Karl Krukow

Using trust for secure collaboration in uncertain environments

The SECURE project investigates the design of security mechanisms for pervasive computing based on trust. It addresses how entities in unfamiliar pervasive computing environments can overcome initial suspicion to provide secure collaboration.

Towards a formal notion of trust

Trust management systems have been proposed as an alternative to traditional security mechanisms in Global Computing. We present some challenges in establishing a formal foundation for the notion of trust, and some preliminary ideas towards a category of trust models.

Trust models in ubiquitous computing

We recapture some of the arguments for trust-based technologies in ubiquitous computing, followed by a brief survey of some of the models of trust that have been introduced in this respect. Based on this, we argue for the need of more formal and foundational trust models.

Towards a formal framework for computational trust

We define a mathematical measure for the quantitative comparison of probabilistic computational trust systems, and use it to compare a well-known class of algorithms based on the so-called beta model. The main novelty is that our approach is formal, rather than based on experimental simulation.

On the Formal Modelling of Trust in Reputation-Based Systems

In a reputation-based trust management system an entity’s behaviour determines its reputation which in turn affects other entities interaction with it. We present a mathematical model for trust aimed at global computing environments which, as opposed to many traditional trust management systems, supports the dynamics of reputation-based systems in the sense that trusting relationships are monitored and changes over time depending on the behaviour of the entities involved. The main contribution is the discovery that the notion of event structures, well studied e.g. in the theory of concurrency, can faithfully model the important concepts of observation and outcome of interactions. In this setting observations are events and an outcome of an interaction is a maximal set of consistent events describing what happened. We also touch upon the problem of transferring trust or behavioural information between contexts, and we propose a generalised definition of morphism of event structures as an information-transfer function.

Trust structures: Denotational and operational semantics

A general formal model for trust in dynamic networks is presented. The model is based on the trust structures of Carbone, Nielsen and Sassone: a domain theoretic generalisation of Weeks’ framework for credential based trust management systems, e.g., KeyNote and SPKI. Collections of mutually referring trust policies (so-called “webs” of trust) are given a precise meaning in terms of an abstract domain-theoretic semantics. A complementary concrete operational semantics is provided using the well-known I/O-automaton model. The operational semantics is proved to adhere to the abstract semantics, effectively providing a distributed algorithm allowing principals to compute the meaning of a “web” of trust policies. Several techniques allowing sound and efficient distributed approximation of the abstract semantics are presented and proved correct.

Towards an evaluation methodology for computational trust systems

Trust-based security frameworks are increasingly popular, yet few evaluations have been conducted. As a result, no guidelines or evaluation methodology have emerged that define the measure of security of such models. This paper discusses the issues involved in evaluating these models, using the SECURE trust-based framework as a case study.

Transfer of trust in event-based reputation systems

In the Global Computing scenario, trust-based systems have been proposed and studied as an alternative to traditional security mechanisms. A promising line of research concerns the so-called reputation-based computational trust. The approach here is that trust in a computing agent is defined in terms of evidence of future behaviour based on interactions in the past with its environment. We have previously argued how concepts and models from concurrency theory can answer some fundamental challenges in the representation of such interaction behaviour over time, using event structures as our choice of model from concurrency theory. In this paper, we continue this line of research, addressing the problem on how to transfer trust from one behavioural context to another. Our proposed frameworks build on morphisms between event structures, and we prove some generic results guaranteeing formal properties of transfers in the frameworks.