As the scope of current distributed computing model envisioned by the contemporary cloud computing environment enlarges to future federated Intercloud and ubiquitous & pervasive computing models such as Internet of Things (IoT), many difficult problems and challenges arise. Security is one of the most important and paramount concerns of such a computing environment. Current security mechanisms are very static, inflexible and not granular enough to make efficient and informed decisions in the Service Provider based computing environment. The conventional trust mechanisms in place are inadequate at addressing granular level trust issues in the highly distributed open environments. In this paper, we explore various Trust Management schemes and blueprints for enabling a framework that interested parties can use to determine the trustworthiness of disparate and heterogeneous computing entities. The paper also enumerates various business use case scenarios articulating how such a Trust Management framework would be highly invaluable for addressing the current as well as future computing environments needs.
WSO2's API Vision: Unifying Control, Empowering Developers
Trust blueprints icds 2014
1. Technical background on the
“ Blueprints and
Use Cases” - ICDS 2014
Dr. George Vaněček, Jr.
(FICO, San Jose, CA, USA)
Deepak Vij, Ishita Majumdar, Naveen Dhar
(FutureWei Technologies, Santa Clara, CA, USA)
The Eighth International Conference on Digital Societies
ICDS 2014, Barcelona Spain
2. Trust?
Trust is one of humanity’s most explicit and intrinsic social
cognitions, yet within the digital world its mostly static, over
simplified and generally not negotiable!?
Trust is the extent to which a trustor is willing to depend
on something or someone (a trustee) in a given situation,
even though negative consequences are possible.
! ?
3. The Untrustworthy Internet?
“Billions of people around the world do not trust the
Internet”,
- claims European Commission vice-president Neelie Kroes.
“The future of internet was based on trust…Trust can
never again be taken for granted.”
- March 2014, BBC
• 98% of Americans distrust the Internet
• 56% fear on-line information is outdated
• 53% feel the information is self-promotional
• 45% feel unfamiliar with the sources
- Harris Interactive MRF, 2012
5. Rising Problem for Enterprises
People and organizations will need to adopt a more
flexible access policy to remain competitive yet open.
A company wants
to enable employee
and guest access
from anywhere at
anytime, but also
meet compliance
reviews and protect
company data.
An employee wants
access to corporate
data and services
anytime, anywhere
(multiple employers
or public sites) on
any devices while
protecting his/her
privacy.
! !
By 2014, 80% of mobile professionals will use at least two
personal devices to access corporate systems and data.
A device needs to
know who and what to
trust when, where, and
why.
?
6. Internet and IoT Security Models need to
adopt to new Trust Management Systems
Most of today’s security infrastructure is static and
perimeter-centric with policies that are restrictive and
insular.
This is no longer sufficient in an environment that is
highly dynamic, multi-sourced and virtualized, and where
consumer-oriented IT is increasingly used in lieu of
enterprise-owed, provisioned systems.
7. Trust Management System Overview
A Logical Trust Network maintains entities and trust
relationships between those entities
Trust values for a trustee are determined from the combined
scores of a trustor’s
1. Evidence: trust values based on directly scoring of tracked
evidence
2. Reputation: trust value based on indirect recommendations.
The Logical Trust Network is redundantly distributed over a
topology of
1. Trust Agents: decentralized set of peers in a P2P topology
2. Trust Brokers: a centralized 3rd-party set of trust brokers
Where an entity and its adjacent relationship may appear
differently in more than one agent or broker.
8. Current vs. Trust-based Interactions
Users
Public
Devices
Personal
Devices
Organizations
Service and Content
Providers
Trust
Relationship
Trust
Index
Client Server
Req.
Resp.
Trust? Trustee
Req.
Truster
Logical Trust
Network
IdP
Authentication and Authorization
Based on Membership
Auth
?
?
ye
s
ye
s
Resp.
Auth
IdP
Today
9. Logical Trust Network
A digraph of nodes (i.e., entities)
and directed edges (e.g.,
relationships), where
An entity is any person, place or
thing with a distinct existence that
needs to trust or be trusted by
other entities.
