Advertisement

A Causality-Based Model for Describing the Trustworthiness of a Computing Device

  • Jiun Yi YapEmail author
  • Allan Tomlinson
Conference paper
  • 311 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9565)

Abstract

The ability to describe the trustworthiness of a computing device is an important part of the process to establish end-to-end trust. With the understanding that the trustworthiness of a computing device relies on its capabilities, we report on and contribute a novel causality-based model. This causality-based model represents information about the dependencies between trust notions, capabilities, computing mechanisms and their configurations. In this work, the concept of causality within the model is defined first. This involves detailing the semantic meaning of the terms used in the model. A pictorial representation is then developed to show the causal dependencies as a graph. This step specifies the vertices and edges used in the causal graph. To implement the causality-based model, the causal graph was translated into an eXtensible Markup Language schema and added to the Metadata Access Point database server of the Trusted Network Connect open architecture. Finally, the trust assessment of the causal graph is explained.

References

  1. 1.
    National Cyber Leap Year Summit 2009 Report. https://www.nitrd.gov/
  2. 2.
    Grawrock, D., Vishik, C., Rajan, A., Ramming, C., Walker, J.: Defining trust evidence: research directions. In: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, p. 66, ACM (2011)Google Scholar
  3. 3.
    Stoneburner, G.: Underlying Technical Models for Information Technology Security. Recommendations of the National Institute of Standards and Technology, December 2001Google Scholar
  4. 4.
    Pearl, J.: Causality. Cambridge University Press, New York (2009)CrossRefzbMATHGoogle Scholar
  5. 5.
    Lewis, D.: Causation. J. Philos. 70(17), 556–567 (1973)CrossRefGoogle Scholar
  6. 6.
    Halpern, J.Y., Pearl, J.: Causes and explanations: a structural-model approach. part I: causes. Br. J. Philos. Sci. 56(4), 843–887 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Trusted Computing Group. TNC Architecture for Interoperability. Specification Version 1.5. Revision 4, 7 May 2012Google Scholar
  8. 8.
    Trusted Computing Group. TNC IF-MAP Metadata for Network Security. Specification Version 1.1. Revision 9, 7 May 2012Google Scholar
  9. 9.
    Trusted Computing Group. IF-MAP Metadata for ICS Security. Specification Version 1.0. Revision 46, 15 September 2014Google Scholar
  10. 10.
    Will, A., Challener, D.: A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security. Apress, New York (2015)Google Scholar
  11. 11.
    National Institute of Standards and Technology. National Vulnerability Database. Common Platform Enumeration. https://nvd.nist.gov/cpe.cfm
  12. 12.
    National Institute of Standards and Technology. National Vulnerability Database. Common Configuration Enumeration. https://nvd.nist.gov/cce/
  13. 13.
    University of Applied Sciences and Arts, Hochschule Hannover. Faculty IV, Department of Computer Science. http://trust.f4.hs-hannover.de/
  14. 14.
    Kim, A., Luo, J., Kang, M.: Security ontology for annotating resources. In: Meersman, R. (ed.) OTM 2005. LNCS, vol. 3761, pp. 1483–1499. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  15. 15.
    Yap, J.Y., Tomlinson, A.: A socio-technical study on user centered trust notions and their correlation to stake in practical information technology scenarios. In: Proceedings of the 6th ASE International Conference on Privacy, Security and Trust, 14–16 December 2014Google Scholar
  16. 16.
    Rivest, R.L.: Learning decision lists. Mach. Learn. 2(3), 229–246 (1987)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Information Security Group, Royal HollowayUniversity of LondonEghamUK

Personalised recommendations