Community voucher based trust establishment and provisioning for distributed networks
Presenter
Hong Li, Rita Wouhaybi, Intel Corporation
Time
Session IV - 3:45am - 5:00pm
Abstract
There are problems with existing trust models, especially when they need to be applied to distributed ad hoc networks. For example, over decades there has been debating on the advantages and disadvantages between an infrastructure-based authentication (e.g., PKI) and the “web of trust” authentication (e.g., OpenPGP). There are some known issues with both approaches, such as: PKI relies on the existence of a reliable infrastructure, OpenPGP’s simple web of trust which is based on individual endorsement which is not scalable. What is needed is a trust model that has the following attributes: (1) it does not rely on a centralized infrastructure, (2) supporting different trust levels for access control decisions, (3) inclusion of negative endorsement (dis-trust), and (4) adaptive, self-monitoring and self-provisioning for distributed self-forming networks. We propose a social network based trust establishment model to address the gaps of existing trust approaches. The benefit of this idea is that many of the future ad hoc, Internet-based communication networks can be directly modeled with social network graphs, and the trust and access control policies can naturally take advantage of such self-forming dynamic models, in case a centralized infrastructure is not available to validate the trustworthiness of new connections. In addition, different trust levels can also help define security boundaries of what individual nodes and applications are allowed/not allowed to do. Furthermore, the trust decisions will be truly dynamic and self-adaptive as new nodes continuously connect and leave the collaboration networks. The objective of our model is to fill the gap of trust establishment and provisioning, and to explore new trust and manageability potentials in future platforms to support emerging network models.
Presentation
Download (PDF, 271 kb)