Abstract
ChapterĀ 8 describes how computational trust and reputation can be utilised for selecting trustworthy software pieces in a dynamically self-organising software world. This chapter advances from static to dynamic software piece selection which is necessary since trustworthiness of software piece configurations may vary over time. In this chapter, an approach for adaptive trust management, which includes trust algorithms that automatically self-adapt depending on the application context, is described and exemplified in the domain of context-aware authentication applications.
The world constantly changes. How trust management can adapt to these changes?
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Belovin, S.M.: On the brittleness of software and the infeasibility of secure metric. IEEE Secur. Priv. 4(4), 96 (2006)
Benantar, M.: Access Control Systems: Security, Identity Management and Trust Models. Springer, Berlin (2006)
Bhatti, R., Bertino, E., Ghafoor, A.: A trust-based context-aware access control model for web-services. Distrib. Parallel Databases 18(1), 83ā105 (2005)
Bizer, C., Cyganiak, R., Gauss, T., Maresh, O.: The TriQL.P browser: filtering information using context, content and rating-based trust policies. In: Proceedings of the Semantic Web and Policy Workshop (2005)
Buchegger, S., Boudec, J.L.: A robust reputation system for P2P and mobile ad-hoc networks. In: Proceedings of the Second Workshop on the Economics of Peer-to-Peer Systems (2004)
Castro, P.: Using context to assist in multimedia object retrieval. In: First International Workshop on Multimedia Intelligent Storage and Retrieval Management (1999). citeseer.ist.psu.edu/article/castro99using.html
Chess, D.M., Palmer, C.C., White, R.S.: Security in an autonomic computing environment. IBM Syst. J. 42(1), 107ā118 (2003)
Covington, M.J., Ahamad, M., Essa, I., Venkateswaran, H.: Parameterized authentication. In: Samarati, P., Rayan, P., Gollmann, D., Molva, R. (eds.) Proc. of the 9th European Symposium on Research in Computer Security, Sophia Antipolis, France, 13ā15 September 2004. Lecture Notes in Computer Science, vol. 3193, pp. 276ā292. Springer, Berlin (2004)
Dey, A.K., Abowd, G.D.: Towards a better understanding of context and context-awareness. Tech. Rep., Georgia Institute of Technology, College of Computing (1999). http://citeseer.ist.psu.edu/context/1190105/0
Dimmock, N., Bacon, J., Ingram, D., Moody, K.: Risk models for trust-based access control(tbac). In: Trust Management. Lecture Notes in Computer Science, vol. 3477, pp. 364ā371. Springer, Berlin (2005)
Ganger, G.R.: Authentication confidences. Tech. Rep. CMU-CS-01-23, Carnegie Mellon University, School of Computer Science (2001)
Golbeck, J., Parsia, B.: Trusting claims from trusted sources: trust network based filtering of aggregated claims. In: Proceedings of the 3rd International Semantic Web Conference. LNCS, vol. 3298. Springer, Berlin (2004). http://www.mindswap.org/papers/Jen-ISWC04.pdf
Guha, R.: Open rating systems. Techn. Rep., Stanford University (2004)
Hulsebosch, R.J., Bargh, M.S., Lenzini, G., Ebben, P.W.G., Jacob, S.M.: Context sensitive adaptive authentication. In: Proc. of the 2nd European Conference on Smart Sensing and Context, Kendal, UK, 23ā25 October 2007. Lecture Notes in Computer Science, Springer, Berlin (2007, to appear)
Jain, A.K., Ross, A., Prabhakar, S.: An introduction to biometric recognition. IEEE Trans. Circuits Syst. Video Technol. 14(1), 4ā20 (2004). http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1262027
JĆøsang, A.: The right type of trust for distributed systems. In: Proceedings of the New Security Paradigms Workshop. ACM, New York (1996). http://citeseer.nj.nec.com/47043.html
JĆøsang, A.: A subjective metric of authentication. In: Quisquater, J.J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) Proc. of the 5th European Symposium on Research in Computer Security (ESORICS 98), Louvain-la-Neuve, Belgium, 16ā18 September 1998. Lecture Notes in Computer Science, vol. 1485, pp. 329ā344. Springer, Berlin (1998)
JĆøsang, A.: A logic for uncertain probabilities. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 9(3), 279ā312 (2001)
Krukow, K.: Towards a theory of trust for the global ubiquitous computer. Ph.D. thesis, Dept. of Computer Science, Univ. of Aarhus, Denmark (2006)
Lenzini, G., Hulsebosch, R.J., Bargh, M.S.: Trust-enhanced security in location-based adaptive authentication. In: Proc. of the ESORICS 3rd International Workshop on Security and Trust Management (STM 07), Dresden, Germany, 27 September 2007. Electronic Notes in Theoretical Computer Science. Elsevier, Amsterdam (2007, to appear)
Levin, T.E., Irvine, C.E., Spyropoulou, E.: Quality of Security Service: Adaptive Security. Handbook of Information Security. Threats, Vulnerabilities, Prevention, Detection and Management, vol.Ā III. Wiley, New York (2005)
