Core TuLiP Logic Programming for Trust Management

J. theor. appl. electron. commer. res.

Hartog

et al. 2010

Self Cite

In service-oriented systems a constellation of services cooperate, sharing potentially sensitive information and responsibilities. Cooperation is only possible if the different participants trust each other. As trust may depend on many different factors, in a flexible framework for Trust Management (TM) trust must be computed by combining different types of information. In this paper we describe the TAS 3 TM framework which integrates independent TM systems into a single trust decision point. The TM framework supports intricate combinations whilst still remaining easily extensible. It also provides a unified trust evaluation interface to the (authorization framework of the) services. We demonstrate the flexibility of the approach by integrating three distinct TM paradigms: reputation-based TM, credential-based TM, and Key Performance Indicator TM. Finally, we discuss privacy concerns in TM systems and the directions to be taken for the definition of a privacy-friendly TM architecture.

Section: Credential-based Trust Modelmentioning

confidence: 99%

Section: Ctm Service Architecturementioning

confidence: 99%

Section: Privacy Enhancement For Ctmmentioning

confidence: 99%

See 1 more Smart Citation

A Flexible Architecture for Privacy-Aware Trust Management

Böhm

J. theor. appl. electron. commer. res.

Hartog

et al. 2010

Self Cite

“…Present TM systems do not satisfy all three conditions; RT [13,12] comes very close by satisfying the second and third requirements, but at the cost of a syntax which is too inflexible for our purposes (see our [6] for a discussion on this). Other systems either do not support decentralised storage or do not enjoy a sound and complete decision algorithm (see the Related Work section for the details).…”

Section: Introductionmentioning

confidence: 97%

“…Standard TuLiP is based on the theoretical basis laid in Core TuLiP [6], i.e. on the same concept of credential storage system and on a similar decision algorithm (which in turn is inspired by the architecture of RT [13]).…”

Section: Introductionmentioning

confidence: 99%

Trust Management in P2P Systems Using Standard TuLiP

Czenko

Doumen

IFIP – The International Federation for Information Processing

Self Cite

In this paper we introduce Standard TuLiP -a new logic based Trust Management system. In Standard TuLiP, security decisions are based on security credentials, which can be issued by different entities and stored at different locations. Standard TuLiP directly supports the distributed credential storage by providing a sound and complete Lookup and Inference AlgoRithm (LIAR). In this paper we focus on (a) the language of Standard TuLiP and (b) on the practical considerations which arise when deploying the system. These include credential encoding, system architecture, system components and their functionality, and also the usability issues.

The POLIPO Security Framework

Trivellato

Situation Awareness With Systems of Systems

Luit

et al. 2013

Self Cite

Systems of systems are coalitions of autonomous systems that collaborate to achieve a common goal. The systems in a system of systems often belong to different security domains, which are governed by different authorities employing heterogeneous protocols, vocabularies, data models and organizational structures. Furthermore, systems of systems are often dynamic, with systems joining and leaving the coalition at runtime. An example of system of systems is a fleet of ships from different NATO countries collaborating in a patrolling mission.Despite offering a high degree of operational flexibility, the systems of systems paradigm has a strong impact on systems interoperability and on the security requirements of the coalition members (hereafter called parties). In fact, during the operation of a system of systems parties are required to exchange information (e.g., their current location) with the other members of the coalition. This information, however, might be sensitive and should be accessed exclusively by authorized parties, which may vary depending on the context (e.g., the location of the requester, the criticality of a situation) and the content of the information. Therefore, along with the development of systems of systems comes the demand for a flexible security framework that faces the related security challenges.