1 / 16

An Ad Hoc Trust Inference Model for Flexible and Controlled Information Sharing

An Ad Hoc Trust Inference Model for Flexible and Controlled Information Sharing. Danfeng (Daphne) Yao Rutgers University, New Brunswick. Motivation: Hurricane Katrina 2005. Motivation cont’d. Flexible authorization for cross-domain information sharing

tana-guerra
Download Presentation

An Ad Hoc Trust Inference Model for Flexible and Controlled Information Sharing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Ad Hoc Trust Inference Model for Flexible and Controlled Information Sharing Danfeng (Daphne) Yao Rutgers University, New Brunswick July 14th SAM 2008 Las Vegas, NV

  2. Motivation: Hurricane Katrina 2005

  3. Motivation cont’d • Flexible authorization for cross-domain information sharing • Traditional access control models are too strict • Motivating scenario: inadequate crisis communication among FEMA & Coast Guard after Hurricane Katrina • Need to efficiently share and utilize data generated in pervasive computing environments • Sensor data, location, etc • Challenge: there is no central authority in this decentralized environment • How does the resource owner adaptively makes access control decisions in response to emergency situations?

  4. Decentralized trust management • Digital identity and certificate • Most of existing trust management models only work for static access control policies • Policies are pre-defined and not adaptive to contexts • Models cannot handle crisis and emergency situations • Our approach: ad hoc trust inference • Allow the requester to specify emergency level • Use fuzzy logic to integrate user information Is Bob qualified to access DB? Request for access Bob’s credential Policies Hospital University Bob

  5. Broader implication of dynamic authorization 0 1 Deny Allow Useful for flexible information sharing in mission-critical systems [JASON Report 04] studied the need for broader access model

  6. Our idea: multimodal authorization Authorization decisions are made based on multiple factors including the identity, history, environment associated with a request. A requester is given multiple chances of proving trustworthiness, instead of a type of criteria.

  7. Our ad hoc trust inference model • We introduce attribute urgency level that is to be specified by the requester • Urgency level defines how urgent a requester needs the information • This attribute is self-claimed by the requester, e.g., urgency level = very high • Three attribute types: identity type, history type, and environment type • We develop a mechanism that combines various attribute values and outputs a numeric trustworthiness score for the requester • Our design integrates an audit component in trust inference

  8. Input attributes in our trust model How does the resource owner combine these attribute values and obtain the trustworthiness of a requester?

  9. Advantages of ad hoc trust inference with fuzzy logic • Access policies are intrinsically flexible • Supports continuous access decisions • More flexible than binary access verdicts • Access rules are intuitive to define • Rules are individually defined for each attribute • Can handle incomplete and imprecise inputs • In decentralized environments, resource owners usually do not have complete and precise inputs

  10. An example of membership function and degrees of membership in fuzzy logic Earliness(time) = { 1, IF time ≤ 1200, (2000−time) / 800, IF 1200 < time ≤ 2000, 0, IF time > 2000 }

  11. Trust inference steps • Define attributes from which trustworthiness may be inferred • Define the fuzzy variables associated with each attribute • For each fuzzy variable, define a membership function • Define the output membership function for the output variable (i.e., degrees of trustworthiness) • Define fuzzy rules to specify the logic used to infer the trustworthiness score from attributes

  12. Example • Bob from FEMA needs to access US Coast Guard (USCG) database for a rescue task • Bob has a FEMA credential • Urgency level = very high • USCG has prior interactions with FEMA • Affiliation score = high • History = very high • USCG has also defined fuzzy membership functions and fuzzy rules • Ad hoc trust inference computation produces a trustworthiness score for Bob’s request • E.g., trustworthiness = very high Note that the actual inference is done on crisp inputs and outputs a crisp trust score. Please refer to the paper for detailed computation.

  13. Architecture

  14. Audit • Urgency level is self-claimed by the requester and may be inaccurate • Audit process identifies cheating users • A dishonest user may always claim high urgency level • Audit process selectively examines and verifies the urgency levels associated past requesters • Dishonest user and organization will have lower trustworthiness in the future transactions • Lower affiliation score • Lower history score

  15. Conclusions and Future work • Conclusions • Crisis information sharing requires flexible trust inference mechanism • We have presented an ad hoc trust inference framework that allows user-specified context input • Future work • To automate audit mechanism by analyzing public and sensory information • To apply ad hoc trust inference mechanism to manage trust in Web 2.0 applications

  16. Acknowledgements • Professor James Garnett, Rutgers University Department of Public Policy and Administration • Funding: Rutgers University Computing Coordination Council (CCC) Pervasive Computing Initiative Grant

More Related