Ginés Dólera Tormo

Dynamic and flexible selection of a reputation mechanism for heterogeneous environments

Current trust and reputation management approaches usually offer rigid and inflexible mechanisms to compute reputation scores, which hinder their dynamic adaptation to the current circumstances in the system where they are deployed. At most, they provide certain parameters which are configurable or tunable. Yet, this is not enough for such heterogeneous and dynamic environments as the ones introduced by Internet of Things (IoT). In this paper we propose a rupture with this old philosophy and have therefore designed and prototyped a flexible mechanism to select the most suitable trust and reputation model to apply on-the-fly, amongst a pool of predefined ones, considering both the current system conditions and the selected performance measurements, which, to the best of our knowledge, is missing nowadays. Additionally, this mechanism guarantees a smooth transition between different computation engines avoiding abrupt changes in the computed reputation scores. Conducted experiments prove that our solution is able to identify and start up the most suitable trust and reputation model depending on the current system conditions (number of users, allocated resources, etc.) and expected performance measurements (accuracy, scalability, robustness, etc.). Design a flexible mechanism to select the most suitable trust and reputation model to apply on-the-fly.Selection of the reputation model based on current system conditions and expected performance measurements.The approach guarantees a smooth and automatic transition between the reputation computation engines.Experiments conducted to validate the feasibility of the approach.Focus on heterogeneous Internet of Things environments.

Identity Management--In Privacy We Trust: Bridging the Trust Gap in eHealth Environments

Identity management solutions that control the data that users provide to individual healthcare services raise trust and privacy concerns, such as who owns user data, how to control its spread, and how to build trustworthy associations between care providers. Reputation systems can enhance eHealth systems by bridging the gap between strong contractual agreements and first-time domain exchanges.

Definition of an advanced identity management infrastructure

In recent years, organizations are starting to demand a finer user access control in order to offer added-value services, while end users desire more control over their private information. Several approaches have been proved to be efficient in protecting basic scenarios. However, in scenarios requiring advanced features, such as advanced authorization capabilities, level of assurance facilities or effective privacy management, certain issues still need to be addressed. In this work, we propose an identity management infrastructure, based on the SAML, XACML and XKMS standards, which extends current approaches in order to achieve the required features. We include a performance analysis to show the feasibility of this architecture.In recent years, organizations are starting to demand a finer user access control in order to offer added-value services, while end users desire more control over their private information. Several approaches have been proved to be efficient in protecting basic scenarios. However, in scenarios requiring advanced features, such as advanced authorization capabilities, level of assurance facilities or effective privacy management, certain issues still need to be addressed. In this work, we propose an identity management infrastructure, based on the SAML, XACML and XKMS standards, which extends current approaches in order to achieve the required features. We include a performance analysis to show the feasibility of this architecture.

Identity Management in Cloud Systems

Identity management systems are of paramount importance to provide authentication and authorization based on end user identities trying to preserve privacy, while at the same time enhancing interoperability across multiple domains.

ROMEO: ReputatiOn Model Enhancing OpenID Simulator

OpenID is a standard decentralized initiative aimed at allowing Internet users to use the same personal account to access different services. Since it does not rely on any central authority, it is hard for such users or other entities to validate the trust level of each other. Some research has been conducted to handle this issue, defining reputation framework to determine the trust level of a service based on past experiences. Deep analysis and validation need to be achieved in order to prove the feasibility of this framework. Our main contribution in this paper consists of a simulation environment able to validate the feasibility of that reputation framework and to analyze its behavior within different scenarios.