No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Building Trustable Remote Monitoring and Management Systems
... The model protects against good-mouthing, bad-mouthing, and ballot stuffing attacks by constantly updating the weights and taking the history of behavior and rating quality into account for calculations. The model uses a probabilistic neural network framework to differentiate between trustworthy and malicious nodes [19]. The probabilistic neural network comprises a multi-layer architecture including input, hidden, pattern, and output layers [20]. ...
Business process modeling and implementation has taken researchers' attention for almost 30 years, since Hammer and Champy published in 1992 their book on business process reengineering. Process management proponents mostly focused on the system approach and workflow modeling. In this paper, we would like to emphasize the issues of business process paradigm development. This paper's aim is to confront workflow modeling with case management. These two approaches have different purposes, although, through their application, the process paradigm change is presented. This study methodology covers the literature survey (LS) and case study. The LS on the application of Case Management Model Notation (CMMN) is included to answer the question for what purposes CMMN is applied. The empirical part covers a case study on remote audit (e‐audit) process modeling. Further, a discussion on the strengths and weaknesses of e‐audit process is included. Final conclusions concern the transformability of process modeling methodologies. This paper contributes to process management theory with explanations of how and why specific e‐audit processes are developed and how they expand process managers' practices. The e‐audit activities are included in step‐by‐step processes as well as in the case management model to improve knowledge sharing and practice improvement.
In this paper, monitoring is perceived as a way to observe how people change their attitude towards privacy, particularly in the Internet circumstances. The paper aims to analyze privacy awareness and the privacy paradox.
A systematic literature review provides the background on the privacy issues in the Internet environment. Beyond that, the paper covers a survey on the perception of new media by students from Poland, Bulgaria, and Colombia.
The systematic literature review and the student privacy awareness survey revealed the relative value of privacy and its dependence on security. The discussion included in this paper concerns the privacy paradox, which can possibly be resolved by separation, exclusion, integration, and connection.
The literature survey has allowed to present privacy in different aspects, i.e. protection modeling, tools and techniques. Researchers focus on protection systems, but they do not reveal reactions of users of the proposed solutions. On the other hand, proponents of the Internet communication encourage people to reveal personal data, without sufficient warning about the consequences of data exposure.
The privacy paradox considerations are expected to be valuable for practitioners of the organizational design because they are to be asked to cope with the privacy ambidexterity and to develop the corresponding business processes.
The important issue, i.e. the privacy paradox, is placed in contradictory concepts (i.e. freedom of exposure and protection from disclosure). The paradox is valuable as a prerequisite for further considerations on privacy in information management. In this paper, the privacy paradox is used as a strategy for theorizing on privacy.
The Internet of Things has facilitated access to a large volume of sensitive information on each participating object in an ecosystem. This imposes many threats ranging from the risks of data management to the potential discrimination enabled by data analytics over delicate information such as locations, interests, and activities. To address these issues, the concept of trust is introduced as an important role in supporting both humans and services to overcome the perception of uncertainty and risks before making any decisions. However, establishing trust in a cyber world is a challenging task due to the volume of diversified influential factors from cyber-physical-systems. Hence, it is essential to have an intelligent trust computation model that is capable of generating accurate and intuitive trust values for prospective actors. Therefore, in this paper, a quantifiable trust assessment model is proposed. Built on this model, individual trust attributes are calculated numerically. Moreover, a novel algorithm based on machine learning principles is devised to classify the extracted trust features and combine them to produce a final trust value to be used for decision making. Finally, our model's effectiveness is verified through a simulation. The results show that our method has advantages over other aggregation methods.
