developing a model for trust management in pervasive devices

Pervasive Computing and Communication Security (PerSec 2006)March 13th, 2006


Florina Almenárez, Andrés Marín, Daniel Díaz, Juan Sánchezhttp://www.it.uc3m.es/pervasive

DEVELOPING A MODEL FOR DEVELOPING A MODEL FOR TRUST MANAGEMENT IN TRUST MANAGEMENT IN

PERVASIVE DEVICESPERVASIVE DEVICES

http://images.google.es/imgres?imgurl=http://oboe.it.uc3m.es/~www/pic/uc3m/uc3m-logo.gif&imgrefurl=http://oboe.it.uc3m.es/~www/pic/uc3m/&h=384&w=384&sz=12&tbnid=ygCPxwdq4nQJ:&tbnh=119&tbnw=119&start=2&prev=/images%3Fq%3Dlogo%2Buc3m%26hl%3Des%26lr%3D



2

Outline

• Motivation

• Related Work

• PTM: Pervasive Trust Management Model

○ Requirements

○ Description

○ Mathematical Trust Evolution Model

○ Probabilistic Trust Evolution Model

• Component-based PTM Implementation

• Conclusions



3

Motivation• Pervasive Computing

○ Open and dynamic environments (zoo, airports, shopping mall)

○ Multitude of heterogeneous devices with communication, computing and storage capabilities Pervasive devices

• TRUST role in establishing new relations○ Secure communication protocols (SSL, IPSec, DNSSEC, …)

work well in fixed networks traditional PKI

Problems to work when trust relationships are not preconfigured

○ Some management mechanisms for ad hoc networks

routing



4

Related Work• Previous works

○1994: Marsh, Beth

○1997: Abdul-Rahman

○1998: Jøsang

○1999: KeyNote, SPKI/SDSI (Access control infrastructures)

○2001: Poblano

• Recent works○2002 – 2004: SECURE (IST Project) Trinity College Dublin

○2000 – 2010: Terminodes NCCR (ad hoc networks)

○2003 – : SULTAN Imperial College

○2004 – 2006: UBISEC Siemens

– Problems: complexity, distrust modelling, trust evolution



5

Pervasive Trust Management ModelRequirements

• Autonomous Independence on central server or previous configuration○ to participate in ad hoc networks and peer-to-peer application

• Dynamic evolution, context adaptation

• Simple minimize human intervention and resource consumption

• Secure protect resources from malicious entities○ to make suitable decisions despite the uncertainty

• Cooperative benefit from common knowledge

• Granularity establish trust values

• Include both trust and distrust concept



6

Pervasive Trust Management ModelDescription

• Fuzzy Logic

• Trustworthiness no trust for situation, category, etc.

• Trust properties: reflexive, non-symmetrical, conditionally transitive (explicit), dynamic

Distrust0 10,50,25 0,75 0,9

TrustIgnorance

% o

f m

em

be

rsh

ip

0,7

0,3

Distrust threshold

T(AB)

com

plet

e

very highhighmediumlittlevery littlescarce

none

trustworthiness



7

Pervasive Trust Management ModelHow it works?

➊ A (new user) requests access

➋ B searches trust information about A

➌ If A is unknown, B requests recommendations to Cs

➍ If there are trusted recommendations, B uses them (Indirect) PRP

If there are no recommendations, B uses trust rules (direct)

➎ If trust relationship is established, B recalculates trust value on A based on

interactions

A

Recommendations

➊

➋

➌

➍

B

C1

C2 ➎



9

Pervasive Trust Management ModelMathematical Trust Evolution

• “Trust comes on foot and goes by horse”

• Current behaviour is measured based on:○ Current interaction

Action weight (fuzzy logic) Security level

○ Past behaviour Positive and negative interactions

Increment factor (i) restriction percentage ()

○ A priori probability

)m(ai iWI

inactpact

nactpact)m(ai NN

NN.WI

i

0

IT

I)T1(T

V i1i

i1i1i

ai

If a=a+ (a+ – a-)>0

else, but no attack

If attack



10

Pervasive Trust Management ModelMathematical Trust Evolution (II)

• Trust is recalculated based on:○ Current behaviour○ Previous trust value○ Strictness factor ()

• Summarizing

0

)1(TVT

1ia

ii

If Vai>0

If not

)I1(T

)T1(ITT

i1i

1ii1ii

If Ii>0

If not

1))a –a(()a a())a –a(()a –a(

.WI m2--

m2--)m(

ai i



11

Pervasive Trust Management ModelMathematical Trust Evolution (III)

0

0,1

0,2

0,3

0,4

0,5

0,6

0,7

0,8

0,9

1

1 6 11 16 21 26 31 36 41

NUMBER OF INTERACTIONS (NEGATIVE)

