AComprehensiveTrustModelforComponentSoftware一种组件软件的综合信任模型.ppt

1、AutonomicTrustManagementforaPervasiveSystemZheng Yan,1,Autonomic Trust Management for a Pervasive System,Zheng Yan Nokia Research Center, Helsinki, Finland Secrypt08, July 27, 2008, Porto, Portugal,AutonomicTrustManagementforaPervasiveSystemZheng Yan,2,Outline,Introduction and motivation Related wor

2、k Fundamental technologies Solution: autonomic trust management An example application Further discussion Conclusions and future work,AutonomicTrustManagementforaPervasiveSystemZheng Yan,3,Introduction Trust establishment by specifying the trust conditions and registering them at the trustees RT mod

3、ule for trust sustaining in steps 3-6; Sustaining the trust relationship through the monitor and control by the RT module in steps 7-8; Re-challenge the trust relationship if necessary when any changes against trust conditions are reported,AutonomicTrustManagementforaPervasiveSystemZheng Yan,8,Funda

4、mental technologies (2): an adaptive trust control model,Considering the trustworthiness is influenced by a number of quality attributes . These quality attributes are ensured or controlled through a number of control modes. A control mode contains a number of control mechanism or operations. A weig

5、ht is used to indicate the importance rate of the quality attribute An influence factor of control mode is set based on impact of the control mode to the quality attributes We also apply a selection factor of control mode to indicate which control mode is actually applied in the system,AutonomicTrus

6、tManagementforaPervasiveSystemZheng Yan,9,Autonomic trust management: a system definition,User Pervasive system Pervasive computing devices Trusted computing platform Root Trust module Autonomic trust management framework (ATMF) Operating System (OS) A performance observer Services,AutonomicTrustMan

7、agementforaPervasiveSystemZheng Yan,10,Autonomic Trust Management Framework (ATMF,Responsibility: Manage the trustworthiness of a trustee service Configure its trust properties Switch on/off the trust control mechanisms, i.e. selecting a suitable set of control modes Secure storages Experience base

8、Policy base Mechanism base ATMF secure access to the RT module Extract the policies into the policy base for trust assessment if necessary An evaluation, decision and selection engine (EDS engine) Trust assessment Make trust decision Select suitable trust control modes,AutonomicTrustManagementforaPe

9、rvasiveSystemZheng Yan,11,Autonomic trust management procedure,Remote service collaboration check Yes, trust sustaining mechanism Embed device trust conditions (including trust policies) into RT Extract trust policies, save into policy base Trustworthiness and trust control mode prediction, selectio

10、n Monitor performance and behavior Adjust trust control model,AutonomicTrustManagementforaPervasiveSystemZheng Yan,12,Algorithms,Trust assessment Trust value generator: Weighted summation: Control mode prediction and selection Anticipate the performance or feasibility of all possibly applied trust c

11、ontrol modes. Select a set of suitable trust control modes based on the control mode prediction results. Adaptive Trust Control Model Adjustment Adjust the influence factors of the trust control model in order to make it reflect the real system situation or context,AutonomicTrustManagementforaPervas

12、iveSystemZheng Yan,13,Trust Control Mode Prediction and Selection,The control modes are predicted through evaluating all possible modes and their compositions based on the adaptive trust control model The prediction algorithm , while , do,The control modes are selected based on the control mode pred

13、iction results The selection algorithm Calculate selection threshold ; - Compare and of to , set selection factor if ; set if ; - For , calculate the distance of and to as ; For , calculate the distance of and to as only when and ; -If , select the best winner with the biggest ; else , select the be

14、st loser with the smallest,AutonomicTrustManagementforaPervasiveSystemZheng Yan,14,Adaptive Trust Control Model Adjustment,Subjective Else, for , , if b) Run the control mode prediction function The unequal adjustment scheme While , do a) If , for , , if ; Else, , if b) Run the control mode predicti

15、on function,AutonomicTrustManagementforaPervasiveSystemZheng Yan,15,An application example: mobile healthcare,System devices A potable mobile device a health sensor: monitor a users health status; a healthcare client service: provide multiple ways to transfer health data to other devices and receive

16、 health guidelines. A healthcare centre A healthcare consultant service: provide health guidelines to the user according to the health data reported, inform a hospital service at a hospital server if necessary. A hospital server A hospital service Trust requirements Each device and services trustwor

17、thiness Trustworthy cooperation of all related devices and services Satisfy trust requirements with each other and its users Examples Confidentiality: the healthcare client service provides a secure network connection and communication; Availability: respond to the request from the health sensor wit

18、hin expected time; Reliability: perform reliably without any break in case of an urgent health information transmission. Example application scenario: the users health is monitored by the mobile device which reports his/her health data to the healthcare centre in a secure and efficient way. In this

19、case, the hospital service should be informed since the users health needs to be treated by the hospital immediately. Meanwhile, the consultant service also provides essential health guidelines to the user,AutonomicTrustManagementforaPervasiveSystemZheng Yan,16,Autonomic trust management for a healt

20、hcare application,AutonomicTrustManagementforaPervasiveSystemZheng Yan,17,Discussion,Two-level autonomic trust management Autonomic trust management among different system devices (hard trust solution) Apply the mechanism to sustain trust, embed trust policies for remote trusted service collaboratio

21、n Autonomic trust management on pervasive services for their trustworthy collaboration (soft trust solution) Both levels of autonomic trust management can cooperate to ensure the trustworthiness of the entire pervasive system. Standardized devices (supported by TCG compatible devices) Implementation

22、 of the RT module and Autonomic Trust Management Framework Designed and implemented inside a secure main chip in the mobile computing platform The RT module functionalities and the ATMF functionalities can be implemented by a number of protected applications. Small applications dedicated to performi

23、ng security critical operations inside a secure environment. Strict size limitations and resemble function libraries. Access any resource in the secure environment. Communicate with normal applications in order to offer security services. New protected applications can be added to the system at any

24、time, Signature based protection. Onboard Credential based implementation for the secure register of the RT module, the policy base, the execution base and the mechanism base A flexible and light secure storage mechanism supported by the trusted computing platform,AutonomicTrustManagementforaPervasiveSystemZheng Yan,18,Conclusions and future work,Presented our arguments for autonomic tru