Page 54 - Trust in ICT 2017
P. 54

1                                                    Trust in ICT


            With  respect  to  trust  provisioning  in  health  care  services  and  applications,  the  paper  [22]  presents  the
            importance of inclusion of trust into the development of software systems. Furthermore they have identified
            that several factors should be considered in the process of software development.
            There  are  a  number  of  recent  papers  which  aim  to  incorporate  security  engineering  into  mainstream
            software engineering. Yet, capturing trust and security requirements at an organizational level, as opposed
            to an Information Technology (IT) system level, and mapping these into security and trust management
            policies is still an open problem. In this regard, [23] discuss a set of concepts founded on the notions of
            ownership, permission, and trust and intended for requirements modelling. It also extends Tropos, an agent-
            oriented software engineering methodology, to support security requirements engineering. These concepts
            are formalized and are shown to support the automatic verification of security and trust requirements using
            Data log. To make the discussion more concrete, they have illustrate the proposal with a Health Care case
            study.
            Related  to  smart  grid  applications,  [24]  discusses  the  trust  management  toolkit,  which  is  a  robust  and
            configurable  protection  system  augmentation,  which  can  successfully  function  in  the  presence  of  an
            untrusted  (malfunctioning)  smart  grid  (i.e.,  communication  based,  protection  system  nodes).  The  trust
            management toolkit combines reputation based trust with network flow algorithms to identify and mitigate
            faulty smart grid protection nodes. The toolkit assigns trust values to all protection nodes. Faulty nodes,
            attributed to component or communication system malfunctions (either intentional or unintentional), are
            assigned a lower trust value, which indicates a higher risk of failure to mitigate detected faults.

            Furthermore,  [25]  presents  an  approach  for  modelling  user  trustworthiness  when  traffic  information  is
            exchanged  between  vehicles  in  transportation  environments.  Their  multi-faceted  approach  to  trust
            modelling  combines  priority-based,  role-based  and  experience-based  trust,  integrated  with  a  majority
            consensus model influenced by time and location, for effective route planning. The proposed representation
            for the user model is outlined in detail (integrating ontological and propositional elements) and the algorithm
            for updating trust values is presented as well.
            Establishing trust relationships between peers is an essential approach to prevent threats. In P2P systems,
            peers often interact with unknown or unfamiliar peers. P2P systems benefits highly from trust mechanisms
            for a peer to decide whether another party is trustworthy by using the knowledge of others. In this regard,
            [26] proposes a challenge response protocol to identify malicious or unreliable peers in P2P systems.

            Nowadays, WSNs appear to be mature enough to be used by various applications. These applications rely on
            trustworthy sensor data to control the processes. Related to this, [27]  proposed a novel trust model for
            sensor data during their entire life cycle. Capitalizing on subjective logic, they have implemented new design
            operators for the combination and aggregation of opinions. Opinion on data is then used by applications for
            further decision making.

            Relevant same area, [28] has proposed a different approach for securing information aggregation in WSNs.
            By extracting statistical characteristics from gathered information, this framework evaluates sensor nodes’
            trustworthiness using an information theoretic metric. By employing unsupervised learning algorithm, the
            framework can detect the compromised nodes. Moreover, with the help of the powerful Josang’s belief
            model, the uncertainty existing in the sensory data and aggregation results is explicitly represented and
            quantified. Compared with the conventional schemes that are based on cryptography schemes, the proposed
            framework can effectively block the false data in the presence of multiple compromised nodes that would
            bypass outlier detection.
            6.2.7   Trust Management System

            There  have  been  many  proposed  trust  management  protocols  for  different  types  of  networks  such  as
            MANETs, WSNs, P2P networks and social IoT. The concept of “Trust” originally derives from social sciences
            and  is  defined  as  the  degree  of  subjective  belief  about  the  behaviours  of  a  particular  entity.  [29]  first
            introduced the term ”Trust Management” and identified it as a separate component of security services in
            networks and clarified that “Trust management provides a unified approach for specifying and interpreting
            security policies, credentials, and relationships.”




            46
   49   50   51   52   53   54   55   56   57   58   59