Users
Public
Devices
Personal
Devices
Organizations
Service and Content
Providers
Trust
Relationship
Trust
Index
Entities need not have unique identities; in their absence,
their identities may be probabilistically resolved from their
attributes.
Entities are contextually structured, and relationships are
granularly scored…
10. Trust needs to differentiate an entity by its
context(s) that change with time
Father
Consultant Employee
Teacher
Tourist
Moto
Hobbyist
Volunteer
Entity
Cijk
• Entity i
• Context j
• Version k
t
11. Entity Contexts change/are-created over Time
by Events
Entity’s Current Contexts
Versioning from C000 to C001
Contextual Events Cause
Context Evolution, e.g.,
Branching from C000 to C010
12. Describing Entities and their Contexts
A context is a set of unique attributes
{(n0,v0,r0), …}
An attribute is a tuple of n-name, v-value, r-unique attribute identifier,
e.g., (“Name.Last”, “Smith”, “org:w3c:etc:context:…:name”)
Attributes represent entities characteristics, configurations,
scenarios, locations, times, roles, etc.
Contexts are immutable. They may change or split. Their changes
represent subsequent contexts in the entity’s context tree.
Entities are defined as the collection of their contexts at any given
time t, e.g., e0t = (C011, C020, C030).
Situations differentiate contexts…
14. Trust Relationships
Connect Contexts
Edges in the Logical Trust Network represent direct trust
relationships.
Indirect and derived relationships may be temporarily
cached for auditing and verification but typically not
persisted permanently.
Trustor contexts needs evidence (e.g., mutable performance
profile) to prove trustworthiness
15. Trust Relationships
A trust relationship R is defined as a set of
scoring attributes
R(Ci, Cj) = {a0, …, am}
from Context Ci of Entity i to the Context Cj of
Entity j where a scoring attribute
an = (n, α, r, sn)
holds a score value 0≤α≤1 defined by a scoring
function over the jth evidence Dj
Sn(Dj) = α
An example is
(“gradRatio”, 0.87, “org:shool:…:gradRatio”,
graduated/enrolled)
Ci
Cj Dj
Trustor
Trustee
R(Ci, Cj )
16. Closer look at the Logical Trust Network
Time
Entity
Now
Trust
Broker
Truster
Trustee
Entity
Current
Contexts
Relationship
Evidence
Scores
Situation
Context
Determination
17. Trust Belief Policy
A believe policy B is defined as a set of belief attributes qn
that reference score attributes as
B = { qn | qn = (n, β) }
where n is the name of a score attribute, and β is a score
threshold 0 ≤ β ≤ 1 and
∨qn c B, an c R
e.g., (“GradRatio”, 0.85)
I trust until trust is broken
I distrust until trust is earned
18. Boolean Trust for an Explicit Relationship
Trust questions must be answered as “yes” or “no”.
Given a trust relationship R and a belief policy B, R
represents trust based on direct evidence only if
Combining evidence-based trust with jth reputation, Uj,
yields
Other trust determination functions can be formulated
from the Logical Trust Network model…
Score
Expected score threshold
19. Open Problems
• Do we need a new identity ecosystem for all people, places
and things to manage trust on the Internet?
E.g., National Strategy for Trusted Identities in Cyberspace
(NSTIC)
• Need algorithms to maintain and create entities’ contexts
• How do trust brokers collect evidence?
• Need tools for trustors to maintain their beliefs and
relationships.
• Need to define a general and extensible taxonomy for attribute
names?
• How do we define and share scoring functions?
• How do we secure the Logical Trust Network?
• How do we protect entity’s privacy while allowing sharing?
20. Summary
I. A generalized trust management system is needed to
address current aging security and privacy issues.
II. The evolution of IT into ICT and hybrid enterprise/public
services needs trust.
III. The digital world can no longer ignore trust.
IV. Its time for the computer science and security
communities to formalize and deploy a trust system in the
future Internet.