Nathan Dimmock

Using trust for secure collaboration in uncertain environments

The SECURE project investigates the design of security mechanisms for pervasive computing based on trust. It addresses how entities in unfamiliar pervasive computing environments can overcome initial suspicion to provide secure collaboration.

Using trust and risk in role-based access control policies

Emerging trust and risk management systems provide a framework for principals to determine whether they will exchange resources, without requiring a complete definition of their credentials and intentions. Most distributed access control architectures have far more rigid policy rules, yet in many respects aim to solve a similar problem. This paper elucidates the similarities between trust management and distributed access control systems by demonstrating how the OASIS access control system and its rôle-based policy language can be extended to make decisions on the basis of trust and risk analyses rather than on the basis of credentials alone. We apply our new model to the prototypical example of a file storage and publication service for the Grid, and test it using our Prolog-based OASIS implementation.

Risk models for trust-based access Control(TBAC)

The importance of risk in trust-based systems is well established. This paper presents a novel model of risk and decision-making based on economic theory. Use of the model is illustrated by way of a collaborative spam detection application.

How much is "enough"? Risk in trust-based access control

Trust-based access control is the idea of using a model of human notions of trust and community as the basis for assigning privileges. Risk analysis is used to determine how much trust is required to assign a particular privilege in trust-based access control. Other topics mentioned are the validation of the model, investigation of how continuous probability density functions may be reasoned about in resource constrained environments and the creation of a general purpose policy language to allow the specification of policies.

Attack-resistance of computational trust models

The World Wide Web encourages widely-distributed, open, decentralized systems that span multiple administrative domains. Recent research has turned to trust management according to M. Blaze et al. (1996) as a framework for decentralizing security decisions in such systems. However, while traditional security measures such as cryptography and encryption are well-understood (theoretically and empirically), the same cannot be said for computational trust models. This paper describes the attack-resistance of several well-referenced trust models, in a move toward a possible framework and terminology for such analyses. We present a number of open questions, and consider possible future directions in the area.

Peer-to-peer collaborative spam detection

Although there are many potential solutions to spam, it oftenappears that filtering and blocking are the best. Unfortunately these techniques are inadequate, as evidencedby the continuing proliferation of spam. Here we describe a student project thatevolved collaborative filtering, previouslyimplemented using a centralized repository of spam information, intoa distributed, collaborative, peer-to-peer-based spam detection system.

Towards an evaluation methodology for computational trust systems

Trust-based security frameworks are increasingly popular, yet few evaluations have been conducted. As a result, no guidelines or evaluation methodology have emerged that define the measure of security of such models. This paper discusses the issues involved in evaluating these models, using the SECURE trust-based framework as a case study.