skip to main content
10.1145/1900546.1900564acmotherconferencesArticle/Chapter ViewAbstractPublication PagesnspwConference Proceedingsconference-collections
research-article

The pervasive trust foundation for security in next generation networks

Published: 21 September 2010 Publication History

Abstract

We propose a new paradigm---named the Pervasive Trust Foundation (PTF) ---for computer security in Next Generation Networks, including the Future Internet. We start with a review of basic trust-related terms and concepts. We present motivation for using PTF as the basis for security in ISO OSI networks. The paper includes our five contributions. First, we define trust in the small (TIS) and trust in the large (TIL), where TIL is equivalent to PTF. Second, we list and contrast required and prohibited features of PTF-based systems. Third, we enumerate claims of benefits derived from using PTF. Fourth, we identify two major obstacles to PTF realization, and discuss multiple approaches to overcoming these obstacles. The more important of the two obstacles can be eliminated by showing an efficient implementation of PTF-based security. Fifth, we present an outline for the Basic Reference Model for PTF for Next Generation Networks. Summary and discussion of future work concludes the paper.

References

[1]
2010. Trust. American Heritage Dictionary of the English Language, Houghton Mifflin. Online at: http://education.yahoo.com/reference/dictionary/entry/trust
[2]
Bhargava, B., Lilien, L., Rosenthal, A., and Winslett, M. 2004. Pervasive Trust. IEEE Intelligent Systems 19, 5 (Sept.-Oct. 2004), 74--77.
[3]
Artz, D., and Gil, Y. 2007. A Survey of Trust in Computer Science and the Semantic Web. Web Semantics: Science, Services and Agents on the World Wide Web 5, 2 (Jun. 2007), 58--71.
[4]
Bhargava, B., Farkas, C., Lilien, L., and Makedon, F. 2003. Trust, Privacy, and Security: Summary of a Workshop Breakout Session, the National Science Foundation Information and Data Management (IDM) Workshop held in Seattle, Washington. Sep. 14-16, 2003. Technical Report 2003--34. Center for Education and Research in Information Assurance and Security (CERIAS), Purdue University. Online at: http://www.cerias.purdue.edu/tools_and_resources /bibtex_archive/archive/2003--34.pdf
[5]
2009. Verbal communication with participants. NSF Future Internet Architecture Summit (Washington, D.C., Oct. 2009).
[6]
ISO/IEC, 1991. ISO/IEC DIS 10181-2, May 1991, Information Technology - Open Systems Interconnection - Security Frameworks in Open Systems - Part 2: Authentication Framework. ISO. Used to be online at: http// www.iso.org/iso/catalogue_detail.htm?csnumber=14256
[7]
Pfleeger, C.P., and Pfleeger, S.L. 2007. Security in Computing. Fourth Edition, Prentice Hall. Upper Saddle River, NJ.
[8]
Fischer-Hübner, S., and Hedbom, H. 2008. Benefits of Privacy-Enhancing Identity Management. Asia-Pacific Business Review IV, 4 (Oct.-Dec. 2008), 36--52.
[9]
Grandison, T., and Sloman, M. 2000. A Survey of Trust in Internet Applications. IEEE Communications Surveys and Tutorials 3, 4 (Fourth quarter 2000), 2--16.
[10]
Cho, J.-H., and Swami, A. 2009. Towards Trust-based Cognitive Networks: A Survey of Trust Management for Mobile Ad Hoc Networks. In Proceedings of 14th International Command and Control Research and Technology Symposium (ICCRTS) (Washington, DC, June 2009). Online at: http://www.dodccrp.org/events/papers/191.pdf
[11]
Ruohomaa, S., Viljanen, L., and Kutvonen, L. 2006. Guarding Enterprise Collaborations with Trust Decisions -- the TuBE Approach. In Proceedings of the Workshops and the Doctoral Symposium of the Second IFAC/IFIP I-ESA International Conference: EI2N, WSI, IS-TSPQ (Bordeaux, France, Mar. 2006), 237--248.
[12]
Jøsang, A., Ismail, R., and Boyd, C. 2006. A Survey of Trust and Reputation Systems for Online Service Provision. Decision Support Systems 43, 2 (Mar. 2007), 618--644. DOI= http://doi.acm.org/10.1016/j.dss.2005.05.019
[13]
Sun, Y.(L.), Han, Z., and Liu, K.J.R. 2008. Defense of Trust Management Vulnerabilities in Distributed Networks. IEEE Communications 46, 2 (Feb. 2008), 112--119. DOI= http://doi.acm.org/10.1109/MCOM.2008.4473092.
[14]
Rasmusson, L., and Janssen, S. 1996. Simulated Social Control for Secure Internet Commerce. In Proceedings of New Security Paradigms Workshop (Lake Arrowhead, CA, Sep. 1996), 18--25. DOI= http://doi.acm.org/10.1145/304851.304860
[15]
Yan, Z. 2007. Trust Management for Mobile Computing Platforms. Doctoral Thesis, Helsinki University of Technology, Helsinki, Finland.
[16]
Solhaug, B., Elgesem, D., and Stolen, K. 2007. Why Trust is not Proportional to Risk? In Proceedings of 2nd International Conference on Availability, Reliability, and Security (Vienna, Austria, Apr. 2007), 11--18.
[17]
Ruohomaa, S., and Kutvonen, L. 2005. Trust Management Survey. In Proceedings of Third International Conference on Trust Management (Paris, France, May 2005). LNCS 3477, Springer-Verlag, 2005. 77--92.
[18]
Blaze, M., Feigenbaum, J., and Lacy, J. 1996. Decentralized Trust Management. In Proceedings of IEEE Symposium on Security and Privacy, (Oakland, CA, May 1996) Online at: http://www.crypto.com/papers/policymaker.pdf.
[19]
Jøsang, A., Keser, C., and Dimitrakos, T. 2005. Can We Manage Trust?" In Proceedings of the Third International Conference on Trust Management (iTrust) (Versailles, France, May 2005), 93--107.
[20]
Conner, W., Iyengar, A., Mikalsen, T., Rouvellou, I., and Nahrstedt, K. 2009. A Trust Management Framework for Service-Oriented Environments. In Proceedings of World Wide Web Conference (Madrid, Spain, Apr. 2009), 891--900. DOI= http://doi.acm.org/10.1145/1526709.1526829
[21]
Winsborough, W.H., Seamons, K.E., and Jones, V.E. 2000. Automated trust negotiation. In Proceedings of DARPA Information Survivability Conference and Exposition (Hilton Head, SC, Jan. 2000), 88--102. DOI= http://doi.acm.org/10.1109/DISCEX.2000.824965
[22]
Chu, Y.H., Feigenbaum, J., LaMacchia, B., Resnick, P., and Strauss, M. 1997. REFEREE: Trust Management for Web Applications. Computer Networks and ISDN Systems 29, 8--13 (Sep. 1997), 953--964. DOI= http://doi.acm.org/10.1016/S0169-7552(97)00009-3
[23]
Blaze, M., Feigenbaum, J. and Keromytis, A.D. 1998. KeyNote: Trust management for public-key infrastructures (position paper). In Proceedings of 6th International Workshop on Security Protocols (Cambridge, UK, Apr. 15-17, 1998). LNCS 1550, Springer-Verlag, 1998. 59--63.

Cited By

View all
  • (2024)TIoT: A Trust by Design Architecture for Secure and Private Internet of Things (IoT)2024 21st International Multi-Conference on Systems, Signals & Devices (SSD)10.1109/SSD61670.2024.10549150(391-400)Online publication date: 22-Apr-2024
  • (2012)Security Paradigm in Ubiquitous ComputingProceedings of the 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing10.1109/IMIS.2012.192(634-638)Online publication date: 4-Jul-2012

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
NSPW '10: Proceedings of the 2010 New Security Paradigms Workshop
September 2010
174 pages
ISBN:9781450304153
DOI:10.1145/1900546
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

  • ACSA: Applied Computing Security Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 September 2010

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. future internet
  2. iso 7498-2
  3. next generation networks
  4. pervasive trust foundation
  5. privacy
  6. security
  7. security mechanisms
  8. security services
  9. trust
  10. trust in the large
  11. trust in the small

Qualifiers

  • Research-article

Conference

NSPW '10
Sponsor:
  • ACSA
NSPW '10: 2010 New Security Paradigms Workshop
September 21 - 23, 2010
Massachusetts, Concord, USA

Acceptance Rates

NSPW '10 Paper Acceptance Rate 13 of 32 submissions, 41%;
Overall Acceptance Rate 98 of 265 submissions, 37%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)3
  • Downloads (Last 6 weeks)1
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)TIoT: A Trust by Design Architecture for Secure and Private Internet of Things (IoT)2024 21st International Multi-Conference on Systems, Signals & Devices (SSD)10.1109/SSD61670.2024.10549150(391-400)Online publication date: 22-Apr-2024
  • (2012)Security Paradigm in Ubiquitous ComputingProceedings of the 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing10.1109/IMIS.2012.192(634-638)Online publication date: 4-Jul-2012

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media