Marcus, L.: Local and global requirements in an adaptive security infrastructure. In: Proc. of the Int. Workshop on Requirements High Assurance Systems (RHAS), Monterey Bay, CA, USA, 9 Sept. 2003, pp. 23ā29. Carnegie Mellon University Press, Pittsburg (2003)
Marsh, S.: Formalising trust as a computational concept. Ph.D. dissertation, University of Stirling, Department of Mathematics and Computer Science (1994). http://citeseer.nj.nec.com/marsh94formalising.html
Mezzetti, N.: A socially inspired reputation model. In: Proceedings of EuroPKI (2004)
Montanari, R., Toninelli, A., Bradshaw, J.M.: Context-based security management for multi-agent systems. In: Proc. of the 2nd IEEE Symposium on Multi-Agent Security and Survivability (MAS&S 2005), 30ā31 Aug. 2005, Philadelphia, USA, pp. 75ā84. IEEE Computer Society, Los Alamitos (2005)
MostĆ©faoui, G.K., BrĆ©zillon, P.: A generic framework for context-based distributed authorizations. In: Proc. of the 4th Int. and Interdisciplinary Conference on Modeling and Using Context (CONTEXT 2003), 23ā25 June 2003, Stanford, CA, USA. Lecture Notes in Artificial Intelligence, vol. 2680, pp. 204ā217. Springer, Berlin (2003)
Noble, B., Corner, M.: The case for transient authentication. In: Proc. of the 10th ACM SIGOPS European Workshop: Beyond the PC, Saint-Emillion, France, September 2002, pp.Ā 24ā29. ACM, New York (2002)
Presti, S.L., Cusack, M., Booth, C.: Trust issues in pervasive environments. Techn. Rep., University of Southampton (2003)
Rahman, A.F.: A framework for decentralised trust reasoning. Ph.D. dissertation, University of London (2005)
Ranganathan, A., Al-Muhtadi, J., Campbell, R.H.: Reasoning about uncertain contexts in pervasive computing environments. Pervasive Comput. 3(2), 62ā70 (2004)
Ryutov, T., Zhou, L., Neuman, C., Leithead, T., Seamons, K.E.: Adaptive trust negotiation and access control. In: Proc. of the 10th ACM Symposium on Access Control Models and Technologies (SACMAT05), 1ā3 June 2005, Stockholm, Sweden, pp. 139ā146. ACM, New York (2005)
Sandhu, R.S., Samarati, P.: Access control: principles and practise. IEEE Commun. Mag. 9(32) (1994)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29 (1996)
Schneck, P.A., Schwan, K.: Dynamic authentication for high-performance networked applications. In: Proc. of the 6th IEEE/IFIP Int. Workshop on Quality of Service (IWQoS 98), Napa, CA, USA, 18ā20 May 1998, pp. 127ā136. IEEE Computer Society, Los Alamitos (1998)
Seigneur, J.M.: Trust, security and privacy in global computing. Ph.D. dissertation, Trinity College Dublin (2005)
Shakhnarovich, G., Lee, L., Darrell, T.: Integrated face and gait recognition from multiple views. In: IEEE Computer Vision and Pattern Recognition (2001). citeseer.ist.psu.edu/shakhnarovich01integrated.html
Toivonen, S., Lenzini, G., Uusitalo, I.: Context-aware trust evaluation functions for dynamic reconfigurable systems. In: Proc. of the Models of Trust for the Web Workshop (MTWā06), held with the 15th International World Wide Web Conference (WWW2006), 22 May 2006, Edinburgh, Scotland, CEUR Workshop Proceedings, CEUR-WS (2006)
Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In: Proc. of the Fifth International Semantic Web Conference (ISWC), Athens, GA, 5ā9 Nov. 2006. Lecture Notes in Computer Science, vol. 4273, pp. 473ā486. Springer, Berlin (2006)
VerĆssimo, P.E., Neves, N.F., Correia, M.P.: Intrusion-tolerant architectures: concepts and design. In: Architecting Dependable Systems. citeseer.ist.psu.edu/561906.html
Viswanathan, P.: Security architecture in gaia. Techn. Rep. 2215, Urbana, Illinois (2001). citeseer.ist.psu.edu/viswanathan01security.html
Weiser, M., Brown, J.S.: Designing calm technology. Techn. Rep., Xerox PARC (1995). http://nano.xerox.com/hypertext/weiser/calmtech/calmtech.htm
Wu, H., Siegel, M., Ablay, S.: Sensor fusion using DempsterāShafer theory II: static weighting and Kalman filter-like dynamic weighting. In: Proc. of 20th IEEE Instrumentation and Measurement Technology Conference (IMTC 2003), 20ā22 May 2003, Vail, CO, USA, vol.Ā 2, pp.Ā 907ā912. IEEE Computer Society, Los Alamitos (2003)
Yee, G., Korba, L.: Context-aware security policy agent for mobile Internet services. In: Proc. of the 2005 IFIP International Conference on Intelligence in Communication Systems, MontrĆ©al, QuĆ©bec, Canada, 17ā19 October 2005
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
Ā© 2011 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Seigneur, JM., Lenzini, G., Hulsebosch, B. (2011). Adaptive Trust Management. In: Di Marzo Serugendo, G., Gleizes, MP., Karageorgos, A. (eds) Self-organising Software. Natural Computing Series. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17348-6_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-17348-6_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17347-9
Online ISBN: 978-3-642-17348-6
eBook Packages: Computer ScienceComputer Science (R0)