Skip to main content
SpringerLink
Log in

Combining Trust and Risk to Reduce the Cost of Attacks

  • Conference paper
Book cover Trust Management (iTrust 2005)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3477))

Included in the following conference series:

Abstract

There have been a number of proposals for trust and reputation-based systems. Some have been implemented, some have been analysed only by simulation. In this paper we first present a general architecture for a trust-based system, placing special emphasis on the management of context information. We investigate the effectiveness of our architecture by simulating distributed attacks on a network that uses trust/ reputation as a basis for access control decisions.

The research is supported by the EU project SECURE (Secure Environments for Collaboration among Ubiquitous Roaming Entities), IST-2001-32486.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abdul-Rahman, A., Hailes, S.: Using recommendations for managing trust in distributed systems. In: IEEE Malaysia International Conference on Communication 1997 (MICC 1997). IEEE, Los Alamitos (1997)

    Google Scholar 

  2. Abdul-Rahman, A., Hailes, S.: Supporting trust in virtual communities. In: Hawaii International Conference on System Sciences 33, pp. 1769–1777 (2000)

    Google Scholar 

  3. Bacon, J., Moody, K., Yao, W.: Access control and trust in the use of widely distributed services. In: Guerraoui, R. (ed.) Middleware 2001. LNCS, vol. 2218, pp. 295–310. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  4. Jøsang, A., Daniel, M., Vannoorenberghe, P.: Strategies for combining conflicting dogmatic beliefs. In: Proc. of the 6th International Conference on Information Fusion, pp. 1133–1140 (2003)

    Google Scholar 

  5. RTD Proposal - SECURE: Secure Environments for Collaboration among Ubiquitous Roaming Entities (IST-2001-32486)

    Google Scholar 

  6. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proc. of The IEEE Symposium on Security and Privacy, AT&T, pp. 164–173 (1996)

    Google Scholar 

  7. Blaze, M., Feigenbaum, J., Keromytis, A.D.: The role of trust management in distributed systems security. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 185–210. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  8. English, C., Terzis, S., Wagealla, W., Lowe, H., Nixon, P., McGettrick, A.: Trust dynamics in collaborative global computing. In: IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), pp. 283–290 (2003)

    Google Scholar 

  9. Shand, B., Dimmock, N., Bacon, J.: Trust for Ubiquitous, Transparent Collaboration. Special issue: Pervasive computing and communications 10, 711–721 (2004)

    Google Scholar 

  10. Cahill, V., et al.: Using trust for secure collaboration in uncertain environments. IEEE Pervasive Computing Magazine 2, 52–61 (2003)

    Article  Google Scholar 

  11. Kinateder, M., Pearson, S.: A privacy-enhanced peer-to-peer reputation system. In: Bauknecht, K., Tjoa, A.M., Quirchmayr, G. (eds.) EC-Web 2003. LNCS, vol. 2738, pp. 206–215. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Jøsang, A.: A logic for uncertain probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 9, 279–311 (2001)

    MathSciNet  Google Scholar 

  13. Twigg, A., Dimmock, N.: Attack-resistance of computational trust models. In: IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 275–280 (2003)

    Google Scholar 

  14. Weeks, S.: Understanding trust management systems. In: IEEE Symposium on Security and Privacy, pp. 94–105 (2001)

    Google Scholar 

  15. Winsborough, W.H., Li, N.: Towards practical automated trust negotiation. In: Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks (Policy 2002), pp. 92–103. IEEE Computer Society Press, Los Alamitos (2002)

    Chapter  Google Scholar 

  16. Lane, T., Brodley, C.: Temporal sequence learning and data reduction for anomaly detection. In: Proceedings of the 5th ACM conference on Computer and communications security, pp. 150–158. ACM Press, New York (1998)

    Chapter  Google Scholar 

  17. Lee, W., Stolfo, S.: A framework for constructing features and models for intrusion detection systems. ACM Transactions on Information and System Security 3, 227–261 (2000)

    Article  Google Scholar 

  18. Douceur, J.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  19. Harmer, P.K., Williams, P.D., Gunsch, G.H., Lamont, G.B.: An artificial immune system architecture for computer security applications. IEEE Transactions on Evolutionary Computation 6, 252–280 (2002)

    Article  Google Scholar 

  20. Cvrček, D.: Dynamics of reputation. In: Proc. of the Ninth Nordic Workshop on Secure IT Systems, Publications in Telecommunications Software and Multimedia, Helsinki, Finland, Helsinki University of Technology, pp. 1–7 (2004)

    Google Scholar 

  21. Jøsang, A.: The consensus operator for combining beliefs. Artificial Intelligence Journal 141, 157–170 (2002)

    Article  Google Scholar 

  22. Bracewell, R.: The Impulse Symbol. In: The Fourier Transform and Its Applications, pp. 69–97. McGraw-Hill, New York (1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Laboratory, University of Cambridge, 15 JJ Thomson Avenue, Cambridge, CB3 0FD, United Kingdom

    Daniel Cvrček & Ken Moody

Authors
  1. Daniel Cvrček
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ken Moody
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Telematics, Norwegian University of Science and Technology (NTNU), N-7491, Trondheim, Norway

    Peter Herrmann

  2. INRIA-Rocquencourt, Domaine de Voluceau, 78153, Le Chesnay, France

    Valérie Issarny

  3. Department of Computing, The Hong Kong Polytechnic University, HungHom, Kowloon, Hong Kong

    Simon Shiu

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cvrček, D., Moody, K. (2005). Combining Trust and Risk to Reduce the Cost of Attacks. In: Herrmann, P., Issarny, V., Shiu, S. (eds) Trust Management. iTrust 2005. Lecture Notes in Computer Science, vol 3477. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11429760_26

Download citation

  • DOI: https://doi.org/10.1007/11429760_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26042-4

  • Online ISBN: 978-3-540-32040-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation