The Experts below are selected from a list of 104601 Experts worldwide ranked by ideXlab platform
Vijay Varadharajan - One of the best experts on this subject based on the ideXlab platform.
-
ICWS - Trust Management for Web Services
2008 IEEE International Conference on Web Services, 2008Co-Authors: Weiliang Zhao, Vijay VaradharajanAbstract:In this paper, we propose a comprehensive Trust Management approach for Web services that covers the analysis/modelling of Trust relationships and the development of Trust Management layer in a consistent manner. The specific characteristics of Trust relationships in Web services are discussed. We introduce a separated Trust Management layer for Web services that can hold computing components for Trust Management tasks. A Trust Management architecture for Web services is proposed for building up the Trust Management layer. The proposed Trust Management architecture for Web services deals with Trust requirements, Trust evaluation, and Trust consumption in Web services under a unified umbrella and it provides a solid foundation upon which may evolve the Trust Management layer for Web services.
-
SecureComm - A Unified Framework for Trust Management
2006 Securecomm and Workshops, 2006Co-Authors: Weiliang Zhao, Vijay Varadharajan, George BryanAbstract:In this paper, we propose a unified framework for Trust Management that can cover a broad variety of Trust mechanisms including reputations, credentials, local data and environment parameters. The proposed Trust Management framework will leverage established standards and it covers a broad variety of situations in different environments. This framework can provide utilizing and enabling tools for Trust Management. Under this framework, different Trust mechanisms can be assembled together when multiple mechanisms of Trust are necessary. Here, we refer to our Trust Management system as TrustEngine. TrustEngine follows the initial ideas of PolicyMaker to separate generic mechanisms of Trust Management from application-specific policies which are defined by each application. TrustEngine has a generic set of functions, interfaces, and data storage for Trust Management in distributed environments. TrustEngine is an open system and it can easily include new Trust components. We describe the architecture and implementation details of TrustEngine. We provide an application scenario to illustrate the usage of TrustEngine in the real world. We believe that the development of Trust Management in real applications can be automated to substantially higher level based on our proposed framework.
Jie Zhang - One of the best experts on this subject based on the ideXlab platform.
-
towards robust and effective Trust Management for security a survey
Trust Security And Privacy In Computing And Communications, 2014Co-Authors: Dongxia Wang, Tim Muller, Yang Liu, Jie ZhangAbstract:There is a need for robust and effective Trust Management. Different security problems result in different requirements to the design of Trust Management, and the existing attacks in Trust Management for security are yet to be solved. In this paper, we first propose a framework to classify desired properties of Trust Management for each type of security problems. We then investigate typical representative attacks and existing solutions in Trust Management for security. By considering both these security properties and attacks on Trust Management systems, our work serves to propel the design of more effective and robust Trust Management systems for security.
-
TrustCom - Towards Robust and Effective Trust Management for Security: A Survey
2014 IEEE 13th International Conference on Trust Security and Privacy in Computing and Communications, 2014Co-Authors: Dongxia Wang, Tim Muller, Yang Liu, Jie ZhangAbstract:There is a need for robust and effective Trust Management. Different security problems result in different requirements to the design of Trust Management, and the existing attacks in Trust Management for security are yet to be solved. In this paper, we first propose a framework to classify desired properties of Trust Management for each type of security problems. We then investigate typical representative attacks and existing solutions in Trust Management for security. By considering both these security properties and attacks on Trust Management systems, our work serves to propel the design of more effective and robust Trust Management systems for security.
-
A survey on Trust Management for VANETs
Proceedings - International Conference on Advanced Information Networking and Applications AINA, 2011Co-Authors: Jie ZhangAbstract:There is an urgent need of effective Trust Management for vehicular ad-hoc networks (VANETs), given the dire consequences of acting on false information sent out by malicious peers in this context. In this paper, we first discuss the challenges for Trust Management caused by the important characteristics of VANET environments. We then survey existing Trust models in multi-agent systems, mobile ad-hoc networks (MANETs) and VANETs, and point out their key issues. Based on these studies, we suggest desired properties towards effective Trust Management in VANETs, setting up clear goals for researchers in this area.
-
AINA - A Survey on Trust Management for VANETs
2011 IEEE International Conference on Advanced Information Networking and Applications, 2011Co-Authors: Jie ZhangAbstract:There is an urgent need of effective Trust Management for vehicular ad-hoc networks (VANETs), given the dire consequences of acting on false information sent out by malicious peers in this context. In this paper, we first discuss the challenges for Trust Management caused by the important characteristics of VANET environments. We then survey existing Trust models in multi-agent systems, mobile ad-hoc networks (MANETs) and VANETs, and point out their key issues. Based on these studies, we suggest desired properties towards effective Trust Management in VANETs, setting up clear goals for researchers in this area.
