Trust management system design for the Internet of Things A…

《Trust management system design for the Internet of Things A…》由会员分享，可在线阅读，更多相关《Trust management system design for the Internet of Things A…（34页珍藏版）》请在装配图网上搜索。

1、TRUST MANAGEMENT SYSTEM DESIGN FOR THE INTERNET OF THINGS: A CONTEXT-AWARE AND MULTI-SERVICE APPROACHYosra Ben Saied, Alexis Olivereau, Djamal Zeghlache, Maryline LaurentPresented by Ali Asgar SohanghpurwalaMachine to Machine (M2M) and Internet of Things (IoT) architectures becoming prevalentWireles

2、s Sensor Networks (WSNs) introduced unattended wireless topologies with resource constrained nodesIoT expands on WSN requirementsWider architecturesMore heterogeneousInconstant resource capabilitiesIncreased autonomyINTRODUCTIONNodes expected to securely communicate with external Internet nodes, but

3、 likely dont have resources to do it aloneConstraints such as computing power, battery life, limited bandwidthNeed to collaborate to meet this goal Cooperative techniques for routing and security have been proposed in literatureCollaboration needs to be controlled, to protect against attacksCryptogr

4、aphic methods dont account for insider attacksCryptographically trusted nodes can lie, alter data, or selfishly refuse to collaborateExisting WSN and MANET insufficient for IoTWHY DOES IOT NEED A TMS?IoT nodes providing different services assessed by same TMSNon-malicious nodes may temporarily have

5、low capabilitiesIoT nodes are highly heterogeneousNode owned by multiple self-interest communitiesComplex malicious patterns arise with coexistence of heterogeneous and self-concerned nodesHOW IS TMS DIFFERENT FOR IOT?ASSESSMENT OF PRIOR TMS WRT IOTUse past behavior to determine task-specific trust

6、levels for each nodeEventually only the best partners for a specific service are proposed to requesting nodeFine-tune trust levels, even in presence of malicious and erroneous nodesGeographically centralized TM serversMulti-phase approachOVERVIEWInitially all nodes are assumed trustworthyBootstrappi

7、ng period is required to gather information before results are trustworthyTrust manager speeds up process by targeting nodes and inducing artificial interactionsRequesting node classifies behavior of assisting node as positive or negativeEvaluations are stored in trust manager Context under which ev

8、aluations are received is importantAging, resource capacity, etc. of evaluated nodeExecution timeINITIALIZATION AND INFORMATION GATHERINGEach report Rij refers to jth report regarding QoS for assisting node PiEach report contains the following information:REPORT INFORMATIONWhen a node asks for assis

9、tance, the trust manager returns a list of trustworthy assisting nodesFive steps:1) Restrict set of proxies pi2)Restrict the set of reports Rij for each proxy Pi3)Compute weights (wRij) for each report Rij4)Compute trust value Ti for each proxy pi5)Provide requestor with list of best suited proxiesE

10、NTITY SELECTIONSelect candidates based on service requirementsExamples:Lightweight communication may require nodes in same multi-cast groupSignature delegation schemes may require nodes dispersed in specific locationsMay require neighbors in radio rangeENTITY 1: RESTRICT SET OF PROXIES PIFind most m

11、eaningful reports for prospective nodesIdeal reports:Assisting node provided the same serviceAssisting node status was the same as it is nowIt is likely that there wont be enough ideal reports to judge the node pi in specific contextWe can calculate context similarity by quantifying node capabilitie

12、s and service similarityENTITY 2: RESTRICT SET OF REPORTSQuantifying node capability is easy:Percentage of Battery, CPU power, Memory availableService similarity isnt as straightforwardEstimate service similarity based on resource requirementsOf measurable resources, energy consumption is recommende

13、d by authorsENTITY 2:QUANTIFY PARAMETERSReport Rij sent by all nodes j, regarding interactions with node Pi contains:Sj service provided by Cj capabilityNj NoteTry to match with target values:Starget Current service in requestCtarget Current Pi capabilityENTITY 2: CONTEXT SIMILARITYENTITY 2: CONTEXT

14、UAL DISTANCEdSmax, dCmax - tolerance of selection mechanism for capability and service measurementsFirst term represents distance from center of (Starget,Ctarget), dSmax, dCmax) ellipse Node that behaves well for expensive service, is likely to behave well for less demanding serviceSecond term repre

