Pub Date : 2005-12-31DOI: 10.1109/SECCMW.2005.1588290
B. Tompsett, A. M. Marshall, N. Semmens
A project to combine criminological techniques of profiling with Internet abuse and computer forensic data is outlined. The multidisciplinary approach which applies the expertise of lawyers, criminologists, computer forensics and Internet specialists together is seen as a response to the explosion of e-crimes. Future work that involves the presentation of the results of cyberprofiling is proposed.
{"title":"Cyberprofiling: offender profiling and geographic profiling of crime on the Internet","authors":"B. Tompsett, A. M. Marshall, N. Semmens","doi":"10.1109/SECCMW.2005.1588290","DOIUrl":"https://doi.org/10.1109/SECCMW.2005.1588290","url":null,"abstract":"A project to combine criminological techniques of profiling with Internet abuse and computer forensic data is outlined. The multidisciplinary approach which applies the expertise of lawyers, criminologists, computer forensics and Internet specialists together is seen as a response to the explosion of e-crimes. Future work that involves the presentation of the results of cyberprofiling is proposed.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133046171","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2005-12-01DOI: 10.1109/SECCMW.2005.1588293
A. Slagell, Y. Li, K. Luo
The authors have begun to address the problem of anonymized data with the development of a new prototype tool CANINE: Converter and ANonymizer for Investigating Netflow Events. Originally, just a NetFlow converter, CANINE has been adapted to anonymize 8 of the most common fields found in all NetFlow formats. Most of these fields can be anonymized in multiple ways providing trade-offs between security and utility. This is the first tool the authors are aware of that supports many levels of anonymization and is the only NetFlow anonymizer of which we are aware ¿ besides a previous, less advanced tool they developed. This article is organized as follows. part 2 discusses related work in log anonymization. Part 3 discusses CANINE¿s anonymization algorithms and design decisions in depth. Finally, part 4 concludes and presents future work on CANINE and the anonymization of other log types.
{"title":"Sharing network logs for computer forensics: a new tool for the anonymization of netflow records","authors":"A. Slagell, Y. Li, K. Luo","doi":"10.1109/SECCMW.2005.1588293","DOIUrl":"https://doi.org/10.1109/SECCMW.2005.1588293","url":null,"abstract":"The authors have begun to address the problem of anonymized data with the development of a new prototype tool CANINE: Converter and ANonymizer for Investigating Netflow Events. Originally, just a NetFlow converter, CANINE has been adapted to anonymize 8 of the most common fields found in all NetFlow formats. Most of these fields can be anonymized in multiple ways providing trade-offs between security and utility. This is the first tool the authors are aware of that supports many levels of anonymization and is the only NetFlow anonymizer of which we are aware ¿ besides a previous, less advanced tool they developed. This article is organized as follows. part 2 discusses related work in log anonymization. Part 3 discusses CANINE¿s anonymization algorithms and design decisions in depth. Finally, part 4 concludes and presents future work on CANINE and the anonymization of other log types.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"178 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132256002","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2005-09-05DOI: 10.1109/SECCMW.2005.1588317
T. Tsenov, H. Tschofenig, Xiaoming Fu, E. Korner
One of the key requirements of today's and future network infrastructures is to provide Quality of Service (QoS) support for end-to-end applications, by distinguishing the application flows and properly handling them in network nodes. As an important component to achieve Internet QoS, explicit signaling schemes for resource reservation have been proposed, which deal with admission, installation and refreshment of QoS reservation state information. To be useful, any QoS signaling protocol should provide a capability for authentication and authorization of the QoS requests, especially in environments where the end points are not trusted by the network nodes. However, existing protocols for QoS signaling encounter a number of authentication and authorization issues, which limit their application scenarios. The advent of NSIS QoS Signaling Layer Protocol (QoS-NSLP) offers the prospect to overcome some of these issues. After describing the overall design of QoS-NSLP, we present an approach to support advanced authentication and authorization capabilities by using the Extensible Authentication Protocol (EAP). In comparison with existing approaches, this approach, combined with the support for effective interaction with the Authentication, Authorization and Accounting (AAA) infrastructure, provides flexible and extensible authentication and authorization methods for the QoS signaling.
