; confidence intervals; content streaming; malicious action detection; measurement error probability; peer-to-peer communication scenario; quantitative measurements; secure-trusted metric information; subjective decision making; trust metric composition models; trusted network element; trustee trustworthiness; Analytical models; Internet; Measurement errors; Measurement uncertainty; Security; Uncertainty; Trust model; security measurement; security metric; trust metric (ID#: 16-11298)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345340&isnumber=7345233
B. Soeder and K. S. Barber, “A Model for Calculating User-Identity Trustworthiness in Online Transactions,” Privacy, Security and Trust (PST), 2015 13th Annual Conference on, Izmir, 2015, pp. 177-185. doi: 10.1109/PST.2015.7232971
Abstract: Online transactions require a fundamental relationship between users and resource providers (e.g., retailers, banks, social media networks) built on trust; both users and providers must believe the person or organization they are interacting with is who they say they are. Yet with each passing year, major data breaches and other identity-related cybercrimes become a daily way of life, and existing methods of user identity authentication are lacking. Furthermore, much research on identity trustworthiness focuses on the user's perspective, whereas resource providers receive less attention. Therefore, the current research investigated how providers can increase the likelihood their users' identities are trustworthy. Leveraging concepts from existing research, the user-provider trust relationship is modeled with different transaction contexts and attributes of identity. The model was analyzed for two aspects of user-identity trustworthiness - reliability and authenticity - with a significant set of actual user identities obtained from the U.S. Department of Homeland Security. Overall, this research finds that resource providers can significantly increase confidence in user-identity trustworthiness by simply collecting a limited amount of user-identity attributes.
Keywords: computer crime; trusted computing; user interfaces; data breaches; identity-related cybercrimes; online transactions; resource providers; user identity authentication; user identity trustworthiness; Authentication; Computational modeling; Context; Industries; Mathematical model; Protocols; Reliability; authenticity; identity; reliability; trust (ID#: 16-11299)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7232971&isnumber=7232940
S. Benabied, A. Zitouni and M. Djoudi, “A Cloud Security Framework Based on Trust Model and Mobile Agent,” Cloud Technologies and Applications (CloudTech), 2015 International Conference on, Marrakech, 2015, pp. 1-8. doi: 10.1109/CloudTech.2015.7336962
Abstract: Cloud computing as a potential paradigm offers tremendous advantages to enterprises. With the cloud computing, the market's entrance time is reduced, computing capabilities is augmented and computing power is really limitless. Usually, to use the full power of cloud computing, cloud users has to rely on external cloud service provider for managing their data. Nevertheless, the management of data and services are probably not fully trustworthy. Hence, data owners are uncomfortable to place their sensitive data outside their own system .i.e., in the cloud., Bringing transparency, trustworthiness and security in the cloud model, in order to fulfill client's requirements are still ongoing. To achieve this goal, our paper introduces two levels security framework: Cloud Service Provider (CSP) and Cloud Service User (CSU). Each level is responsible for a particular task of the security. The CSU level includes a proxy agent and a trust agent, dealing with the first verification. Then a second verification is performed at the CSP level. The framework incorporates a trust model to monitor users' behaviors. The use of mobile agents will exploit their intrinsic features such as mobility, deliberate localization and secure communication channel provision. This model aims to protect user's sensitive information from other internal or external users and hackers. Moreover, it can detect policy breaches, where the users are notified in order to take necessary actions when malicious access or malicious activity would occur.
Keywords: cloud computing; mobile agents; security of data; trusted computing; CSP; CSU; cloud security framework; cloud service provider; cloud service user; data management; mobile agent; policy breach detection; proxy agent; trust agent; trust model; two levels security framework; Cloud computing; Companies; Computational modeling; Mobile agents; Monitoring; Security; Servers; Cloud Computing Security; Mobile Agent; Security and Privacy; Trust; Trust Model (ID#: 16-11300)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336962&isnumber=7336956
S. Mishra, “Network Security Protocol for Constrained Resource Devices in Internet of Things,” 2015 Annual IEEE India Conference (INDICON), New Delhi, 2015, pp. 1-6. doi: 10.1109/INDICON.2015.7443737
Abstract: Security protocols built on strong cryptographic algorithms to defeat attempts of pattern analysis are popular nowadays, but these algorithms consume a lot of processor's efficiency. So, devices with limited processor capabilities need some modified protocols. Billions of such devices, known as `smart objects' are used in IOT (Internet of things). IOT is an interconnection of a large number of smart objects with low resources. WSN (wireless sensor network) which comprises of a large network of sensors and actuators with constrained capabilities also need resource efficient protocol to be implemented. Security, trustworthiness and privacy are major challenges to turn IOT into a reality. Absence of strong security protocols, attacks with malicious intent and malfunctions will outweigh the benefit of IOT components. Data integrity, identity management, trust management and privacy are four crucial obstacles in designing a secure IOT. To alleviate these challenges and obstacles, a security protocol that uses minimal processor capacity and facilitates targeted security benefits of IOT is proposed. This protocol counters most of security issues with existing IOT protocols and is robust against severe attacks. This protocol is unique in a way that it gives different bit-streams in a given authenticated session for same data which cannot be predicted by the transmitter itself and changes within nanoseconds. Also, a perfectly random signal to choose the bit-stream, in place of pseudo-random code algorithm is used. In V2V (vehicle to vehicle) IOT, an illustration of error correction in the key instead of lengthening the sent bit stream is also done.
Keywords: Internet of Things; computer network security; cryptographic protocols; data privacy; trusted computing; IOT; Internet of things; V2V; WSN; constrained resource device; cryptographic algorithm; data integrity; identity management; network security protocol; privacy; pseudorandom code algorithm; trust management; trustworthiness; vehicle to vehicle; wireless sensor network; Encryption; Protocols; Servers; Vehicles; White noise; Internet of things; lightweight cryptography; randomness; secure authentication; security (ID#: 16-11301)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7443737&isnumber=7443105
E. Brumancia and A. Sylvia, “A Profile Based Scheme for Security in Clustered Wireless Sensor Networks,” Communications and Signal Processing (ICCSP), 2015 International Conference on, Melmaruvathur, 2015, pp. 0823-0827. doi: 10.1109/ICCSP.2015.7322608
Abstract: Data aggregation in WSN is usually done by simple methods such as averaging; these methods are vulnerable to certain attacks. To make trust of data and reputation of sensor nodes will be capable of performing more sophisticated data aggregation algorithm, thus making less vulnerable. Iterative filtering algorithm holds great promise for this purpose. To protect WSN from security issue, we introduce an improved iterative filtering technique. This technique makes them not only collusion robust, but also more accurate and faster converging. Trust and reputation systems have a significant role in supporting the operation of a wide range of distributed systems, from wireless sensor networks and e-commerce infrastructure to social networks, by providing an assessment of trustworthiness of participants in a distributed system. We assume that the stochastic components of sensor errors are independent random variables with a Gaussian distribution; however, our experiments show that our method works quite well for other types of errors without any modification. Moreover, if the error distribution of sensors is either known or estimated, our algorithms can be adapted to other distributions to achieve an optimal performance. In the first stage we provide an initial estimate of two noise parameters for sensor nodes, bias and variance; details of the computations for estimating bias and variance of sensors. We provide an initial estimate of the reputation vector calculated using the MLE, the detailed computation operations. In the third stage of the proposed framework, the initial reputation vector provided in the second stage is used to estimate the trustworthiness of each sensor based on the distance of sensor readings to such initial reputation vector.
Keywords: Gaussian distribution; filtering theory; iterative methods; maximum likelihood estimation; telecommunication security; wireless sensor networks; Iterative filtering algorithm; MLE; WSN protection; clustered wireless sensor network security; data aggregation algorithm; distributed system; e-commerce infrastructure; profile based scheme; reputation vector estimation; social network; trust and reputation system; Atmospheric measurements; Detectors; Indexes; Monitoring; Particle measurements; Wireless networks; Wireless sensor networks; Cluster Head (CH); Cluster Member (CM); Data Aggregation; Wireless Sensor Network (WSN) (ID#: 16-11302)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7322608&isnumber=7322423
M. Rezvani, A. Ignjatovic, E. Bertino and S. Jha, “A Collaborative Reputation System Based on Credibility Propagation in WSNs,” Parallel and Distributed Systems (ICPADS), 2015 IEEE 21st International Conference on, Melbourne, VIC, 2015, pp. 1-8. doi: 10.1109/ICPADS.2015.9
Abstract: Trust and reputation systems are widely employed in WSNs to help decision making processes by assessing trustworthiness of sensor nodes in a data aggregation process. However, in unattended and hostile environments, more sophisticated malicious attacks, such as collusion attacks, can distort the computed trust scores and lead to low quality or deceptive service as well as undermine the aggregation results. In this paper we propose a novel, local, collaborative-based trust framework for WSNs that is based on the concept of credibility propagation which we introduce. In our approach, trustworthiness of a sensor node depends on the amount of credibility that such a node receives from other nodes. In the process we also obtain an estimate of sensors' variances which allows us to estimate the true value of the signal using the Maximum Likelihood Estimation. Extensive experiments using both real-world and synthetic datasets demonstrate the efficiency and effectiveness of our approach.