15、sents distance between Rij and (Smax, 0)Node performing well for low-demand service, doesnt mean it performs well in demanding serviceSecond term represents distance between Rij and (0, Cmax) Positive report close to (Smax, 0) means node performed well for expensive service while near min capacityNe

16、gative Report close to (0, Cmax) means that node performed poorly for simple service, while at max capacityAny report close to center of target ellipse is very similarRetained report Rij should have dij such that:dij (Rij, RTarget) t, where:ENTITY 2: DIJ ILLUSTRATIONENTITY 2: EXAMPLEENTITY 2: EXAMPL

17、E CONT.Weight of each report (wij) determined by contextual distance (dij) and age (tnow - tj), are parameters in range 0,1 expressing memory of the system (resp. ) is adjusted according to expected rapidity of changeLower (resp. ) indicates lower importance for past reports (resp. more contextually

18、 distant reports)s = * (N2j-Nj), where Nj is the score given by witnesss = 1 when score is -1, and 0 when score is 0,1weight of negative score is doubled compared to positive or neutral scoresENTITY 3: COMPUTE WEIGHT FOR EACH REPORTTi is trust value for proxy piQRj is the quality of recommendation o

19、f witness node jtrustworthiness score based on accuracy of past reportsRanges between -1 and 1wRij is weight from previous slideENTITY 4: COMPUTE TRUST VALUE FOR EACH PROXYSecurely send list of best rated nodes to requestorFinally done with Entity selectionENTITY 5: PROVISION BEST RATED PROXIES OF P

20、IClient node relies on list of trusted proxies provided by Trust Manager to select partnersSends positive or negative score for each partner to TMEvaluation technique depends on service providedCould be direct observation, or could solicit feedback from peersReceived reports should take into account

21、 node credibilityTRANSACTION AND EVALUATIONLearning phase qualifies system as a cognitive processIn security scenarios:Adaptive security systems dynamically react by applying new security policies in reaction to environment changeCognitive security introduces learning step. Assessment of enforced ac

22、tion eventually modifies system behavior so a different action may be taken next time.LEARNING1)Update witness nodes qualities of recommendation2)Update of assisting nodes reputation levelsLEARNING STEPSSimple ConceptDecrease QR score if witness gave a bad score to a good nodeIncrease QR score if wi

23、tness gave a good score to a good nodeUse weighted averageavoids excessive variations of QRallows precise choice of extent to which QR must be oriented towards 1 (good recommender), 0 (non-usable data), and -1 (bad recommender)LEARNING 1: UPDATE QUALITY OF RECOMMENDATIONLEARNING 1: QR DIRECTIONLet X

24、 be a witness node who evaluated node P, which later provided a service to node FNode F sends report RF with score N -1,0,1TM uses Fs report to update QR score of each recommenderSystem retrieves n stored QR scores for all witness nodesX has for example QRx (QR1,.,QRn-1, Qrn)System extracts note N f

25、rom RF and retrieves wRx corresponding to RXQRXF represents direction that QR for X should evolver = 1 if X and F agree on rating, r=-1 when they are opposite, and r=0 when they are off by 1CF is weight of r, increases when weight of Xs previous report is high, increases if F is a good recommenderLE

26、ARNING 1: WEIGHTED AVERAGEQRi represents Xs rec. historyCi is respective weight for Xs rec. history represents memory factor of systemNegative N_QR means X is reporting opposite of actual service qualityInstead of discarding Xs ratings, consider the opposite!Reputation distinct from trustTrust measu

27、res ability of node to perform specific taskReputation refers to overall trustworthiness of node in the systemCombine QR (QRFj)and service ratings (NFj) with age-based weighting factorTM recalculates reputation after each interaction Nodes with low-reputation are added to blacklistLEARNING 2: UPDATE

28、 ASSISTING NODES REPUTATION LEVELSTEST SIMULATIONSIMULATION PARAMETERSQR EVOLUTIONQR EVOLUTION CONT.ATTACK RESILIENCEATTACK RESILIENCE CONT.Presented generic, context-aware TMS for IoTDynamic trust scores assigned to nodes based on node status, and required functionIndependent score given for Quality of RecommendationQR score is adjusted through learning phaseSystem withstands several classes of attacksCONCLUSION