{"title":"Advanced authentication and authorization for quality of service signaling","authors":"T. Tsenov, H. Tschofenig, Xiaoming Fu, E. Korner","doi":"10.1109/SECCMW.2005.1588317","DOIUrl":"https://doi.org/10.1109/SECCMW.2005.1588317","url":null,"abstract":"One of the key requirements of today's and future network infrastructures is to provide Quality of Service (QoS) support for end-to-end applications, by distinguishing the application flows and properly handling them in network nodes. As an important component to achieve Internet QoS, explicit signaling schemes for resource reservation have been proposed, which deal with admission, installation and refreshment of QoS reservation state information. To be useful, any QoS signaling protocol should provide a capability for authentication and authorization of the QoS requests, especially in environments where the end points are not trusted by the network nodes. However, existing protocols for QoS signaling encounter a number of authentication and authorization issues, which limit their application scenarios. The advent of NSIS QoS Signaling Layer Protocol (QoS-NSLP) offers the prospect to overcome some of these issues. After describing the overall design of QoS-NSLP, we present an approach to support advanced authentication and authorization capabilities by using the Extensible Authentication Protocol (EAP). In comparison with existing approaches, this approach, combined with the support for effective interaction with the Authentication, Authorization and Accounting (AAA) infrastructure, provides flexible and extensible authentication and authorization methods for the QoS signaling.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"98 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127495083","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2005-09-05DOI: 10.1109/SECCMW.2005.1588314
F.C. Colon Osorio, J. Whitney
In a peer network environment, which is typical in ad-hoc wireless networks, nodes collaborate to achieve some collective end. There is no hierarchy within the network, all nodes being given equal authority. No channel to nodes outside of the peer network is assumed to exist. In this untraditional environment we must provide traditional security properties and assure fairness in order to enable the secure, collaborative success of the network. One solution is to form a Trusted Domain, and exclude perceived dishonest and unfair members. Such solutions have previously been intolerant of masquerading, and have suffered from a lack of precise control over the allocation and exercise of privileges within the Trusted Domain. We introduce a model based on the work of Yang et. al. 2002 and Narasimha et. al. 2003 that provides granular control over privileges, and guards against masquerading. Continued good behavior is rewarded by an escalation of privileges, while requiring an increased commitment of resources. Bad behavior results in expulsion from the Trusted Domain. In colluding with malicious nodes, well behaved nodes risk losing privileges gained over time; collusion is thereby discouraged.
{"title":"Trust, the \"wisdom of crowds\", and societal norms: the creation, maintenance, and reasoning about trust in peer networks","authors":"F.C. Colon Osorio, J. Whitney","doi":"10.1109/SECCMW.2005.1588314","DOIUrl":"https://doi.org/10.1109/SECCMW.2005.1588314","url":null,"abstract":"In a peer network environment, which is typical in ad-hoc wireless networks, nodes collaborate to achieve some collective end. There is no hierarchy within the network, all nodes being given equal authority. No channel to nodes outside of the peer network is assumed to exist. In this untraditional environment we must provide traditional security properties and assure fairness in order to enable the secure, collaborative success of the network. One solution is to form a Trusted Domain, and exclude perceived dishonest and unfair members. Such solutions have previously been intolerant of masquerading, and have suffered from a lack of precise control over the allocation and exercise of privileges within the Trusted Domain. We introduce a model based on the work of Yang et. al. 2002 and Narasimha et. al. 2003 that provides granular control over privileges, and guards against masquerading. Continued good behavior is rewarded by an escalation of privileges, while requiring an increased commitment of resources. Bad behavior results in expulsion from the Trusted Domain. In colluding with malicious nodes, well behaved nodes risk losing privileges gained over time; collusion is thereby discouraged.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"26 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133002703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2005-09-05DOI: 10.1109/SECCMW.2005.1588315
G. Marias, K. Papapanagiotou, P. Georgiadis
Even though mobile ad hoc networks (MANETs) have been receiving increasing attention for more than a decade, many issues still remain unsolved, including the implementation and design of adequate security and trust mechanisms. The infrastructure-less nature of MANETs renders trust establishment a rather complex issue. Many solutions using public key cryptography and digital certificates have been proposed in this direction. However, the problem of certificate revocation and certificate status information distribution in MANETs has not yet been fully addressed. ADOPT (Ad-hoc Distributed OCSP for Trust) proposes the deployment of a lightweight, distributed, on-demand scheme based on cached OCSP responses, which can efficiently provide up-to-date certificate status information. As accurate and current revocation information is critical for any application based on public key certificates, ADOPT's caching mechanism should ensure that cached responses are updated regularly. This paper discusses caching issues and time parameters concerning ADOPT and proposes various alternatives that fit into different scenarios.
