B-trust: Bayesian Trust Framework for Pervasive Computing

1. Daniele Quercia, • Stephen Hailes, • Licia Capra. • CS department • University College London • {d.quercia}@cs.ucl.ac.uk B-trust: Bayesian Trust Framework for Pervasive Computing iTrust 2006 May 2006

2. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing Outline Work done on problem ‘px decides whether to rely on py’ px identifies py px forms its trust in py px decides whether to rely on py px evolves its trust in py px uses B-trust 2 iTrust 2006

3. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing Problem: px decides whether to rely on py ? px py 1. Identification (px identifies py) 2. Trust Formation (px locally gathers reputation info about py) 3. Trust Decision 4. Trust Evolution (px decides whether to rely on py) (px updates its trust assessments in py) 3 iTrust 2006

4. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing Work done to solve the problem 1. Identification Seigneur & Jensen [15]: use of disposable pseudonyms 2. Trust Formation CONFIDANT[4]: binary metric 4. Trust Evolution 3. Trust Decision Risk-aware: SECURE project [6] Abdul-Rahmal: recommendations Carbone [5]: policy language Liu & Issarny[9]: attack robust 4 iTrust 2006

5. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing px identifies py px anonymously identifies py  ID is anonymous (eg, public key)  Sybil-attacks !  ID is anonymous and certified  Distributed certification We proposed TATA [12]: blind threshold signature of public keys 5 iTrust 2006

6. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing px forms its trust in py px locally gathers reputation data about py • Local data structure • Minimize storage & communication overhead • Contain reputation data of… • … Direct trust (DT) & • … Recommended trust (RT) 6 iTrust 2006

7. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing Tuples to form trust • Let ( DTx,y = l1 ) be the event • px’s direct trust in py is level l1, • where l1=‘very untrustworthy’ • In general, you have n different levels: • l1=‘very untrustworthy’, …, ln=‘very trustworthy’ • px determines probabilities of events, e.g., p(DTx,y=l1)=0.8 7 iTrust 2006

8. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing Tuples to form trust(example) • IF • n=4 • p(DTx,y=l1)= 0.8 , p(DTx,y=l2)= 0.2, p(DTx,y=l3)= 0, p(DTx,y=l4)= 0 • THEN • px’s direct trust in py is a tuple: (0.8, 0.2, 0, 0) 8 iTrust 2006

9. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing pxdecides whether to rely on py px uses a risk-aware decision model. It … … lists actions (e.g., rely on py, don’t rely on py) and corresponding risks (e.g., py doesn’t cooperate, py cooperates) … assigns utility values to all actions (depending on its trust in py) … chooses the action with highest utility 9 iTrust 2006

10. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing px evolves its trust inpy When? After… … new direct experiences with py (direct trust); … recommendations about py (recommended trust); … some time. 10 iTrust 2006

11. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing px evolves its trust inpy How? px updates its direct trust after a ‘very untrustworthy’ (l1) direct experience (DE), i.e., DE=l1: pt(DT=li)p(DE=l1 | DT=li) p(t-1)(DT=li) new  “reliability” old ( reliability of DT=li in predicting DE=l1) 11 iTrust 2006

12. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing px evolves its trust inpy px evolvesits recommended trust weighting similar recommendations more (filtering out extreme ones). Why? Avoid collusion for… … bad mouthing (- recommendations) … ballot stuffing (+ recommendations) Limitation: #fake recommendations < #good ones If not, don’t combine direct trust with recommended trust 12 iTrust 2006

13. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing px evolves its trust inpy • px evolvesboth recommended and direct trust over time. • How? • No updates of d=(0.8, 0.2, 0, 0). • t : d  (0.25, 0.25, 0.25, 0.25) Bootstrapping tuple 13 iTrust 2006

14. Daniele Quercia When using B-trust, px successfully sent . 67% of the packets on average (if n=2), . 84% (if n=4), in contrast to 42% when using random selection. B-trust: Bayesian Trust Framework for Pervasive Computing px uses B-trust (trust metric) 100% fm m 70% px b 30% fb 15% 14 iTrust 2006

15. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing px uses B-trust (factors) The impact on the average fraction of successfully sent packets of: (i) the change of trust metric (factor A); (ii) whether the trust framework is used (factor B); (iii) the combination of both (factor AB). 15 iTrust 2006

16. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing px uses B-trust (load) 100% fm m 70% px b 30% fb 15% b 30% 16 iTrust 2006

17. Daniele Quercia B-trust: Bayesian Trust Framework for Pervasive Computing Conclusion 1. Identification TATA [12]: blind signature certification 2. Trust Formation fine-grained metric & lightweight 4. Trust Evolution 3. Trust Decision risk-aware decision module Bayesian evolution based on experiences and recommendations; attack robust Future work: Trust bootstrapping 17 iTrust 2006