Theo Dimitrakos - One of the best experts on this subject based on the ideXlab platform.
-
A service-oriented Trust Management framework
Lecture Notes in Computer Science, 2003Co-Authors: Theo DimitrakosAbstract:In this paper we present and analyse a service-oriented Trust Management framework based on the integration of role-based modelling and risk assessment in order to support Trust Management solutions. We also survey recent definitions of Trust and subsequently introduce a service-oriented definition of Trust, and analyse some general properties of Trust in e-services, emphasising properties underpinning the propagation and transferability of Trust.
Matt Blaze - One of the best experts on this subject based on the ideXlab platform.
-
Dynamic Trust Management
Computer, 2009Co-Authors: Matt Blaze, Angelos D. Keromytis, Sampath Kannan, Insup Lee, Oleg Sokolsky, Jonathan M. Smith, Wenke LeeAbstract:We continue to investigate the use of Trust Management techniques to specify dynamic policies in complex integrated service-oriented networks. For this work, we use the DoD GIG's service-oriented architecture as a focal point. In this research's initial phase, we are developing prototype dynamic Trust Management policy services for a service-oriented architecture. In our research's next phase, we will develop and analyze policies with properties that maintain strict separation between services while allowing exceptions. Finally, we are developing improved Trust Management languages and systems that more explicitly support dynamic policies in service-oriented architectures, based on the semantic and performance experiences gained in the research's first phases. Our focus will be twofold. First, we will explore adding Trust-Management language features that better support dynamic policies, based both on our experiences in the initial research and on the GIG's specific requirements. Second, we will conduct experiments to measure the performance implications of incorporating the Trust Management layer in the various layers of such systems. A significant open research question is whether Trust Management is architecturally best implemented as a low-level operating system service, an application-layer service, or somewhere in between.
-
EUROSEC - QuanTM: a quantitative Trust Management system
Proceedings of the Second European Workshop on System Security - EUROSEC '09, 2009Co-Authors: Andrew G. West, Matt Blaze, Sampath Kannan, Insup Lee, Jonathan M. Smith, Adam J. Aviv, Jian Chang, Vinayak S. Prabhu, Oleg SokolskyAbstract:Quantitative Trust Management (QTM) provides a dynamic interpretation of authorization policies for access control decisions based on upon evolving reputations of the entities involved. QuanTM, a QTM system, selectively combines elements from Trust Management and reputation Management to create a novel method for policy evaluation. Trust Management, while effective in managing access with delegated credentials (as in PolicyMaker and KeyNote), needs greater flexibility in handling situations of partial Trust. Reputation Management provides a means to quantify Trust, but lacks delegation and policy enforcement. This paper reports on QuanTM's design decisions and novel policy evaluation procedure. A representation of quantified Trust relationships, the Trust dependency graph, and a sample QuanTM application specific to the KeyNote Trust Management language, are also proposed.
-
Trust Management for IPsec
ACM Transactions on Information and System Security, 2002Co-Authors: Matt Blaze, John Ioannidis, Angelos D. KeromytisAbstract:{IPsec} is the standard suite of protocols for network-layer confidentiality\nand authentication of Internet traffic. The {IPsec} protocols, however,\ndo not address the policies for how protected traffic should be handled\nat security end points. This article introduces an efficient policy\nManagement scheme for {IPsec,} based on the principles of Trust Management.\nA compliance check is added to the {IPsec} architecture that tests\npacket filters proposed when new security associations are created\nfor conformance with the local security policy, based on credentials\npresented by the peer host. Security policies and credentials can\nbe quite sophisticated (and specified in the Trust-Management language),\nwhile still allowing very efficient packet-filtering for the actual\n{IPsec} traffic. We present a practical portable implementation of\nthis design, based on the {KeyNote} Trust-Management language, that\nworks with a variety of {UNIX-based} {IPsec} implementations. Finally,\nwe discuss some applications of the enhanced {IPsec} architecture.