尽管十多年来移动自组织网络(manet)受到越来越多的关注,但许多问题仍然没有得到解决,包括适当的安全和信任机制的实施和设计。manet的无基础设施特性使得信任建立成为一个相当复杂的问题。在这个方向上,已经提出了许多使用公钥加密和数字证书的解决方案。然而,证书撤销和证书状态信息分发问题在MANETs中尚未得到充分解决。采用(Ad-hoc Distributed OCSP for Trust)提出了一种基于缓存OCSP响应的轻量级、分布式、按需方案的部署,该方案可以有效地提供最新的证书状态信息。由于准确和最新的撤销信息对于任何基于公钥证书的应用程序都是至关重要的,因此ADOPT的缓存机制应该确保定期更新缓存的响应。本文讨论了有关ADOPT的缓存问题和时间参数,并提出了适合不同场景的各种替代方案。
{"title":"Caching alternatives for a MANET-oriented OCSP scheme","authors":"G. Marias, K. Papapanagiotou, P. Georgiadis","doi":"10.1109/SECCMW.2005.1588315","DOIUrl":"https://doi.org/10.1109/SECCMW.2005.1588315","url":null,"abstract":"Even though mobile ad hoc networks (MANETs) have been receiving increasing attention for more than a decade, many issues still remain unsolved, including the implementation and design of adequate security and trust mechanisms. The infrastructure-less nature of MANETs renders trust establishment a rather complex issue. Many solutions using public key cryptography and digital certificates have been proposed in this direction. However, the problem of certificate revocation and certificate status information distribution in MANETs has not yet been fully addressed. ADOPT (Ad-hoc Distributed OCSP for Trust) proposes the deployment of a lightweight, distributed, on-demand scheme based on cached OCSP responses, which can efficiently provide up-to-date certificate status information. As accurate and current revocation information is critical for any application based on public key certificates, ADOPT's caching mechanism should ensure that cached responses are updated regularly. This paper discusses caching issues and time parameters concerning ADOPT and proposes various alternatives that fit into different scenarios.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115586458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2005-09-05DOI: 10.1109/SECCMW.2005.1588307
L. Capra
The increasing popularity of mobile computing devices, coupled with rapid advances in wireless networking technologies, have created the infrastructure needed to support the anywhere-anytime computing paradigm. Middleware systems have started to appear that aim at facilitating coordination among these devices, without the user even thinking about it, thus receding technology into the background. However, faced with overwhelming choice, additional support is required for applications to decide who can be trusted among this plethora of interacting peers. In this paper we propose a coordination model that exploits trust groups in order to promote safe interactions in the ubiquitous environment. Trust groups are asymmetric, that is, each device has its own view of the groups it belongs to, and long-lived, that is, their lifetime spans an extended period of time, despite group membership being dynamically handled. The dynamics of trust group creation, evolution and termination are described, based on the history of interactions of the device and on the ontology used to encode the context of trust. The programmer efforts required to reason about trust groups when coordinating mobile ad-hoc systems are discussed.
{"title":"Reasoning about trust groups to coordinate mobile ad-hoc systems","authors":"L. Capra","doi":"10.1109/SECCMW.2005.1588307","DOIUrl":"https://doi.org/10.1109/SECCMW.2005.1588307","url":null,"abstract":"The increasing popularity of mobile computing devices, coupled with rapid advances in wireless networking technologies, have created the infrastructure needed to support the anywhere-anytime computing paradigm. Middleware systems have started to appear that aim at facilitating coordination among these devices, without the user even thinking about it, thus receding technology into the background. However, faced with overwhelming choice, additional support is required for applications to decide who can be trusted among this plethora of interacting peers. In this paper we propose a coordination model that exploits trust groups in order to promote safe interactions in the ubiquitous environment. Trust groups are asymmetric, that is, each device has its own view of the groups it belongs to, and long-lived, that is, their lifetime spans an extended period of time, despite group membership being dynamically handled. The dynamics of trust group creation, evolution and termination are described, based on the history of interactions of the device and on the ontology used to encode the context of trust. The programmer efforts required to reason about trust groups when coordinating mobile ad-hoc systems are discussed.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"109 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124822405","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2005-09-05DOI: 10.1109/SECCMW.2005.1588298
H. Kasai, Uchida Wataru, S. Kurakake
Protecting personal privacy is already seen as a crucial requirement in the implementation of service provisioning in the ubiquitous environment. From the view point of preserving personal privacy, the simplest approach would be for users not to reveal any kind of private information at any time while keeping the number of available services unrestricted. Meanwhile, from the service provider's point of view, though this has been not clearly stated so far, their service logics should also be hidden from others because those logics may leak their know-how. This paper presents an ubiquitous service provisioning mechanism that gives more opportunities for users to get available services while preserving the secrecy of users' and providers' sensitive information. The basic idea of this mechanism is to share service execution procedures between the service provider and the user by exchanging converted service logic described in the form of Bayesian decision networks. This paper describes the proposed mechanism and the conversion algorithm for the Bayesian networks, and details the system architecture and implementation.