We are at the beginning of a new age of business, where dynamic interaction is the driving force for whatever kind of business. To draw from a known analogy, “bring your own device” (BYOD) exemplifes the trends of devices accessing processes and information on enterprises. In the upcoming years, not only phones, tablets, and computers will demand access, but also sensors and embedded systems will deliver and request information. In the traditional way of handling dynamic interaction, the attempt was to secure the whole infrastructure of a company. To follow the analogy, BYOD is often seen as a threat, and answered in the classical way by preventing employees from using their devices, as security cannot be ensured. A second variant of counteracting classic threats such as insuf cient authentication and loss of devices is addressed through an approach of integrating, managing, and securing mobile devices. But these strategies cannot be applied to sensors and other kinds of cyber-physical systems. Companies cannot stop integrating embedded systems into their infrastructures, as their businesses and processes need them to remain competitive. So, they need to be able to assess the dynamic interaction impact of integrating a new system into their infrastructure in a manageable way, which conventionally suffers from two aspects:
i. Secure interaction issues in current systems are described through an integrated approach, and do not open for scalability.
ii. Measurable security in terms of quantiable results is not industry.
A paradigm shift in handling dynamic interaction is required, addressing the need for securing information instead of securing infrastructure. The paradigm shift includes the need for a security methodology definition first, and for the consequent measurability.
SHIELD addresses both these shortcomings, providing the methodology and the means of integrating new infrastructures, new ways of communication, and new devices. It thereby answers the upcoming trends of wireless sensors, sensor networks, and automated processes. Though the focus of SHIELD is on introducing security for cyber-physical systems, we see that these security measures need to be the basis for running automated processes. Consequently, the solution proposed in this book addresses a metrics-based approach for a quantitative assessment of both the potential attack scenario and the security measures of the information, and outlines the methodology of measurable security for systems of cyber-physical systems.
Measurable security is often misinterpreted as a good risk analysis. The SHIELD approach works toward measuring security in terms of cardinal numbers, representing the application of special security methods as compared to the specific threat scenario. The approach is based on the semantic description of a potential attack scenario, the security-related aspects of sensors/systems, and security policies that should be applied irrespective of the scenario.
Through SHIELD, we address measurable security and introduce countable numbers for the security components of systems. We also address the scalability aspect by using composition techniques that are able to build a security representation of the composed system (system of systems) based on the individual security representations of each individual element. This simplifies the process of measuring the security of the composed system, and opens up the opportunity to build the system in an incremental way.
This approach is particularly indicated to manage all the security aspects of cyber-physical systems, embedded systems that are interconnected, interdependent, collaborative, and smart. They provide computing and communication, monitoring, and control of physical components and processes in various applications. Many of the products and services that we use in our daily lives are increasingly determined by cyber-physical systems and, the software that is built into them is the connection between the real physical world and the built-in intelligence. The SHIELD approach also represents an answer to dependability aspects.
Dependability is a key aspect of cyber-physical systems, in particular in safety-critical environments that may often require 24/7 reliability, 100% availability, and 100% connectivity, in addition to real-time response. Moreover, security and privacy are both important criteria that affect the dependability of a system; therefore, this book focuses on security, privacy, and dependability issues within the context of embedded cyber-physical systems, considering security, privacy, and dependability both as distinct properties of a cyber-physical system and as a single property by composition.
Increasing security, privacy, and dependability requirements introduce new challenges in emerging Internet of Things and Machine to Machine scenarios, where heterogeneous cyber-physical systems are massively deployed to pervasively collect, store, process, and transmit data of a sensitive nature. Industry demands solutions to these challenges—solutions that will provide measurable security, privacy, and dependability, risk assessment of security critical products, and configurable/composable security. Security is frequently misconstrued as the hardware or software implementation of cryptographic algorithms and security protocols. On the contrary, security, privacy, and dependability represent a new and challenging set of requirements that should be considered in the design process, along with cost, performance, power, and so on.
The SHIELD methodology addresses security, privacy, and dependability in the context of cyber-physical systems as “built in” rather than as “addon” functionalities, proposing and perceiving with this strategy the first step toward security, privacy, and dependability certi cation for future cyberphysical systems.
The SHIELD general framework consists of a four-layered system architecture and an application layer in which four scenarios are considered: (1) airborne domain, (2) railways, (3) biometric-based surveillance, and (4) smart environments.
Starting from the current security, privacy, and dependability solutions in cyber-physical systems, new technologies have been developed and the existing ones have been consolidated in a solid basement that is expected to become the reference milestone for a new generation of “security, privacy, and dependability-ready” cyber-physical systems. SHIELD approaches security, privacy, and dependability at four different levels: node, network, middleware, and overlay. For each level, the state of the art in security, privacy, and dependability of individual technologies and solutions has been improved and integrated (hardware and communication technologies, cryptography, middleware, smart security, privacy, and dependability applications).
The leading concept has been the demonstration of the composability of security, privacy, and dependability technologies and the composition of security, depending on the application need or the attack surrounding.
To achieve these challenging goals, we developed and evaluated an innovative, modular, composable, expandable, and highly dependable architectural framework, concrete tools, and common security, privacy, and dependability metrics capable of improving the overall security, privacy, and dependability level in any specific application domain, with minimum engineering effort.
Through SHIELD, we have (i) achieved a de facto standard for measurable security, privacy, and dependability; (ii) developed, implemented, and tested roughly 40 security-enhancing prototypes in response to specific industrial requests; and (iii) applied the methodology in four different domains, proving how generic the approach is.
The book’s main objective is to provide an innovative, modular, composable, expandable and high-dependable architectural framework conceived and designed with the SHIELD methodology, which allows to achieve the desired security, privacy, and dependability level in the context of integrated and interoperating heterogeneous services, applications, systems, and devices; and to develop concrete solutions capable of achieving this objective in specific application scenarios with minimum engineering effort.
The book is organized in two parts:
Section I: SHIELD Technologies and Methodology for Security, Privacy, and Dependability is dedicated to the SHIELD methodology, to technical aspects of new and innovative security, privacy, and dependability technologies and solutions, and to the SHIELD framework.
Section II: SHIELD Application Scenarios, New Domains, and Perspectives covers four different application scenarios for SHIELD in the airborne domain, railway domain, biometric security, and smart environments security (smart grid, smart vehicles, smart cities, etc.). This section also describes some domain-independent technology demonstrators and provides an overview of the industrial perspectives of security, privacy, and dependability and of the results obtained by adopting the SHIELD methodology in other European research projects.
This book is foreseen for system integrators, software engineers, security engineers, electronics engineers, and many other engineering disciplines involved in the extremely rapidly digitalizing world. But also, managers and policy makers in industry and public administration can make use of it to get awareness on the security challenges of this massive digitalization. The book is intended to be written in a language as plain as possible to reach a wide audience. The goal is to raise awareness on security aspects of the cyber-physical systems that are increasingly being connected to the rest of the world. Systems are often responsible for critical infrastructures that provide the foundations of our modern society. It provides the shortcomings of current approaches, indicates the advances coming from the distributed approach as suggested by SHIELD, and addresses the state of the art in security in various market segments.
Finally, it must be acknowledged that Measurable and Composable Security, Privacy, and Dependability for Cyberphysical Systems: The SHIELD Methodology is the result of the two SHIELD projects co-funded by the ARTEMIS Joint Undertaking (https://www.artemis-ju.eu/). Several institutions of different European countries have participated in SHIELD and this book would not have been possible without all the work carried out during all those years by this team of highly professional researchers. The participation by major European industry players in embedded systems security, privacy, and dependability, also made possible the commercial exploitation of the results developed in the SHIELD projects.
Internet of Things (IoT) is associate degree rising conception which can interconnect billions of devices (such as smartphones, sensors and alternative networking devices), to speak with one another. IoT may be a system wherever objects embedded with detector technology to act with one another over wireless communication medium to come up with, exchange and transfer knowledge without human interaction. This interconnection is relevant in many ways like timely coordination with many simple devices such as sensors, thermostats, fitbits, routers etc. Due to open and heterogeneous nature of these networks, they are highly prone to vulnerable attacks. So privacy and security is the biggest concern in this technology. This paper focuses on common IoT vulnerabilities like Distributed Denial of Service (DDoS), Data modification attacks in background section. It covers privacy and security concerns in different segments like web interface vulnerabilities, device connections, spamming, data storage issues, IoT network related problems like Sybil attacks, cloud connectivity considerations, Industrial IoT attacks. There have been many privacy preserving mechanisms discovered (like Learning Automata based solution, disabling Universal Plug and Play, DDOS ALERT mechanisms, Rigorous Testing etc.) and related research is still going on. The goal of this paper to present the security and privacy concerns that IoT environment is facing and existing mechanisms to protect it.
Aims:
Remote management of heart failure using implantable electronic devices (REM-HF) aimed to assess the clinical and cost-effectiveness of remote monitoring (RM) of heart failure in patients with cardiac implanted electronic devices (CIEDs).
Methods and results:
Between 29 September 2011 and 31 March 2014, we randomly assigned 1650 patients with heart failure and a CIED to active RM or usual care (UC). The active RM pathway included formalized remote follow-up protocols, and UC was standard practice in nine recruiting centres in England. The primary endpoint in the time to event analysis was the 1st event of death from any cause or unplanned hospitalization for cardiovascular reasons. Secondary endpoints included death from any cause, death from cardiovascular reasons, death from cardiovascular reasons and unplanned cardiovascular hospitalization, unplanned cardiovascular hospitalization, and unplanned hospitalization. REM-HF is registered with ISRCTN (96536028). The mean age of the population was 70 years (range 23-98); 86% were male. Patients were followed for a median of 2.8 years (range 0-4.3 years) completing on 31 January 2016. Patient adherence was high with a drop out of 4.3% over the course of the study. The incidence of the primary endpoint did not differ significantly between active RM and UC groups, which occurred in 42.4 and 40.8% of patients, respectively [hazard ratio 1.01; 95% confidence interval (CI) 0.87-1.18; P = 0.87]. There were no significant differences between the two groups with respect to any of the secondary endpoints or the time to the primary endpoint components.
Conclusion:
Among patients with heart failure and a CIED, RM using weekly downloads and a formalized follow up approach does not improve outcomes.
The major challenge faced by wireless sensor networks is security. Because of dynamic and collaborative nature of sensor networks the connected sensor devices makes the network unusable. To solve this issue, a trust model is required to find malicious, selfish and compromised insiders by evaluating trust worthiness sensors from the network. It supports the decision making processes in wireless sensor networks such as pre key-distribution, cluster head selection, data aggregation, routing and self reconfiguration of sensor nodes. This paper discussed the kinds of trust model, trust metrics used to address attacks by monitoring certain behavior of network. It describes the major design issues and their countermeasures of building trust model. It also discusses existing trust models used in various decision making process of wireless sensor networks.
Most of today's enterprises are open in a competitive market worldwide and dependent on distributed information infrastructure across various geospatial location and various cyber spatial location as well with a purpose of offering ready and effective services to customers. But this decentralization comes at the cost of security. The distributed computing framework is vulnerable to attacks from malicious agents, thereby increasing the chances of risks and security breaches. Trust and Reputation management system is a tool to combat security threats. A trust management system helps its user to decide how trustworthy the other party is before making a transaction. This work aims to identify the required characteristics of trust needed for an enterprise network and presents a survey of a few well known trust models with an aim to identify trust characteristics in each model.
Embedded Systems have become highly interconnected devices, being the key elements of the Internet of Things. Their main function is to capture, store, manipulate and access data of a sensitive nature. Moreover, being connected to Internet, expose them to all kind of attacks, which could cause serious consequences. Traditionally, during the design process, security, privacy and dependability (SPD) have been set aside, including them as an add-on feature. This paper provides a methodology together with a Multi-Metrics approach to evaluate the system SPD level during both the design and running processes.
