2011 • In Serugendo, Giovanna Di Marzo; Gleizes, Marie-Pierre; Karageorgos, Anthony (Eds.) Self-Organizing Software - From Natural to Artificial Adaptation
[en] Chapter 8 of this book has explained how computational trust and reputation can be used to select the trustworthy pieces of software among the plethora of pieces of software emerging from this dynamic self-organising software world as envisioned in this book. This chapter goes beyond mere initial static selection of pieces of software because over time the situation changes and previously trustworthy configuration of pieces of software may become untrustworthy. In this chapter, an approach for adaptive trust management, meaning that the trust algorithms adapt automatically themselves depending on the context, is explained and examplified in the domain of context-aware authentication applications.
Disciplines :
Computer science
Identifiers :
UNILU:UL-CHAPTER-2011-023
Author, co-author :
Seigneur, Jean-Marc; University of Geneva, Switzerland
LENZINI, Gabriele ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Hulsebosch, Bob; Novay, The Netherlands
Language :
English
Title :
Adaptive Trust Management
Publication date :
2011
Main work title :
Self-Organizing Software - From Natural to Artificial Adaptation
Belovin, S.M.: On the brittleness of software and the infeasibility of secure metric. IEEE Secur. Priv. 4(4), 96 (2006)
Benantar, M.: Access Control Systems: Security, Identity Management and Trust Models. Springer, Berlin (2006)
Bhatti, R., Bertino, E., Ghafoor, A.: A trust-based context-aware access control model for web-services. Distrib. Parallel Databases 18(1), 83-105 (2005)
Bizer, C., Cyganiak, R., Gauss, T., Maresh, O.: The TriQL. P browser: filtering information using context, content and rating-based trust policies. In: Proceedings of the Semantic Web and Policy Workshop (2005)
Buchegger, S., Boudec, J.L.: A robust reputation system for P2P and mobile ad-hoc networks. In: Proceedings of the Second Workshop on the Economics of Peer-to-Peer Systems (2004)
Castro, P.: Using context to assist in multimedia object retrieval. In: First International Workshop on Multimedia Intelligent Storage and Retrieval Management (1999). citeseer. ist. psu. edu/article/castro99using. html
Chess, D.M., Palmer, C.C., White, R.S.: Security in an autonomic computing environment. IBM Syst. J. 42(1), 107-118 (2003)
Covington, M.J., Ahamad, M., Essa, I., Venkateswaran, H.: Parameterized authentication. In: Samarati, P., Rayan, P., Gollmann, D., Molva, R. (eds.) Proc. of the 9th European Symposium on Research in Computer Security, Sophia Antipolis, France, 13-15 September 2004. Lecture Notes in Computer Science, vol. 3193, pp. 276-292. Springer, Berlin (2004)
Dey, A.K., Abowd, G.D.: Towards a better understanding of context and context-awareness. Tech. Rep., Georgia Institute of Technology, College of Computing (1999). http://citeseer.ist. psu.edu/context/1190105/0
Dimmock, N., Bacon, J., Ingram, D., Moody, K.: Risk models for trust-based access control(tbac). In: TrustManagement. Lecture Notes in Computer Science, vol. 3477, pp. 364-371. Springer, Berlin (2005)
Ganger, G.R.: Authentication confidences. Tech. Rep. CMU-CS-01-23, Carnegie Mellon University, School of Computer Science (2001)
Golbeck, J., Parsia, B.: Trusting claims from trusted sources: trust network based filtering of aggregated claims. In: Proceedings of the 3rd International SemanticWeb Conference. LNCS, vol. 3298. Springer, Berlin (2004). http://www.mindswap.org/papers/Jen-ISWC04.pdf
Guha, R.: Open rating systems. Techn. Rep., Stanford University (2004)
http://www.freeband.nl
Hulsebosch, R.J., Bargh, M.S., Lenzini, G., Ebben, P.W.G., Jacob, S.M.: Context sensitive adaptive authentication. In: Proc. of the 2nd European Conference on Smart Sensing and Context, Kendal, UK, 23-25 October 2007. Lecture Notes in Computer Science, Springer, Berlin (2007, to appear)
Jain, A.K., Ross, A., Prabhakar, S.: An introduction to biometric recognition. IEEE Trans. Circuits Syst. Video Technol. 14(1), 4-20 (2004). http://ieeexplore.ieee.org/xpls/abs_all.jsp? arnumber=1262027
Jøsang, A.: The right type of trust for distributed systems. In: Proceedings of the New Security Paradigms Workshop. ACM, New York (1996). http://citeseer.nj.nec.com/47043.html
Jøsang, A.: A subjective metric of authentication. In: Quisquater, J.J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) Proc. of the 5th European Symposium on Research in Computer Security (ESORICS 98), Louvain-la-Neuve, Belgium, 16-18 September 1998. Lecture Notes in Computer Science, vol. 1485, pp. 329-344. Springer, Berlin (1998)
Jøsang, A.: A logic for uncertain probabilities. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 9(3), 279-312 (2001)
