ubicomp research lab (mscs.mu/~ubicomp)
DESCRIPTION
Ubicomp Research Lab (www.mscs.mu.edu/~ubicomp) Department of Mathematics, Statistics and Computer Science Marquette University, Milwaukee, Wisconsin. - PowerPoint PPT PresentationTRANSCRIPT
1
Service Sharing with Trust in Pervasive Environment: Now it’s Time to Break the
Jinx
Sheikh I. Ahamed, Munirul M. Haque and Nilothpal Talukder
Ubicomp Research LabUbicomp Research Lab(www.mscs.mu.edu/~ubicomp)(www.mscs.mu.edu/~ubicomp)
Department of Mathematics, Statistics Department of Mathematics, Statistics and Computer Scienceand Computer Science
Marquette University, Milwaukee, Marquette University, Milwaukee, WisconsinWisconsin
2
Outline
• Introduction and background• Motivation• Trust model• Evaluation• Conclusion• Future work
3
– The number of handheld users will reach 2.6 billion this year and 4 billion by 2010 •portable low-cost lightweight devices and
emergent short range, and low power wireless communication networks
– In USA, seniors over age 65 whose numbers are expected to hit 70 million by 2030, almost doubling from 35 million in 2000
Introduction and background
4
Pervasive Computing• What it means
– Pervasive computing is the computation that’s freely available everywhere
• Goals of it– Integrate computing and communications
with the surrounding physical environment – Make computing and communication
transparent to the users
5
Pervasive Computing Environment
Server
Workstation
Data
PDA
Laptop
Laptop
PDALaptop
Computer
PDA
Database
PDA
PDA
LaptopLaptop
PDALaptop
Hand held computer
Computer
PDA Hand held computer
(a) Ad hoc network in pervasive environment with powerful device support
(b) Ad hoc network in pervasive environment without powerful device support
6
Motivation for trust model
• Depend on each other for resources – Poor battery power– Small memory storage– Poor computational capability
• Susceptible and vulnerable to malicious snoopers – Inter-device dependency– Common shared medium– Transitory connectivity– Absence of a fixed trust infrastructure
7
Motivation for trust model : cont.
• With which node(s) should I interact and with which I do not? – Trust models
• Responsible for establishing and managing trust relationships
• Decision-making role in resource sharing
• Request from unknown device – Decision based on recommendation– Identify malicious recommendation
8
Features of a Trust Model
• F1. Only valid nodes should be able to take part in any interaction
• F2. Only authorized nodes should get a requested service
• F3. A valid node may not be remained valid forever
Why Trust in Access Control Framework
• Consider a scenario in which node A wants to share or to get access to node B’s resources.
• The first thing B will do is to reason about the trustworthiness of A.
• B will accomplish this by analyzing accumulated data from the previous interactions or requesting some recommendations from his trusted parties in the case that A has not had any interactions with B before.
• There may also be a situation where there might not be enough information to trust, then B has to make his decision based on other variables [1].
9
Why Trust in Access Control Framework (cont.)
• Because B cannot also allow access to his resources for an indefinite amount of time, his access policies will be dynamically updated on the information based on trust over time.
• The service delivery agent running on B will consult the access control to decide on access.
• If trust values are satisfactory A is immediately provided access. The interaction will also be used to modify the existing trust status of A.
10
11
Trust Framework
• Two units– Direct Trust Unit
• Formed through direct interaction experience• Behavior model
– Evaluate the satisfaction level
– Recommended Trust Unit • Recommended trust Protocol
– Evaluate the recommendations
12
Recommended Trust• Active Recommendation
– Active recommendation is possible only from neighboring nodes,
• Passive– the node might consider all path that has hop length
>=2.
• Discrete– When a node can’t reach any path to consider it for
recommendation, it needs some way to resolve the issue. That’s what we term discrete recommendation.
13
Hop Based Recommendation Protocol (HBRP)
• a hop based recommendation protocol to determine trust values to consider a node eligible for access.
• this protocol actually includes mechanisms for active and passive recommendations.
• the maximum path length enables a node to avoid a long chain of recommendations.
• This value is reduced in each hop by 1 and the path is ignored when the field becomes 0.
14
Risk in trust: handling malicious recommendation
• Sometimes a node is in a scenario where the recommendation value contrasts the current recommendation value. It is a malicious recommendation.
• There can be two such situations. – a) When a malicious node gives a high recommendation
value for a node when the overall value is poor.– b) When a malicious node recommends a very low value
contrasting high recommendations from others. • We have adopted a statistical method (t-Estimate) to address
this issue of malicious recommendation. • Our assumption is that the number of benevolent nodes is
much larger compared to the number of malicious nodes.
15
Evaluation
• Implementation of the prototype– Operating system: WINCE– PDA: Axim X50vProcessor– Programming language: VC# .Net
Compact Framework – Mobile ad-hoc mode: IEEE 802.11b
• FTM
Screenshots of the Service sharing
application based on trust based access control
16
Usability Survey
17
Usability (Before)
0
0.5
1
1.5
2
2.5
3
3.5
4
4.5
5
Date/Time Weather Wordpad Chatsoftw are
Unzip SW Addressbook
Frequency
Access
Context Profile
Role Extent
Usability (After)
0
0.5
1
1.5
2
2.5
3
3.5
4
4.5
5
Date/Time Weather Wordpad Chatsoftw are
Unzip SW Addressbook
Frequency
Access
Context Profile
Role Extent
18
Conclusion
• We presented a trust model to fit the dynamic access control framework intended for pervasive environment.
• We used this information to optimize the accuracy of the recommendation process and the discarding of malicious devices from the network.
• The prototype of the secured service sharing application presented in the evaluation section uses this hop-based recommendation protocol.
• We have incorporated the risks involved in the different sharing scenarios
19
Future work
• As a continuous addendum to the features, this access control module will be placed in the MARKS (Middleware Adaptability for resource Discovery, Knowledge Usability, and Self Healing) middleware.
• Apart from security issues in service sharing, our future research lies with privacy issues that may arise due to context-awareness of applications in the pervasive environment