{"title":"Privacy preserving ubiquitous service provisioning based on Bayesian network conversion","authors":"H. Kasai, Uchida Wataru, S. Kurakake","doi":"10.1109/SECCMW.2005.1588298","DOIUrl":"https://doi.org/10.1109/SECCMW.2005.1588298","url":null,"abstract":"Protecting personal privacy is already seen as a crucial requirement in the implementation of service provisioning in the ubiquitous environment. From the view point of preserving personal privacy, the simplest approach would be for users not to reveal any kind of private information at any time while keeping the number of available services unrestricted. Meanwhile, from the service provider's point of view, though this has been not clearly stated so far, their service logics should also be hidden from others because those logics may leak their know-how. This paper presents an ubiquitous service provisioning mechanism that gives more opportunities for users to get available services while preserving the secrecy of users' and providers' sensitive information. The basic idea of this mechanism is to share service execution procedures between the service provider and the user by exchanging converted service logic described in the form of Bayesian decision networks. This paper describes the proposed mechanism and the conversion algorithm for the Bayesian networks, and details the system architecture and implementation.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129267799","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2005-09-05DOI: 10.1109/SECCMW.2005.1588302
J. Seigneur
Trustworthy decentralised identity mechanisms are promising to foster the digital business ecosystem (DBE), an EU-funded FP6 1ST Integrated Project. Progress has been made and driver small and medium enterprises (SMEs) users, which rely on the DBE technical commons, lobby for more security. However, such decentralised security mechanisms still remain on the research agenda. This demonstration presents the current state of security in the DBE.
{"title":"Demonstration of security through collaboration in the digital business ecosystem","authors":"J. Seigneur","doi":"10.1109/SECCMW.2005.1588302","DOIUrl":"https://doi.org/10.1109/SECCMW.2005.1588302","url":null,"abstract":"Trustworthy decentralised identity mechanisms are promising to foster the digital business ecosystem (DBE), an EU-funded FP6 1ST Integrated Project. Progress has been made and driver small and medium enterprises (SMEs) users, which rely on the DBE technical commons, lobby for more security. However, such decentralised security mechanisms still remain on the research agenda. This demonstration presents the current state of security in the DBE.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125208960","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2005-09-05DOI: 10.1109/SECCMW.2005.1588294
J. Seigneur, P. Cofta, S. Marsh
Security is usually centrally managed, for example in a form of policies duly executed by individual nodes. This workshop will cover the alternative trend of using collaboration and trust to provide security. Instead of centrally managed security policies, nodes may use specific knowledge (both local and acquired from other nodes) to make security-related decisions. For example, in reputationbased schemes, the reputation of a given node (and hence its security access rights) can be determined based on the recommendations of peer nodes.
{"title":"SECOVAL: the IEEE/CREATE-NET workshop on the value of security through collaboration","authors":"J. Seigneur, P. Cofta, S. Marsh","doi":"10.1109/SECCMW.2005.1588294","DOIUrl":"https://doi.org/10.1109/SECCMW.2005.1588294","url":null,"abstract":"Security is usually centrally managed, for example in a form of policies duly executed by individual nodes. This workshop will cover the alternative trend of using collaboration and trust to provide security. Instead of centrally managed security policies, nodes may use specific knowledge (both local and acquired from other nodes) to make security-related decisions. For example, in reputationbased schemes, the reputation of a given node (and hence its security access rights) can be determined based on the recommendations of peer nodes.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125216069","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2005-09-05DOI: 10.1109/SECCMW.2005.1588295
D. Huang, de Shane Bracher
In a global computing environment, trust management is important for entities to collaborate. Traditional access control methods cannot meet the needs of autonomous decision making with partial information. The SECURE project introduced a collaboration model using the combination of trust and risk models. This allows an entity to formulate trust according to its own observations and also by accepting recommendations from other entities. Evidence, which originates from other entities, must be gathered in a secure way to ensure that integrity is maintained. This paper introduces a trust broker model which describes how one entity can locate and retrieve evidence on another entity's historic behavior. This evidence-based trust brokering approach provides a basic model for secure evidence gathering and is appropriate for the global computing environment.
{"title":"Towards evidence-based trust brokering","authors":"D. Huang, de Shane Bracher","doi":"10.1109/SECCMW.2005.1588295","DOIUrl":"https://doi.org/10.1109/SECCMW.2005.1588295","url":null,"abstract":"In a global computing environment, trust management is important for entities to collaborate. Traditional access control methods cannot meet the needs of autonomous decision making with partial information. The SECURE project introduced a collaboration model using the combination of trust and risk models. This allows an entity to formulate trust according to its own observations and also by accepting recommendations from other entities. Evidence, which originates from other entities, must be gathered in a secure way to ensure that integrity is maintained. This paper introduces a trust broker model which describes how one entity can locate and retrieve evidence on another entity's historic behavior. This evidence-based trust brokering approach provides a basic model for secure evidence gathering and is appropriate for the global computing environment.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132333493","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: