nach oben

World Wide Web

Erschienen in:

01.01.2016

Behavior evaluation for trust management based on formal distributed network monitoring

verfasst von: Jorge Lopez, Stephane Maag, Gerardo Morales

Erschienen in: World Wide Web | Ausgabe 1/2016

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Collaborative systems are growing in use and in popularity. The need to boost the methods concerning the interoperability is growing as well; therefore, trustworthy interactions of the different systems are a priority. The systems need to interact with users and other applications. The decision regarding with whom and how to interact with other users or applications depends on each application or system. In this paper, we focus on providing trust verdicts by evaluating the behaviors of different agents, making use of distributed network monitoring. This will provide trust management systems based on “soft trust” information regarding a trustee experience. We propose a formal distributed network monitoring approach to analyze the packets exchanged by the entities, in order to prove a system is acting in a trustworthy manner. Based on formal “trust properties”, we analyze the systems’ behaviors, then, we provide trust verdicts regarding those “trust properties”. Furthermore, automatized testing is performed using a suite of tools we have developed, and finally, our methodology is applied to a real industrial DNS use case scenario.

Vorheriger Artikel MUBaaS: mobile ubiquitous brokerage as a service

Nächster Artikel Access and privacy control enforcement in RFID middleware systems: Proposal and implementation on the fosstrak platform

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

http://tilidom.com/

https://www.isc.org/downloads/bind/

Blaze, M., Feigenbaum, J., Keromytis, A.D.: Keynote: trust management for public-key infrastructures. In: Proceedings of the security protocols, 6th international workshop, Cambridge, UK, pp 59–63. Springer (1999)

Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the IEEE symposium on security and privacy, Oakland, CA, USA, pp 164–173 (1996)

Cavalli, A.R., Maag, S., de Oca, E.M.: A passive conformance testing approach for a manet routing protocol. In: Proceedings of the 2009 ACM symposium on applied computing (SAC), USA, pp 207–211 (2009)

Che, X., Lalanne, F., Maag, S.: A logic-based passive testing approach for the validation of communicating protocols. In: Proceedings of the 7th international conference on evaluation of novel approaches to software engineering, ENASE, Wroclaw, Poland, pp 53–64. SciTePress (2012)

Chu, Y.-H., Feigenbaum, J., Lamacchia, B., Resnick, P., Strauss, M.: Referee: trust management for web applications. O’Reilly World Wide Web J. 2(3), 127–139 (1997)

Dagon, D., Provos, N., Lee, C.P., Lee, W.: Corrupted dns resolution paths: The rise of a malicious resolution authority. In: Proceedings of the network and distributed system security symposium, NDSS, San Diego, California. The Internet Society (2008)

Dierks, T.: The transport layer security (tls) protocol version 1.2. RFC 5246 (2008)

Fan, L., Wang, Y., Cheng, X., Li, J.: Prevent dns cache poisoning using security proxy. In: Proceeding of IEEE 12th international conference on parallel and distributed computing, applications and technologies, PDCAT 2011, Gwangju, Korea, pp 387–393 (2011)

10.

Freier, A., Karlton, P., Kocher, P.: The secure sockets layer (ssl) protocol version 3.0. RFC 6101 (2011)

11.

Grandison, T., Sloman, M.: A survey of trust in internet applications. IEEE Commun. Surv. Tutor. 3(4), 2–16 (2000)CrossRef

12.

Grandison, T., Sloman, M.: Trust management tools for internet applications. In: Proceedings of trust management, springer first international conference, iTrust, Heraklion, Crete, Greece, pp 91–107 (2003)

13.

Haidar, D.A., Cuppens-Boulahia, N., Cuppens, F., Debar, H.: Xena: an access negotiation framework using xacml. Ann. Telecommun. 64(1-2), 155–169 (2009)CrossRef

14.

Holzmann, G.J.: The spin model checker : primer and reference manual (2004)

15.

Irfan, M.-N., Oriat, C., Groz, R.: Model inference and testing. Adv. Comput. 89, 89–139 (2013)CrossRef

16.

Jim, T.: Sd3: a trust management system with certified evaluation. In: Proceedings of the 2001 IEEE symposium on security and privacy, Oakland, California, USA, pp 106–115 (2001)

17.

Lalanne, F., Maag, S.: A formal data-centric approach for passive testing of communication protocols. IEEE/ACM Trans. Networking 21(3), 788–801 (2013)CrossRef

18.

Lee, A.J., Winslett, M., Perano, K.J.: Trustbuilder2: a reconfigurable framework for trust negotiation. In: Proceedings of trust management iii, 3rd IFIP WG 11.11 international conference, IFIPTM, West Lafayette, pp 176–195 (2009)

19.

Lee, D., Miller, R.E.: Network protocol system monitoring-a formal approach with passive testing. IEEE/ACM Trans. Networking 14(2), 424–437 (2006)CrossRef

20.

Lo, C.-C., Huang, C.-C., Ku, J.: A cooperative intrusion detection system framework for cloud computing networks. In: 280–284, editors, Proceedings of the IEEE 39th international conference on parallel processing workshops (2010)

21.

López, J., Che, X., Maag, S.: An online passive testing approach for communication protocols. In: Proceedings of the 9th international conference on evaluation of novel approaches to software engineering, Ensase, Lisbon. SCITEPRESS (2014)

22.

McCanne, S., Jacobson, V.: The bsd packet filter: a new architecture for user-level packet capture. In: Proceedings of the USENIX winter 1993 conference proceedings on USENIX winter 1993 conference, San Diego (1993)

23.

Mills, D.L.: Internet time synchronization: the network time protocol. IEEE Trans. Commun. 39(10), 1482–1493 (1991)CrossRef

24.

Mockapetris, P.V.: Rfc 1035 domain names — implementation and specification. Internet Engineering Task Force (1987)

25.

Movahedi, Z., Nogueira, M., Pujolle, G.: An autonomic knowledge monitoring scheme for trust management on mobile ad hoc networks. In: IEEE wireless communications and networking conference, WCNC 2012, Paris, pp 1898–1903 (2012)

26.

Postel, J.: Transmission control protocol. RFC 793. Internet Engineering Task Force (1981)

27.

Roschke, S., Cheng, F., Meinel, C.: A flexible and efficient alert correlation platform for distributed IDS. In: Proceedings of the ieee fourth international conference on network and system security, NSS, Melbourne, Victoria, pp 24–31 (2010)

28.

Toumi, K., Andrés, C., Cavalli, A.R.: Trust-orbac: a trust access control model in multi-organization environments. In: Proceedings of information systems security, 8th international conference, ICISS, Guwahati, pp 89–103 (2012)

29.

Zargar, S.T., Takabi, H., Joshi, J.B.D.: Dcdidp: a distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments. In: 332–341, editor, Proceedings of IEEE 7th international conference on collaborative computing: networking, applications and worksharing, collaboratecom, Orlando (2011)

30.

Titel: Behavior evaluation for trust management based on formal distributed network monitoring
verfasst von: Jorge Lopez
Stephane Maag
Gerardo Morales
Publikationsdatum: 01.01.2016
Verlag: Springer US
Erschienen in: World Wide Web / Ausgabe 1/2016
Print ISSN: 1386-145X
Elektronische ISSN: 1573-1413
DOI: https://doi.org/10.1007/s11280-015-0324-6

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 1/2016

Access and privacy control enforcement in RFID middleware systems: Proposal and implementation on the fosstrak platform

Data Services with uncertain and correlated semantics

AcT: Accuracy-aware crawling techniques for cloud-crawler

Modeling dynamic recovery strategy for composite web services execution

Anonymizing multimedia documents

MUBaaS: mobile ubiquitous brokerage as a service