SlideShare una empresa de Scribd logo

Trust in Distributed Systems

Tyrone Grandison
Tyrone Grandison

A Talk in 2000 on Trust and Trust Management in Distributed Systems

Tecnología
1 de 11
1 Trust in Distributed Systems - Tyrone W. A. Grandison Supervisors: Prof Morris Sloman and Dr Naranker Dulay Outline Definition Motivation Properties of trust and trust relationships Trust classification Trust management solutions Future work
2 Definition The contemporary approach My Definition “The firm belief in the reliability, truth and competence of an entity and its transmissions” - Reliable, dependable, honest, secure, competent and timely Attributes that relate to trust: What are trustors and trustees? Motivation The need for a universal way to specify and monitor trust. Remove trust complexity from application layer. Enable E-Commerce. Risk. Domain Navigation.
3 Properties Constraints on trusted actions. I believe that you will find a way to bridge this gap Properties Trust levels. I have to admit that I do trust the manual system more
4 The issue of transitivity. Not symmetrical. A trust relationship can be: Properties One-to-One TR TE Many-to-One TR TE One-to-Many TR TE Many-to-Many TR TE Trust Classification Access to Trustor Resources Tom is trusted to install NT on Server B “The trustor trusts a trustee to use resources that he owns or controls” Resources may be anything from trustor’s services to trustor software environment. Resource Access Trust can be refined into authorisation policies.
5 Trust Classification Provision of Service by the Trustee “The trustor trusts the trustee to provide a service that does not involve access to the trustor’s resources” Forms of Service Provision Trust: Confidence, Competence & Reliability Tom trusts news.com Trust Classification Certification “The trustor trusts the trustee based on certification from a third party about the trustee’s trustworthiness” ME YOU CA Certification is actually a special form of service provision trust.
6 Trust Classification Delegation “The trustor trusts the trustee to make decision(s) on its behalf, with respect to a resource or service that the trustor owns or controls” Micky delegates all decisions concerning his investments to his financial advisor Delegation is also a special form of service provision trust - a trust decision-making service. Trust Classification Infrastructure Trust “The trustor’s trust in its infrastructure” I hope this tight rope holds
7 Trust Management Solutions Current Solutions include: – Public Key Certificates – PICS (Platform for Internet Content Selection) – IBM Trust Establishment Framework – PolicyMaker and KeyNote – REFEREE The problem with current solutions N-Time Solutions - i.e. run once or at the coder’s discretion, do not learn, believe calling applications unconditionally, suggestion-oriented, no monitoring. Trust Management Solutions Public Key Certificates “Who is the owner of this public key? ” A third party vouches for key-name validity.
8 Trust Management Solutions Public Key Certificates Address authentication (public-key-to-name binding), but leaves determination of access rights to application. Two more popular certificate frameworks: PGP and X.509 PGP’s informality is good for email, but not E- Commerce, X.509 may lead to unnatural alliances. Both suffer from expiry problems. Trust Management Solutions PICS A solution to the problem of protecting children from pornography, without compromising freedom of speech. Developed by MIT WWW Consortium. PICS defines standards for format and distribution of labels. PICS doesn’t stipulate a label vocabulary nor state which labels are important. It merely defines standards for stating ratings services and rating systems. There is an associated policy language, PICSRules.
9 Trust Management Solutions A Very Simple PICSRules StatementA PICS Label A PICS Rating Service (PicsRule-1.1 ( Policy (RejectByURL ( “http://*@www.doc.ic.ac.uk*/*” “http://*@www.yahoo.com*/s*” ) ) Policy (AcceptIf “otherwise) ) ) ( (PICS-version1.1) “http://www.doc.worldwide.com/descrip.html” labels on “1998.11.05T08:15-0500” until “1999.09.30T23:34-0000” for “http://www-dse.doc.ic.ac.uk/~per/index.html” by “Tom Green” ratings (rc “a lot”) ) ( category (transmit-as rc) (name “Research Content”) (label (name “very little”) (value 0) (icon “icons/little.gif”) ) (label (name “a lot”) (value 1) (icon “icons/lots.gif”) ) ) ) ( (PICS-version1.1) (rating-system “http://www.doc.worldwide.com/ratings/”) (rating-service “http://www.doc.worldwide.com/descrip.html”) (icon “icons/good.gif”) (name “The Computing Department Rating System”) (description “All about the rating of the pages offered by computing departments all over the world”) PICS Trust Management Solutions PolicyMaker Seeks to solve a problem with public key certificates. “What is a public key authorised to do?” PolicyMaker is a query engine. It accepts local policy, a set of credentials and an action string from a calling application. Policies and credentials are assertions. An assertion is of the form: Source ASSERTS AuthorityStruct WHERE Filter
10 Trust Management Solutions PolicyMaker Examples of assertions: policy ASSERTS doctor_key WHERE filter that allows check-up if the field is not plastic surgery BMA_key ASSERTS “0x12345” WHERE filter that returns “not a plastic surgeon”, if the field is not plastic surgery Policymaker has no standard assertion language. Filters are interpreted programs. Filter language is external to PolicyMaker. Trust Management Solutions PolicyMaker The format of a PolicyMaker query is: key1, key2, key3, ……… REQUESTS ActionString Action strings are application-specific. Example of a query: “0x12345” REQUESTS “do check-up” PolicyMaker tries to prove that the credentials contain a proof that the requested actions(s) compiles with the policy.
11 Future Work Composing Trust Classes Conflict Detection and Resolution resulting from Trust Class Composition Formulation of a generic trust establishment framework Trust Enforcement, Monitoring and Management Implementing a Trust Specification Language Implementing a Trust Management System

Recomendados

IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...
IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...
IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...IRJET Journal
 
Protecting user data in profile matching social networks
Protecting user data in profile matching social networksProtecting user data in profile matching social networks
Protecting user data in profile matching social networksVenkat Projects
 
NDSS_submission_240
NDSS_submission_240NDSS_submission_240
NDSS_submission_240Sakshi Jain
 
Jw day 10 (unit 3)
Jw day 10 (unit 3)Jw day 10 (unit 3)
Jw day 10 (unit 3)Angala Maria
 
National Parks
National ParksNational Parks
National Parkstpuetz
 
Gerry newe presentation
Gerry newe presentationGerry newe presentation
Gerry newe presentationGreen17Creative
 
News affects the world jacob
News affects the world jacobNews affects the world jacob
News affects the world jacobkingjayo
 
Paychex One Source Solution
Paychex One Source SolutionPaychex One Source Solution
Paychex One Source Solutiontmccarrey
 

Recomendados

IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...
IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...
IRJET- Personalised Privacy-Preserving Social Recommendation based on Ranking...IRJET Journal
 
Protecting user data in profile matching social networks
Protecting user data in profile matching social networksProtecting user data in profile matching social networks
Protecting user data in profile matching social networksVenkat Projects
 
NDSS_submission_240
NDSS_submission_240NDSS_submission_240
NDSS_submission_240Sakshi Jain
 
Jw day 10 (unit 3)
Jw day 10 (unit 3)Jw day 10 (unit 3)
Jw day 10 (unit 3)Angala Maria
 
National Parks
National ParksNational Parks
National Parkstpuetz
 
Gerry newe presentation
Gerry newe presentationGerry newe presentation
Gerry newe presentationGreen17Creative
 
News affects the world jacob
News affects the world jacobNews affects the world jacob
News affects the world jacobkingjayo
 
Paychex One Source Solution
Paychex One Source SolutionPaychex One Source Solution
Paychex One Source Solutiontmccarrey
 
An amazing man
An amazing manAn amazing man
An amazing manthandastuff
 
คอมพิวเตอร์
คอมพิวเตอร์คอมพิวเตอร์
คอมพิวเตอร์deepre
 
幸福..
幸福..幸福..
幸福..tswai
 
คอมพิวเตอร์
คอมพิวเตอร์คอมพิวเตอร์
คอมพิวเตอร์deepre
 
Communication
CommunicationCommunication
Communicationthandastuff
 
One year in e-commerce: 9 things I've learned
One year in e-commerce: 9 things I've learnedOne year in e-commerce: 9 things I've learned
One year in e-commerce: 9 things I've learnedKristof Nizet
 
Are nonusers socially disadvantaged?
Are nonusers socially disadvantaged? Are nonusers socially disadvantaged?
Are nonusers socially disadvantaged? Petr Lupac
 
Just Words day 7
Just Words day 7Just Words day 7
Just Words day 7Angala Maria
 
Programa de prácticas en empresas internacionales para el Máster de Sistemas ...
Programa de prácticas en empresas internacionales para el Máster de Sistemas ...Programa de prácticas en empresas internacionales para el Máster de Sistemas ...
Programa de prácticas en empresas internacionales para el Máster de Sistemas ...Grial - University of Salamanca
 
SocialNet
SocialNetSocialNet
SocialNetGrial - University of Salamanca
 
Learning services-based technological ecosystems
Learning services-based technological ecosystemsLearning services-based technological ecosystems
Learning services-based technological ecosystemsGrial - University of Salamanca
 
EHISTO - External Newsletter
EHISTO - External NewsletterEHISTO - External Newsletter
EHISTO - External NewsletterGrial - University of Salamanca
 
Library Instruction Session Outline Example
Library Instruction Session Outline ExampleLibrary Instruction Session Outline Example
Library Instruction Session Outline ExampleJulie Anne Kent
 
Sarova Hotels Presentation
Sarova Hotels PresentationSarova Hotels Presentation
Sarova Hotels PresentationSarova Hotels
 
South Korean Women Today
South Korean Women TodaySouth Korean Women Today
South Korean Women TodayKyle
 
Quantity and Quality in University Teaching
Quantity and Quality in University TeachingQuantity and Quality in University Teaching
Quantity and Quality in University Teachingvogmae
 
Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5RMK ENGINEERING COLLEGE, CHENNAI
 
7.Trust Management
7.Trust Management7.Trust Management
7.Trust Managementphanleson
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Doeren Mayhew
 
GRC Dynamics in Securing Cloud
GRC Dynamics in Securing CloudGRC Dynamics in Securing Cloud
GRC Dynamics in Securing CloudNoman Bari PMP,CISSP,CCSP,AWSx4,CISM,CISA
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think Uni Systems S.M.S.A.
 
Rama Mail the only solution that COMPLETELY prevents phishing
Rama Mail the only solution that COMPLETELY prevents phishingRama Mail the only solution that COMPLETELY prevents phishing
Rama Mail the only solution that COMPLETELY prevents phishingHoward Sterling
 

Más contenido relacionado

Destacado

คอมพิวเตอร์
คอมพิวเตอร์คอมพิวเตอร์
คอมพิวเตอร์deepre
 
幸福..
幸福..幸福..
幸福..tswai
 
คอมพิวเตอร์
คอมพิวเตอร์คอมพิวเตอร์
คอมพิวเตอร์deepre
 
One year in e-commerce: 9 things I've learned
One year in e-commerce: 9 things I've learnedOne year in e-commerce: 9 things I've learned
One year in e-commerce: 9 things I've learnedKristof Nizet
 
Are nonusers socially disadvantaged?
Are nonusers socially disadvantaged? Are nonusers socially disadvantaged?
Are nonusers socially disadvantaged? Petr Lupac
 
Programa de prácticas en empresas internacionales para el Máster de Sistemas ...
Programa de prácticas en empresas internacionales para el Máster de Sistemas ...Programa de prácticas en empresas internacionales para el Máster de Sistemas ...
Programa de prácticas en empresas internacionales para el Máster de Sistemas ...Grial - University of Salamanca
 
Library Instruction Session Outline Example
Library Instruction Session Outline ExampleLibrary Instruction Session Outline Example
Library Instruction Session Outline ExampleJulie Anne Kent
 
Sarova Hotels Presentation
Sarova Hotels PresentationSarova Hotels Presentation
Sarova Hotels PresentationSarova Hotels
 
South Korean Women Today
South Korean Women TodaySouth Korean Women Today
South Korean Women TodayKyle
 
Quantity and Quality in University Teaching
Quantity and Quality in University TeachingQuantity and Quality in University Teaching
Quantity and Quality in University Teachingvogmae
 

Destacado (16)

An amazing man
An amazing manAn amazing man
An amazing man
 
คอมพิวเตอร์
คอมพิวเตอร์คอมพิวเตอร์
คอมพิวเตอร์
 
幸福..
幸福..幸福..
幸福..
 
คอมพิวเตอร์
คอมพิวเตอร์คอมพิวเตอร์
คอมพิวเตอร์
 
Communication
CommunicationCommunication
Communication
 
One year in e-commerce: 9 things I've learned
One year in e-commerce: 9 things I've learnedOne year in e-commerce: 9 things I've learned
One year in e-commerce: 9 things I've learned
 
Are nonusers socially disadvantaged?
Are nonusers socially disadvantaged? Are nonusers socially disadvantaged?
Are nonusers socially disadvantaged?
 
