Parallel and distributed computation: numerical methods
Parallel and distributed computation: numerical methods
The formal semantics of programming languages: an introduction
The formal semantics of programming languages: an introduction
Communication complexity
The stable paths problem and interdomain routing
IEEE/ACM Transactions on Networking (TON)
Computers and Intractability; A Guide to the Theory of NP-Completeness
Computers and Intractability; A Guide to the Theory of NP-Completeness
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Towards a formal notion of trust
Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming
A survey of trust and reputation systems for online service provision
Decision Support Systems
Reconstructing trust management
Journal of Computer Security - Special issue on WITS'02
Using Trust for Secure Collaboration in Uncertain Environments
IEEE Pervasive Computing
| Hi-index | 5.23 |
In this paper we consider the complexity of some problems arising in a fixed point model of trust in large-scale distributed systems, based on the notion of trust structures introduced by Carbone, Nielsen and Sassone; a set of trust levels with two distinct partial orderings. In the trust model, a global trust state exists as the least fixed point of a collection of local policy functions of nodes in the network. We first show that it is possible to efficiently compute a single component of the global trust state using a simple, robust and totally asynchronous distributed algorithm. We complement this with a lower bound which shows that, if the policies are unrestricted then communication and time linear in the number of distinct trust levels is required in the worst case. We then consider the notion of distributed proof carrying requests previously introduced as a means of safely approximating the global trust state without computing its exact value. We present a new result that enables us to give a continuum of proof carrying protocols, the previously known protocol being one extreme of this. The theorem allows us to generate protocols that can prove all possible trust values (previously, it was only possible to prove trust values representing 'not too much bad behaviour'). However, we show that such a general protocol may not be efficient - it is NP-hard to construct an approximately minimal size proof in our model, and in the worst case the nodes must communicate almost as much data as if they were to compute the global trust state from scratch. The implications of our negative results are that it may be necessary to restrict the policy language in order to efficiently implement a fixed point model of trust in a distributed network.