Krukow, K.: Towards a theory of trust for the global ubiquitous computer. Ph.D. thesis, Dept. of Computer Science, Univ. of Aarhus, Denmark (2006)
Lenzini, G., Hulsebosch, R.J., Bargh, M.S.: Trust-enhanced security in location-based adaptive authentication. In: Proc. of the ESORICS 3rd International Workshop on Security and Trust Management (STM 07), Dresden, Germany, 27 September 2007. Electronic Notes in Theoretical Computer Science. Elsevier, Amsterdam (2007, to appear)
Levin, T.E., Irvine, C.E., Spyropoulou, E.: Quality of Security Service: Adaptive Security. Handbook of Information Security. Threats, Vulnerabilities, Prevention, Detection and Management, vol. III. Wiley, New York (2005)
Marcus, L.: Local and global requirements in an adaptive security infrastructure. In: Proc. of the Int. Workshop on Requirements High Assurance Systems (RHAS), Monterey Bay, CA, USA, 9 Sept. 2003, pp. 23-29. Carnegie Mellon University Press, Pittsburg (2003)
Marsh, S.: Formalising trust as a computational concept. Ph.D. dissertation, University of Stirling, Department of Mathematics and Computer Science (1994). http://citeseer.nj.nec.com/ marsh94formalising.html
Mezzetti, N.: A socially inspired reputation model. In: Proceedings of EuroPKI (2004)
Montanari, R., Toninelli, A., Bradshaw, J.M.: Context-based security management for multiagent systems. In: Proc. of the 2nd IEEE Symposium on Multi-Agent Security and Survivability (MAS&S 2005), 30-31 Aug. 2005, Philadelphia, USA, pp. 75-84. IEEE Computer Society, Los Alamitos (2005)
Mostéfaoui, G.K., Brézillon, P.: A generic framework for context-based distributed authorizations. In: Proc. of the 4th Int. and Interdisciplinary Conference on Modeling and Using Context (CONTEXT 2003), 23-25 June 2003, Stanford, CA, USA. Lecture Notes in Artificial Intelligence, vol. 2680, pp. 204-217. Springer, Berlin (2003)
Noble, B., Corner, M.: The case for transient authentication. In: Proc. of the 10th ACM SIGOPS European Workshop: Beyond the PC, Saint-Emillion, France, September 2002, pp. 24-29. ACM, New York (2002)
Presti, S.L., Cusack, M., Booth, C.: Trust issues in pervasive environments. Techn. Rep., University of Southampton (2003)
Rahman, A.F.: A framework for decentralised trust reasoning. Ph.D. dissertation, University of London (2005)
Ranganathan, A., Al-Muhtadi, J., Campbell, R.H.: Reasoning about uncertain contexts in pervasive computing environments. Pervasive Comput. 3(2), 62-70 (2004)
Ryutov, T., Zhou, L., Neuman, C., Leithead, T., Seamons, K.E.: Adaptive trust negotiation and access control. In: Proc. of the 10th ACM Symposium on Access Control Models and Technologies (SACMAT05), 1-3 June 2005, Stockholm, Sweden, pp. 139-146. ACM, New York (2005)
Schneck, P.A., Schwan, K.: Dynamic authentication for high-performance networked applications. In: Proc. of the 6th IEEE/IFIP Int. Workshop on Quality of Service (IWQoS 98), Napa, CA, USA, 18-20 May 1998, pp. 127-136. IEEE Computer Society, Los Alamitos (1998)
Seigneur, J.M.: Trust, security and privacy in global computing. Ph.D. dissertation, Trinity College Dublin (2005)
Shakhnarovich, G., Lee, L., Darrell, T.: Integrated face and gait recognition from multiple views. In: IEEE Computer Vision and Pattern Recognition (2001). citeseer. ist. psu. edu/ shakhnarovich01integrated. html
Toivonen, S., Lenzini, G., Uusitalo, I.: Context-aware trust evaluation functions for dynamic reconfigurable systems. In: Proc. of the Models of Trust for the Web Workshop (MTW'06), held with the 15th International World Wide Web Conference (WWW2006), 22 May 2006, Edinburgh, Scotland, CEUR Workshop Proceedings, CEUR-WS (2006)
Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In: Proc. of the Fifth International Semantic Web Conference (ISWC), Athens, GA, 5-9 Nov. 2006. Lecture Notes in Computer Science, vol. 4273, pp. 473-486. Springer, Berlin (2006)
Veríssimo, P.E., Neves, N.F., Correia, M.P.: Intrusion-tolerant architectures: concepts and design. In: Architecting Dependable Systems. citeseer. ist. psu. edu/561906. html
Viswanathan, P.: Security architecture in gaia. Techn. Rep. 2215, Urbana, Illinois (2001). citeseer. ist. psu. edu/viswanathan01security. html
Wu, H., Siegel, M., Ablay, S.: Sensor fusion using Dempster-Shafer theory II: static weighting and Kalman filter-like dynamic weighting. In: Proc. of 20th IEEE Instrumentation and Measurement Technology Conference (IMTC 2003), 20-22 May 2003, Vail, CO, USA, vol. 2, pp. 907-912. IEEE Computer Society, Los Alamitos (2003)
Yee, G., Korba, L.: Context-aware security policy agent for mobile Internet services. In: Proc. of the 2005 IFIP International Conference on Intelligence in Communication Systems, Montréal, Québec, Canada, 17-19 October 2005
