Abstract
There have been a number of proposals for trust and reputation-based systems. Some have been implemented, some have been analysed only by simulation. In this paper we first present a general architecture for a trust-based system, placing special emphasis on the management of context information. We investigate the effectiveness of our architecture by simulating distributed attacks on a network that uses trust/ reputation as a basis for access control decisions.
The research is supported by the EU project SECURE (Secure Environments for Collaboration among Ubiquitous Roaming Entities), IST-2001-32486.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abdul-Rahman, A., Hailes, S.: Using recommendations for managing trust in distributed systems. In: IEEE Malaysia International Conference on Communication 1997 (MICC 1997). IEEE, Los Alamitos (1997)
Abdul-Rahman, A., Hailes, S.: Supporting trust in virtual communities. In: Hawaii International Conference on System Sciences 33, pp. 1769–1777 (2000)
Bacon, J., Moody, K., Yao, W.: Access control and trust in the use of widely distributed services. In: Guerraoui, R. (ed.) Middleware 2001. LNCS, vol. 2218, pp. 295–310. Springer, Heidelberg (2001)
Jøsang, A., Daniel, M., Vannoorenberghe, P.: Strategies for combining conflicting dogmatic beliefs. In: Proc. of the 6th International Conference on Information Fusion, pp. 1133–1140 (2003)
RTD Proposal - SECURE: Secure Environments for Collaboration among Ubiquitous Roaming Entities (IST-2001-32486)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proc. of The IEEE Symposium on Security and Privacy, AT&T, pp. 164–173 (1996)
Blaze, M., Feigenbaum, J., Keromytis, A.D.: The role of trust management in distributed systems security. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 185–210. Springer, Heidelberg (1999)
English, C., Terzis, S., Wagealla, W., Lowe, H., Nixon, P., McGettrick, A.: Trust dynamics in collaborative global computing. In: IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), pp. 283–290 (2003)
Shand, B., Dimmock, N., Bacon, J.: Trust for Ubiquitous, Transparent Collaboration. Special issue: Pervasive computing and communications 10, 711–721 (2004)
Cahill, V., et al.: Using trust for secure collaboration in uncertain environments. IEEE Pervasive Computing Magazine 2, 52–61 (2003)
Kinateder, M., Pearson, S.: A privacy-enhanced peer-to-peer reputation system. In: Bauknecht, K., Tjoa, A.M., Quirchmayr, G. (eds.) EC-Web 2003. LNCS, vol. 2738, pp. 206–215. Springer, Heidelberg (2003)
Jøsang, A.: A logic for uncertain probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 9, 279–311 (2001)
Twigg, A., Dimmock, N.: Attack-resistance of computational trust models. In: IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 275–280 (2003)
Weeks, S.: Understanding trust management systems. In: IEEE Symposium on Security and Privacy, pp. 94–105 (2001)
Winsborough, W.H., Li, N.: Towards practical automated trust negotiation. In: Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks (Policy 2002), pp. 92–103. IEEE Computer Society Press, Los Alamitos (2002)
Lane, T., Brodley, C.: Temporal sequence learning and data reduction for anomaly detection. In: Proceedings of the 5th ACM conference on Computer and communications security, pp. 150–158. ACM Press, New York (1998)
Lee, W., Stolfo, S.: A framework for constructing features and models for intrusion detection systems. ACM Transactions on Information and System Security 3, 227–261 (2000)
Douceur, J.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)
Harmer, P.K., Williams, P.D., Gunsch, G.H., Lamont, G.B.: An artificial immune system architecture for computer security applications. IEEE Transactions on Evolutionary Computation 6, 252–280 (2002)
Cvrček, D.: Dynamics of reputation. In: Proc. of the Ninth Nordic Workshop on Secure IT Systems, Publications in Telecommunications Software and Multimedia, Helsinki, Finland, Helsinki University of Technology, pp. 1–7 (2004)
Jøsang, A.: The consensus operator for combining beliefs. Artificial Intelligence Journal 141, 157–170 (2002)
Bracewell, R.: The Impulse Symbol. In: The Fourier Transform and Its Applications, pp. 69–97. McGraw-Hill, New York (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cvrček, D., Moody, K. (2005). Combining Trust and Risk to Reduce the Cost of Attacks. In: Herrmann, P., Issarny, V., Shiu, S. (eds) Trust Management. iTrust 2005. Lecture Notes in Computer Science, vol 3477. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11429760_26
Download citation
DOI: https://doi.org/10.1007/11429760_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26042-4
Online ISBN: 978-3-540-32040-1
eBook Packages: Computer ScienceComputer Science (R0)