The simplicity, based on a single process during the whole system evaluation, and scalability, simple and complex systems are evaluated equally, are the main advantages. The applicability of the presented methodology is demonstrated by the evaluation of a smart vehicle use case.
Cloud computing has become a part of the competitive market today. Various cloud computing service providers are available with their services in the cloud environment. Techniques adopted by various providers to achieve security are of varying nature. To analyze and measure a particular service based on its security properties is a challenge. This paper presents such a measurement by using a trust model. A trust model measures the security strength and computes a trust value. A trust value comprises of various parameters that are necessary dimensions along which security of cloud services can be measured. CSA (Cloud Service Alliance) service challenges are used to assess security of a service and validity of the model. Adequacy of the model is also verified by evaluating trust value for existing cloud services. Trust model acts as a benchmark and ranking service to measure security in a cloud computing environment.
A wireless sensor network (WSN) is a collection of distributed sensor nodes to work together for monitoring the physical and environmental conditions. Trust in wireless sensor networks is an important issue and it solves the problem of access control, privacy, secure routing scheme and reliable communication. This paper introduces a new approach to calculate the trust in WSN. The proposed algorithm and the evaluation of the trust value of the node in the network depend on the trust attributes, metrics and trust parameters.
In this paper, we present a trust establishment and management framework for hierarchical wireless sensor networks. The wireless sensor network architecture we consider consists of a collection of sensor nodes, cluster heads and a base station arranged hierarchically. The framework encompasses schemes for establishing and managing trust between these different entities. We demonstrate that the proposed framework helps to minimize the memory, computation and communication overheads involved in trust management in wireless sensor networks. Our framework takes into account direct and indirect (group) trust in trust evaluation as well as the energy associated with sensor nodes in service selection. It also considers the dynamic aspect of trust by introducing a trust varying function which could be adjusted to give greater weight to the most recently obtained trust values in the trust calculation. The architecture also has the ability to deal with the inter-cluster movement of sensor nodes using a combination of certificate based trust and behaviour based trust.
In wireless sensor networks, compromised sensor nodes aim to distort the integrity of data by sending false data reports, injecting false data during data aggregation, and disrupting transmission of aggregated data. Previously known trust systems rely on general reputation concept to prevent these attacks. However, this paper presents a novel reliable data aggregation and transmission protocol, called RDAT, which is based on the concept of functional reputation. Protocol RDAT improves the reliability of data aggregation and transmission by evaluating each type of sensor node action using a respective functional reputation. In addition, protocol RDAT employs a fault tolerant Reed–Solomon coding scheme based multi path data transmission algorithm to ensure the reliable data transmission to the base station. The simulation results show that protocol RDAT significantly improves the reliability of the data aggregation and transmission in the presence of compromised nodes.
The key barrier to widespread uptake of cloud computing is the lack of trust in clouds by potential customers. While preventive controls for security and privacy are actively researched, there is still little focus on detective controls related to cloud accountability and auditability. The complexity resulting from large-scale virtualization and data distribution carried out in current clouds has revealed an urgent research agenda for cloud accountability, as has the shift in focus of customer concerns from servers to data. This paper discusses key issues and challenges in achieving a trusted cloud through the use of detective controls, and presents the TrustCloud framework, which addresses accountability in cloud computing via technical and policy-based approaches.
Wireless Sensor Networks (WSNs) are becoming more and more spread and both industry and academia are focusing their research
efforts in order to improve their applications. One of the first issues to solve in order to achieve that expected improvement
is to assure a minimum level of security in such a restrictive environment. Even more, ensuring confidence between every pair
of interacting nodes is a critical issue in this kind of networks. Under these conditions we present in this paper a bio-inspired
trust and reputation model, called BTRM-WSN, based on ant colony systems aiming at providing trust and reputation in WSNs.
Experiments and results demonstrate the accuracy, robustness and lightness of the proposed model in a wide set of situations.
Evolving toward a knowledge society requires a trusted ICT infrastructure for sharing information and creating knowledge. To advance the efforts to build converged ICT services and reliable information infrastructures, ITU-T has recently started to work on future trusted ICT infrastructures. This article proposes a possible future Social-Cyber-Physical infrastructure that acts as the glue for integrating the physical, cyber, and social worlds with ICT, and outlines proposals toward an effort to find viable solutions for trust related problems while developing advanced technologies from an ITU-T standards perspective along with the trust conceptual model and the trust architectural framework.
Aims:
The aim of this study was to evaluate the clinical efficacy and safety of remote monitoring in patients with heart failure implanted with a biventricular defibrillator (CRT-D) with advanced diagnostics.
Methods and results:
The MORE-CARE trial is an international, prospective, multicentre, randomized controlled trial. Within 8 weeks of de novo implant of a CRT-D, patients were randomized to undergo remote checks alternating with in-office follow-ups (Remote arm) or in-office follow-ups alone (Standard arm). The primary endpoint was a composite of death and cardiovascular (CV) and device-related hospitalization. Use of healthcare resources was also evaluated. A total of 865 eligible patients (mean age 66 ± 10 years) were included in the final analysis (437 in the Remote arm and 428 in the Standard arm) and followed for a median of 24 (interquartile range = 15-26) months. No significant difference was found in the primary endpoint between the Remote and Standard arms [hazard ratio 1.02, 95% confidence interval (CI) 0.80-1.30, P = 0.89] or in the individual components of the primary endpoint (P > 0.05). For the composite endpoint of healthcare resource utilization (i.e. 2-year rates of CV hospitalizations, CV emergency department admissions, and CV in-office follow-ups), a significant 38% reduction was found in the Remote vs. Standard arm (incidence rate ratio 0.62, 95% CI 0.58-0.66, P < 0.001) mainly driven by a reduction of in-office visits.
Conclusions:
In heart failure patients implanted with a CRT-D, remote monitoring did not reduce mortality or risk of CV or device-related hospitalization. Use of healthcare resources was significantly reduced as a result of a marked reduction of in-office visits without compromising patient safety.
Trial registration:
NCT00885677.
Internet of vehicles(IOV) is an application of Internet of things in Intelligent Transport System, and has attracted high attention of researchers. IOV brings network connectivity to traditional vehicles, while also introduces security risks. This paper presents experimental analysis on the security of vehicles with Internet connections and propose an approach to Controlling a Car Through OBD Injection. In the experiments, we successfully penetrated several types of cars in a wireless way. We also put out a multi-level safety model of cars, which divides cars into different groups and gives analysis and explanations of each group. All of these things are done for indicating a point of view that traditional cars are not safe enough on information security. It is surely risky to put a car without the ability to resist the attack of informational ways into the Internet of vehicles.
The traditional approach of providing network security has been to borrow tools from cryptography and authentication. However, we argue that the conventional view of security based on cryptography alone is not sufficient for the unique characteristics and novel misbehaviors encountered in sensor networks. Fundamental to this is the observation that cryptography cannot prevent malicious or non-malicious insertion of data from internal adversaries or faulty nodes. We believe that in general tools from different domains such as economics, statistics and data analysis will have to be combined with cryptography for the development of trustworthy sensor networks. Following this approach, we propose a reputation-based framework for sensor networks where nodes maintain reputation for other nodes and use it to evaluate their trustworthiness. We will show that this framework provides a scalable, diverse and a generalized approach for countering all types of misbehavior resulting from malicious and faulty nodes. We are currently developing a system within this framework where we employ a Bayesian formulation, specifically a beta reputation system, for reputation representation, updates and integration. We will explain the reasoning behind our design choices, analyzing their pros & cons. We conclude the paper by verifying the efficacy of this system through some preliminary simulation results.
Web-based social networks have become popular as a medium for disseminating information and connecting like-minded people. The public accessibility of such networks with the ability to share opinions, thoughts, information, and experience offers great promise to enterprises and governments. In addition to individuals using such networks to connect to their friends and families, governments and enterprises have started exploiting these platforms for delivering their services to citizens and customers. However, the success of such attempts relies on the level of trust that members have with each other as well as with the service provider. Therefore, trust becomes an essential and important element of a successful social network. In this article, we present the first comprehensive review of social and computer science literature on trust in social networks.We first review the existing definitions of trust and define social trust in the context of social networks.We then discuss recent works addressing three aspects of social trust: trust information collection, trust evaluation, and trust dissemination. Finally, we compare and contrast the literature and identify areas for further research in social trust.
With the great success of the second-generation wireless telephone technology and the third-generation mobile telecommunications technology, and the fast development of the fourth-generation mobile telecommunications technology, the phase of fifth-generation mobile networks or fifth-generation wireless systems (5G) is coming. In this article, we indicate the open research issues of 5G security and trust in the context of virtualized networking and software-defined networking. We further propose a framework of security and trust focusing on solving 5G network security issues. The proposed framework applies adaptive trust evaluation and management technologies and sustainable trusted computing technologies to ensure computing platform trust and achieve software-defined network security. It adopts cloud computing to securely deploy various trustworthy security services over the virtualized networks. We analyze that the framework can support and satisfy all security requirements specified in standardization. We also suggest future research work according to the proposed framework and discuss the advantages of our framework in terms of practical deployment. Copyright © 2015 John Wiley & Sons, Ltd.
Trust models have been recently suggested as an effective security mechanism for Wireless Sensor Networks (WSNs). Considerable research has been done on modeling trust. However, most current research work only takes communication behavior into account to calculate sensor nodes’ trust value, which is not enough for trust evaluation due to the widespread malicious attacks. In this paper, we propose an Efficient Distributed Trust Model (EDTM) for WSNs. First, according to the number of packets received by sensor nodes, direct trust and recommendation trust are selectively calculated. Then, communication trust, energy trust and data trust are considered during the calculation of direct trust. Furthermore, trust reliability and familiarity are defined to improve the accuracy of recommendation trust. The proposed EDTM can evaluate trustworthiness of sensor nodes more precisely and prevent the security breaches more effectively. Simulation results show that EDTM outperforms other similar models, e.g., NBBTE trust model.
Wireless Sensors Networks (WSNs) are susceptible to many security threats, and because of communication, computation and delay constraints of WSNs, traditional security mechanisms cannot be used. Trust management models have been recently suggested as an effective security mechanism for WSNs. Considerable research has been done on modeling and managing trust. In this paper, we present a detailed survey on various trust models that are geared towards WSNs. Then, we analyze various applications of trust models. They are malicious attack detection, secure routing, secure data aggregation, secure localization and secure node selection. In addition, we categorize various types of malicious attacks against trust models and analyze whether the existing trust models can resist these attacks or not. Finally, based on all the analysis and comparisons, we list several trust best practices that are essential for developing a robust trust model for WSNs.
Many recent studies of trust and reputation are made in the context of commercial reputation or rating systems for online communities. Most of these systems have been constructed without a formal rating model or much regard for our sociological understanding of these concepts. We first provide a critical overview of the state of research on trust and reputation. We then propose a formal quantitative model for the rating process. Based on this model, we formulate two personalized rating schemes and demonstrate their effectiveness at inferring trust experimentally using a simulated dataset and a real world movie-rating dataset. Our experiments show that the popular global rating scheme widely used in commercial electronic communities is inferior to our personalized rating schemes when sufficient ratings among members are available. The level of sufficiency is then discussed. In comparison with other models of reputation, we quantitatively show that our framework provides significantly better estimations of reputation. "Better" is discussed with respect to a rating process and specific games as defined in this work. Secondly, we propose a mathematical framework for modeling trust and reputation that is rooted in findings from the social sciences. In particular, our framework makes explicit the importance of social information (i.e., indirect channels of inference) in aiding members of a social network choose whom they want to partner with or to avoid. Rating systems that make use of such indirect channels of inference are necessarily personalized in nature, catering to the individual context of the rater. Finally, we have extended our trust and reputation framework toward addressing a fundamental problem for social science and biology: evolution of cooperation.
With an increasing number of technologies supporting transactions over distance and replacing traditional forms of interaction, designing for trust in mediated interactions has become a key concern for researchers in human computer interaction (HCI). While much of this research focuses on increasing users’ trust, we present a framework that shifts the perspective towards factors that support trustworthy behavior. In a second step, we analyze how the presence of these factors can be signalled. We argue that it is essential to take a systemic perspective for enabling well-placed trust and trustworthy behavior in the long term. For our analysis we draw on relevant research from sociology, economics, and psychology, as well as HCI. We identify contextual properties (motivation based on temporal, social, and institutional embeddedness) and the actor's intrinsic properties (ability, and motivation based on internalized norms and benevolence) that form the basis of trustworthy behavior. Our analysis provides a frame of reference for the design of studies on trust in technology-mediated interactions, as well as a guide for identifying trust requirements in design processes. We demonstrate the application of the framework in three scenarios: call centre interactions, B2C e-commerce, and voice-enabled on-line gaming.
Wireless sensor networks (WSNs) typically consist of large number of sensor nodes, which, depending on the application, are mostly left unattended in open environments for moderately long periods of time. Due to the wireless nature of the medium, it is quite possible that a node can be captured by an adversary, which may lead to its non-cooperative behavior or misbehavior with the rest of the nodes in the network. So, it is necessary to provide a security mechanism in the network that mandates only the authorized nodes to be able to access information. Some of the recent literature suggest using multilevel hierarchical architectures (MHA) in WSN. In such an approach, each group is assigned a task and a different role or level is assigned to nodes within a group. There exists a need for multilevel access control in these types of networks, in order to give authorization based on a node’s role – this is also called role-based access control (RBAC). In this paper, we propose a reputation-based role assigning scheme for RBAC. The main objective of this scheme is to manage reputation locally with minimum communication and delay overhead and to assign appropriate role or level to the deserved nodes in order to increase the throughput of overall network. Other parameters used in our scheme are the bootstrap time and energy. In this paper, we describe our scheme and prove its theoretical correctness. Simulation results show that our scheme leads to an increase in throughput. This scheme leads to increase in throughput by around 32% at the consumption of little more energy.
Sensor network technology promises a vast increase in automatic data collection capabilities through efficient deployment of tiny sensing devices. The technology will allow users to measure phenomena of interest at unprecedented spatial and temporal densities. However, as with almost every data-driven technology, the many benefits come with a significant challenge in data reliability. If wireless sensor networks are really going to provide data for the scientific community, citizen-driven activism, or organizations which test that companies are upholding environmental laws, then an important question arises: How can a user trust the accuracy of information provided by the sensor network? Data integrity is vulnerable to both node and system failures. In data collection systems, faults are indicators that sensor nodes are not providing useful information. In data fusion systems the consequences are more dire; the final outcome is easily affected by corrupted sensor measurements, and the problems are no longer visibly obvious.
In this article, we investigate a generalized and unified approach for providing information about the data accuracy in sensor networks. Our approach is to allow the sensor nodes to develop a community of trust. We propose a framework where each sensor node maintains reputation metrics which both represent past behavior of other nodes and are used as an inherent aspect in predicting their future behavior. We employ a Bayesian formulation, specifically a beta reputation system, for the algorithm steps of reputation representation, updates, integration and trust evolution. This framework is available as a middleware service on motes and has been ported to two sensor network operating systems, TinyOS and SOS. We evaluate the efficacy of this framework using multiple contexts: (1) a lab-scale test bed of Mica2 motes, (2) Avrora simulations, and (3) real data sets collected from sensor network deployments in James Reserve.
Providing trust in wireless sensor networks using abio-inspiredtechnique
- Gómez Mármol