Hide menu

onTrust - Integrated trust in middleware for peer-to-peer-based network applications

This project has completed.

Principal investigator: Professor Nahid Shahmehri
Members: Professor Germano Caronni (with Sun Microsystems)
Dr. Claudiu Duma (former member)
Partners: Sun Microsystems
TeliaSonera
Funding agency: VINNOVA
Related projects:
Keywords: security, trust, p2p, peer-to-peer, policy, reputation

Summary

onTrust is a VINNOVA-funded project with the goal of designing and building a middleware component that implements trust modeling and management, for use by peer-to-peer-based applications. The project members are the department of computer science at Linköpings universitet, TeliaSonera and project JXTA.

The project is scheduled to run for three years, starting in mid-2003.

Current Activities

We have completed a substantial part of our work addressing security and trust for groups in distributed services. For services such as multicast software delivery, where an authority exists that enforces a group membership policy, we propose secure and efficient mechanisms that enable that authority to control the access of users to group resources. However, many of the emerging services, such as those enabled by peer-to-peer (P2P) and wireless technologies, have no authority to dictate and control the group members' interactions. Consequently, group members might behave maliciously and attempt to subvert other members in the group. In this context, we propose a mechanism for managing trust, which enables group members to distinguish between well-behaving and malicious members. The work has been reported in a PhD thesis, defended in November 2005.

We are designing reputation-based trust management mechanisms which are resilient to attacks and can effectively cope with the potential dynamic behavior of malicious peers. Initial results have been accepted for publication in IEEE proceedings of the PDMST'05.

Moreover, as part of our activities in REWERSE we are also investigating a novel integrated trust management architecture which will combine the reputation-based and the credential-based approaches to trust management.

Publications

  • P.A. Bonatti, C. Duma, N. Fuchs, W. Nejdl, D. Olmedilla, J. Peer, and N. Shahmehri, "Semantic Web Policies - A Discussion of Requirements and Research Issues". 3rd European Semanti Web Conference, LNCS 4011, pp. 712-724, Budva, Montenegro, June 2006.
  • C. Duma, M. Karresand, N. Shahmehri, G. Caronni, "A Trust-Aware, P2P-Based Overlay for Intrusion Detection". 3nd IEEE International Workshop on P2P Data Management, Security and Trust (PDMST'06), IEEE Press, Krakow, Poland, 2006.
  • C. Duma, Security and Trust Mechanisms for Groups in Distributed Services. PhD thesis no. 979, Linköpings universitet, Sweden, ISBN 91-85457-54-X, November 2005.
  • P. Bonatti, C. Duma, D. Olmedilla, N. Shahmehri, "An Integration of Reputation-based and Policy-based Trust Management". Semantic Web and Policy Workshop (in conjunction with 4th International Semantic Web Conference), Galway, Ireland, November 2005, to appear.
  • P. Bonatti, G. Antoniou, M. Baldoni, C. Baroglio, C. Duma, N. Fuchs, A. Martelli, W. Nejdl, D. Olmedilla, J. Peer, V. Patti, N. Shahmheri, "The REWERSE View on Policies". Semantic Web and Policy Workshop (in conjunction with 4th International Semantic Web Conference), Galway, Ireland, November 2005, to appear.
  • G. Caronni, N. Weiler, M. Waldvogel, N. Shahmehri (eds), Proceedings of the Fifth IEEE International Conference on Peer-to-Peer Computing. IEEE Computer Society, ISBN 0-7695-2376-5, August 2005.
  • C. Duma, N. Shahmehri, G. Caronni, "Dynamic Trust Metrics for Peer-to-Peer Systems", 2nd International Workshop on P2P Data Management, Security and Trust (PDMST'05), pp 776-781, Copenhagen, Denmark, August 2005.
  • C. Duma, N. Shahmehri, E. Turcan, "Resilient Trust for Peer-to-Peer Based Critical Information Infrastructures". 2nd International Conference on Critical Infrastructures (CRIS 2004), Grenoble, France, October 2004.
  • P. A. Bonatti, N. Shahmehri, C. Duma, D. Olmedilla, W. Nejdl, M. Baldoni, C. Baroglio, A. Martelli, V. Patti, P. Coraggio, G. Antoniou, J. Peer, N. E. Fuchs, "Rule-based Policy Specification: State of the Art and Future Work". Project deliverable D1, Working Group I2, EU NoE REWERSE, 2004.
  • G. Caronni, N. Weiler, N. Shahmehri (eds), Proceedings of the Fourth IEEE International Conference on Peer-to-Peer Computing (August 25-27, 2004, Zurich, Switzerland), IEEE Computer Society, 2004. ISBN 0-7695-2156-8.
  • N. Shahmehri, C. Duma, P. Pietrzak, "A survey on reputation based trust management in P2P networks", Technical Report, June 2004.
  • C. Duma, N. Shahmehri, "An algorithmic framework for reputation-based trust computation", Technical Report, June 2004.
  • N. Shahmehri, R. L. Graham, G. Caronni, Proceedings of the Third IEEE International Conference on Peer-to-Peer Computing (September 1-3, 2003, Linköping, Sweden), IEEE Computer Society, 2003. ISBN 0-7695-2023-5.

Software

We have developed a high level peer-to-peer network simulator. This simulator allows us to evaluate our proposed trust metrics.

We have implemented our OverlayIDS proposal using the JXTA P2P framework. Note that the OverlayIDS is a concrete application for our trust management mechanisms.

We have designed and implemented a secure and flexible experimental testbed for the analysis of real Internet worms within an emulated network environment. This testbed allows us to evaluate the effectiveness of our proposed OverlayIDS.

Collaboration and dissemination

Collaboration

We are members of the research "Network of Excellence" (NoE) on "Reasoning on the Web" REWERSE that is funded by the EU Commission and Switzerland within the "6th Framework Programme" (FP6), Information Society Technologies (IST), Priority 2 under the project reference number 506779. Our activities for REWERSE are within the Policies Working Group (WG I2) which aims at building policiy languages for the web with the focus on security and trust.

Presentations

Presentation of research at PhD seminar, Linköping, Sweden, November 2005.

Presentation of research at Semantic Web and Policy Workshop (in conjunction with 4th International Semantic Web Conference), Galway, Ireland, November 2005, Upcoming.

Presentation of research at 2nd International Workshop on P2P Data Management, Security and Trust (PDMST'05), Copenhagen, Denmark, August 2005.

Presentation of research by Germano Caronni in the context of a security seminar at ETH Zurich, Switzerland, June 2005. The title of the talk was "Security Aspects of Storage as a Public Utility".

Guest visit and research presentation of Daniel Olmedilla from Learning Lab Lower Saxony, Hannover, Germany. The seminar was organized by ADIT at Linköping University in June 2005.

Project presentation at the 2nd Annual Meeting of the European Project REWERSE, Munich, Germany, March 2005.

Presentation of research at 2nd International Conference on Critical Infrastructures (CRIS 2004), Grenoble, France, October 2004.

Presentation of research at 5th Conference on Computer Science and Systems Engineering in Linköping, Linköping, Sweden, October 2004.


Page responsible: Nahid Shahmehri
Last updated: 2006-11-16