-
the role of Trust Management in distributed systems security
Secure Internet programming, 2001Co-Authors: Matt Blaze, John Ioannidis, Joan Feigenbaum, Angelos D. KeromytisAbstract:Existing authorization mechanisms fail to provide powerful and robust tools for handling security at the scale necessary for today's Internet. These mechanisms are coming under increasing strain from the development and deployment of systems that increase the programmability of the Internet. Moreover, this "increased flexibility through programmability" trend seems to be accelerating with the advent of proposals such as Active Networking and Mobile Agents. The Trust-Management approach to distributed-system security was developed as an answer to the inadequacy of traditional authorization mechanisms. Trust-Management engines avoid the need to resolve "identities" in an authorization decision. Instead, they express privileges and restrictions in a programming language. This allows for increased flexibility and expressibility, as well as standardization of modern, scalable security mechanisms. Further advantages of the Trust-Management approach include proofs that requested transactions comply with local policies and system architectures that encourage developers and administrators to consider an application's security policy carefully and specify it explicitly. In this paper, we examine existing authorization mechanisms and their inadequacies. We introduce the concept of Trust Management, explain its basic principles, and describe some existing Trust-Management engines, including PoHcyMaker and KeyNote. We also report on our experience using Trust-Management engines in several distributed-system applications.
-
the keynote Trust Management system version 2
RFC, 1999Co-Authors: Matt Blaze, John Ioannidis, Joan Feigenbaum, Angelos D. KeromytisAbstract:This memo describes version 2 of the KeyNote Trust-Management system. It specifies the syntax and semantics of KeyNote `assertions', describes `action attribute' processing, and outlines the application architecture into which a KeyNote implementation can be fit. The KeyNote architecture and language are useful as building blocks for the Trust Management aspects of a variety of Internet protocols and services.
Weiliang Zhao - One of the best experts on this subject based on the ideXlab platform.
-
ICWS - Trust Management for Web Services
2008 IEEE International Conference on Web Services, 2008Co-Authors: Weiliang Zhao, Vijay VaradharajanAbstract:In this paper, we propose a comprehensive Trust Management approach for Web services that covers the analysis/modelling of Trust relationships and the development of Trust Management layer in a consistent manner. The specific characteristics of Trust relationships in Web services are discussed. We introduce a separated Trust Management layer for Web services that can hold computing components for Trust Management tasks. A Trust Management architecture for Web services is proposed for building up the Trust Management layer. The proposed Trust Management architecture for Web services deals with Trust requirements, Trust evaluation, and Trust consumption in Web services under a unified umbrella and it provides a solid foundation upon which may evolve the Trust Management layer for Web services.
-
SecureComm - A Unified Framework for Trust Management
2006 Securecomm and Workshops, 2006Co-Authors: Weiliang Zhao, Vijay Varadharajan, George BryanAbstract:In this paper, we propose a unified framework for Trust Management that can cover a broad variety of Trust mechanisms including reputations, credentials, local data and environment parameters. The proposed Trust Management framework will leverage established standards and it covers a broad variety of situations in different environments. This framework can provide utilizing and enabling tools for Trust Management. Under this framework, different Trust mechanisms can be assembled together when multiple mechanisms of Trust are necessary. Here, we refer to our Trust Management system as TrustEngine. TrustEngine follows the initial ideas of PolicyMaker to separate generic mechanisms of Trust Management from application-specific policies which are defined by each application. TrustEngine has a generic set of functions, interfaces, and data storage for Trust Management in distributed environments. TrustEngine is an open system and it can easily include new Trust components. We describe the architecture and implementation details of TrustEngine. We provide an application scenario to illustrate the usage of TrustEngine in the real world. We believe that the development of Trust Management in real applications can be automated to substantially higher level based on our proposed framework.
-
Towards a Trust Management Enabled Identity Metasystem
Intelligent and Knowledge-Based Computing for Business and Organizational Advancements, 1Co-Authors: Weiliang Zhao, Jian YangAbstract:Existing identity metasystems provide enabling tools to manage, select, and control of digital identities but they have not provided the support of Trust Management that should cover how Trust requirements associated with digital identities are modeled, how runtime conditions for Trust are evaluated, and how the results of Trust evaluation are consumed by systems/applications. In this paper, the authors propose an approach toward a Trust Management enabled identity metasystem that covers the analysis of Trust requirements and the development of Trust Management system in a consistent manner. The proposed Trust Management architecture extends the existing identity metasystems by introducing computing components for carrying out typical Trust Management tasks associated with digital identities. The computing components in proposed architecture provide intelligent services for these tasks. The proposed high level architecture targets the automation of the development of the Trust Management layer for digital identities.
