An architectural approach for assessing system trust based on security policy specifications and security mechanisms

Authors:
Şerif Bahtiyar;Murat Cihan;Mehmet Ufuk Çağlayan
Affiliations:
Bogaziçi University, Istanbul, Turkey;Bogaziçi University, Istanbul, Turkey;Bogaziçi University, Istanbul, Turkey
Venue:
Proceedings of the 2nd international conference on Security of information and networks
Year:
2009

Citing 12
Cited 0

Trust-Based Security in Pervasive Computing Environments

Computer
Decentralized Trust Management

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A survey of trust and reputation systems for online service provision

Decision Support Systems
A Socio-cognitive Approach to Modeling Policies in Open Environments

POLICY '07 Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks
PEACE-VO: A Secure Policy-Enabled Collaboration Framework for Virtual Organizations

SRDS '07 Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems
Dynamic Trust Management

Computer
SUNNY: a new algorithm for trust inference in social networks using probabilistic confidence models

AAAI'07 Proceedings of the 22nd national conference on Artificial intelligence - Volume 2
A survey of trust in internet applications

IEEE Communications Surveys & Tutorials
Secure knowledge management: confidentiality, trust, and privacy

IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Trust management and trust theory revision

IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
A formal apparatus for modeling trust in computing environments

Mathematical and Computer Modelling: An International Journal
Defense of trust management vulnerabilities in distributed networks

IEEE Communications Magazine

Quantified Score

Hi-index	0.00

Visualization

Abstract

We investigate trust relationships between and within a security policy and a security mechanism to assess system trust of software application. It has been recognized that trust assessment of security systems in dynamic environments with multiple entities, each with its own changing needs from the security mechanisms, is a complex task. In this paper, we propose a novel architectural approach to assess system trust of service oriented environments. The primary goal of this architecture is to show a way for constructing an automated system for trust assessment of web services. Particularly, we consider beliefs of an entity about a specific security mechanism of a service and the behavior of the service. In addition, we present new trust metrics for assessing system trust of a web service. Furthermore, trust and trust related issues in literature are reviewed to make clear the pros of our approach for trust assessment.