Keywords: decision making; maximum likelihood estimation; telecommunication security; wireless sensor networks; WSN; collaborative reputation system; collaborative-based trust framework; credibility propagation; data aggregation process; decision making; maximum likelihood estimation; reputation systems; sensor nodes; trust systems; Aggregates; Collaboration; Computer science; Maximum likelihood estimation; Robustness; Temperature measurement; Wireless sensor networks; collusion attacks; data aggregation; iterative filtering; reputation system (ID#: 16-11303)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7384212&isnumber=7384203
J. Y. Yap and A. Tomlinson, “Provenance-Based Attestation for Trustworthy Computing,” Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 630-637. doi: 10.1109/Trustcom.2015.428
Abstract: We present a new approach to the attestation of a computer's trustworthiness that is founded on provenance data of its key components. The prevailing method of attestation relies on comparing integrity measurements of the key components of a computer against a reference database of trustworthy integrity measurements. An integrity measurement is obtained by passing a software binary or any component through a hash function but this value carries little information unless there is a reference database. On the other hand, the semantics of provenance contain more details. There are expressive information such as the component's history and its causal dependencies with other elements of a computer. Hence, we argue that provenance data can be used as evidence of trustworthiness during attestation. In this paper, we describe a complete design for provenance-based attestation. The design development is guided by goals and it covers all the phases of this approach. We discuss about collecting provenance data and using the PROV data model to represent provenance data. To determine if provenance data of a component can provide evidence of its trustworthiness, we have developed a rule specification grammar and provided a discourse on using the rules. We then build the key mechanisms of this form of attestation by exploring approaches to capture provenance data and look at transforming the trust evaluation rules to XQuery language before running the rules against an XML based record of provenance data. Finally, the design is analyzed using threat modelling.
Keywords: XML; data models; trusted computing; PROV data model; XML based provenance data record; XQuery language; attestation prevailing method; computer trustworthiness attestation; hash function; key components; provenance data representation; provenance semantics; provenance-based attestation; rule specification grammar; software binary; threat modelling; trust evaluation rules; trustworthiness; trustworthy computing; trustworthy integrity measurements; Computational modeling; Computers; Data models; Databases; Semantics; Software; Software measurement; attestation; provenance (ID#: 16-11304)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345336&isnumber=7345233
S. Yao et al., “FASTrust: Feature Analysis for Third-Party IP Trust Verification,” Test Conference (ITC), 2015 IEEE International, Anaheim, CA, 2015, pp. 1-10. doi: 10.1109/TEST.2015.7342417
Abstract: Third-party intellectual property (3PIP) cores are widely used in integrated circuit designs. It is essential and important to ensure their trustworthiness. Existing hardware trust verification techniques suffer from high computational complexity, low extensibility, and inability to detect implicitly-triggered hardware trojans (HTs). To tackle the above problems, in this paper, we present a novel 3PIP trust verification framework, named FASTrust, which conducts HT feature analysis on the flip-flop level control-data flow graph (CDFG) of the circuit. FASTrust is not only able to identify existing explicitly-triggered and implicitly-triggered HTs appeared in the literature in an efficient and effective manner, but more importantly, it also has the unique advantage of being scalable to defend against future and more stealthy HTs by adding new features to the system.
Keywords: computational complexity; data flow graphs; flip-flops; integrated circuit design; integrated logic circuits; invasive software; trusted computing; 3PIP cores; 3PIP trust verification framework; FASTrust; HT feature analysis; explicitly-triggered HT; flip-flop level control-data flow graph; hardware trust verification techniques; implicitly-triggered HT; implicitly-triggered hardware trojans; integrated circuit designs; third-party IP trust verification; third-party intellectual property core; trustworthiness; Combinational circuits; Feature extraction; Hardware; Integrated circuit modeling; Trojan horses; Wires; Hardware Trojan; feature analysis; hardware security; third-party intellectual property (ID#: 16-11305)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7342417&isnumber=7342364
Rani, JayaKumar and Divya, “Trust Aware Systems in Wireless Sensor Networks,” Computing and Communications Technologies (ICCCT), 2015 International Conference on, Chennai, 2015, pp. 174-179. doi: 10.1109/ICCCT2.2015.7292741
Abstract: Sensor network is an adaptable technology for perceiving environmental criterions and hence finds its pivotal role in a wide range of applications. The applications range from mission critical like military or patient monitoring systems to home surveillance systems where the network may be prone to security attacks. The network is vulnerable to attack as it may be deployed in hostile environments. In addition it may be exposed to attacks due to the inherent feature of not incorporating security mechanisms into the nodes. Hence additional programs for security may be added in the network. One such scheme is making the network a trust ware system. The trust computation serves as a powerful tool in the detection of unexpected node behaviour. In this paper we propose a trust mechanism to determine the trustworthiness of the sensor node. Most of the existing trust aware systems are centralised and suffer from single head failure. In this paper we propose a dynamic and decentralized system.
Keywords: telecommunication security; trusted computing; wireless sensor networks; decentralized system; dynamic system; environmental criterion; hostile environment; network security; network vulnerability; sensor node trustworthiness determination; trust aware system; unexpected node behaviour detection; wireless sensor network; Base stations; Energy efficiency; Monitoring; Reliability; Routing; Security; Wireless sensor networks; security; trust evaluation; (ID#: 16-11306)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7292741&isnumber=7292708
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.