TR

US

T V

AL

UE

0

0,1

0,2

0,3

0,4

0,5

0,6

0,7

0,8

0,9

1

1 11 21 31 41 51 61 71 81 91 101 111 121 131 141 151 161 171 181 191 201 211 221 231 241 251 261 271 281 291

NUMBER OF INTERACTIONS (POSITIVE) T

RU

ST

VA

LU

E

0

0,1

0,2

0,3

0,4

0,5

0,6

0,7

0,8

0,9

1

1 6 11 16 21 26 31 36 41

NUMBER OF INTERACTIONS (NEGATIVE)

TR

US

T V

AL

UE

0

0,1

0,2

0,3

0,4

0,5

0,6

0,7

0,8

0,9

1

1 11 21 31 41 51 61 71 81 91 101 111 121 131 141 151 161 171 181 191 201 211 221 231 241 251 261 271 281 291

NUMBER OF INTERACTIONS (POSITIVE) T

RU

ST

VA

LU

E



12

0

0,1

0,2

0,3

0,4

0,5

0,6

0,7

0,8

0,9

1

1 4 7 10 13 16 19 22 25 28 31 34 37 40 43 46 49 52 55 58 61 64 67 70 73 76 79 82 85 88 91

NUMBER OF INTERACTIONS (POSITIVE AND NEGATIVE)

TR

US

T V

AL

UE

Pervasive Trust Management ModelMathematical Trust Evolution (IV)

PARAMETERS:Increment percentage: 2%Security level: m=2Disposition Factor: 0.5Positive action: 1Wrong action: 0.5 (PTM)

PARAMETERS:Increment percentage: 2%Security level: m=2Disposition Factor: 0.5Positive action: 1Wrong action: 0.5 (PTM)



14

Pervasive Trust Management ModelProbabilistic Trust Evolution

• Bayes’ theorem○ Posteriori probabilities

• Probabilities for binary events: Beta density function○ Assign belief degrees between 0 and 1

• Risk model

)H(P)a(P)a|H(P

)H|a(Pact

iiact

acti

aa

actx )X1(X)!a(!a

)!1aa()H|X(f



15

0

0,1

0,2

0,3

0,4

0,5

0,6

0,7

0,8

0,9

1

0 0,05 0,1 0,15 0,2 0,25 0,3 0,35 0,4 0,45 0,5 0,55 0,6 0,65 0,7 0,75 0,8 0,85 0,9 0,95 1

TRUST VALUE

PR

OB

AB

ILIT

Y

a

b

c

d

e

f

Pervasive Trust Management ModelProbabilistic Trust Evolution (II)

P(a+|Hact) P(a-|Hact)

a 1.000 0.000

b 0.800 0.200

c 0.750 0.250

d 0.786 0.214

e 0.579 0.421

f 0.500 0.500



16

Component-based PTM Implementation

• Prototype

• J2ME Personal Profile

• OpenSSL cryptographic API

• JNI wrappers

• XACML Sun implementation

• Extended trust, context

• PEP + PDP

• Proofs

• PDA Windows Mobile 2003

• Linux, Windows

• Available at:

http://www.it.uc3m.es/florina/ptm

http://www.it.uc3m.es/florina/ptm



17

Component-based PTM Implementation

Pervasive device

keys, certificates, trust

keys, certificates, trust

Cryptographic ProviderCryptographic Provider

CredentialsManager

CredentialsManager

CommunicationAPI

CommunicationAPI

ApplicationsApplications

AuthenticationManager

AuthenticationManager

TrustManager

TrustManager

RecommendationManager

RecommendationManager

logs, policieslogs, policiesAuthorizationManager

AuthorizationManager Context

ProviderContextProvider

MonitorMonitor



18

Conclusions & Future Work• Trust basis to establish relationships in a spontaneous

way

• Pervasive devices can interact with closed devices in a secure way, without depend on central server

• Simple pervasive trust management model○ to enhance the security architecture of pervasive devices

○ to minimize the uncertainty and take appropriate decisions

○ to allow the cooperation among closed trusted devices

• Mathematical and probabilistic model○ According to the intuitive human judgement

○ Simple calculations



19

Conclusions & Future Work (II)

• Implementation of a generic prototype

○ to demonstrate its functionality

○ Security services for applications (client/server)

• Future work

○ Integrating our model in the WCE security architecture

Trust providers

○ Analyse the performance and consumption of resources


more information at more information at http://www.it.uc3m.es/pervasivehttp://www.it.uc3m.es/pervasive


20


developing a model for trust management in pervasive devices

Documents

trust valuesinclude

trust relationships

trust properties

trust rules direct

b requests recommendations

trusted recommendations

normalized dempstershafer

communication security