Just Words day 7
Just Words day 7Just Words day 7
Just Words day 7
 
Programa de prácticas en empresas internacionales para el Máster de Sistemas ...
Programa de prácticas en empresas internacionales para el Máster de Sistemas ...Programa de prácticas en empresas internacionales para el Máster de Sistemas ...
Programa de prácticas en empresas internacionales para el Máster de Sistemas ...
 
SocialNet
SocialNetSocialNet
SocialNet
 
Learning services-based technological ecosystems
Learning services-based technological ecosystemsLearning services-based technological ecosystems
Learning services-based technological ecosystems
 
EHISTO - External Newsletter
EHISTO - External NewsletterEHISTO - External Newsletter
EHISTO - External Newsletter
 
Library Instruction Session Outline Example
Library Instruction Session Outline ExampleLibrary Instruction Session Outline Example
Library Instruction Session Outline Example
 
Sarova Hotels Presentation
Sarova Hotels PresentationSarova Hotels Presentation
Sarova Hotels Presentation
 
South Korean Women Today
South Korean Women TodaySouth Korean Women Today
South Korean Women Today
 
Quantity and Quality in University Teaching
Quantity and Quality in University TeachingQuantity and Quality in University Teaching
Quantity and Quality in University Teaching
 

Similar a Trust in Distributed Systems

7.Trust Management
7.Trust Management7.Trust Management
7.Trust Managementphanleson
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Doeren Mayhew
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think Uni Systems S.M.S.A.
 
Rama Mail the only solution that COMPLETELY prevents phishing
Rama Mail the only solution that COMPLETELY prevents phishingRama Mail the only solution that COMPLETELY prevents phishing
Rama Mail the only solution that COMPLETELY prevents phishingHoward Sterling
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the HourTechdemocracy
 
IT Series: Cloud Computing Done Right @One 2011
IT Series: Cloud Computing Done Right @One 2011IT Series: Cloud Computing Done Right @One 2011
IT Series: Cloud Computing Done Right @One 2011Donald E. Hester
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlSafeNet
 
Respect Connect: From Social Login to Personal Cloud Login
Respect Connect: From Social Login to Personal Cloud LoginRespect Connect: From Social Login to Personal Cloud Login
Respect Connect: From Social Login to Personal Cloud Logindrummondreed
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedMatthew Moldvan
 
Beware the Firewall My Son: The Workshop
Beware the Firewall My Son: The WorkshopBeware the Firewall My Son: The Workshop
Beware the Firewall My Son: The WorkshopMichele Chubirka
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectATMOSPHERE .
 
Don’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersDon’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersMichael Davis
 
Cyber review-guide
Cyber review-guideCyber review-guide
Cyber review-guideaqazad
 
Building Trust in Blockchain: How Blockchain Will Revolutionize Businesses in...
Building Trust in Blockchain: How Blockchain Will Revolutionize Businesses in...Building Trust in Blockchain: How Blockchain Will Revolutionize Businesses in...
Building Trust in Blockchain: How Blockchain Will Revolutionize Businesses in...PECB
 
IEEE 1609.2 and Connected Vehicle Security: Standards Making in a Pocket Univ...
IEEE 1609.2 and Connected Vehicle Security: Standards Making in a Pocket Univ...IEEE 1609.2 and Connected Vehicle Security: Standards Making in a Pocket Univ...
IEEE 1609.2 and Connected Vehicle Security: Standards Making in a Pocket Univ...OnBoard Security, Inc. - a Qualcomm Company
 

Similar a Trust in Distributed Systems (20)

Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5
 
7.Trust Management
7.Trust Management7.Trust Management
7.Trust Management
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
 
GRC Dynamics in Securing Cloud
GRC Dynamics in Securing CloudGRC Dynamics in Securing Cloud
GRC Dynamics in Securing Cloud
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think
 
Rama Mail the only solution that COMPLETELY prevents phishing
Rama Mail the only solution that COMPLETELY prevents phishingRama Mail the only solution that COMPLETELY prevents phishing
Rama Mail the only solution that COMPLETELY prevents phishing
 
Unc charlotte prezo2016
Unc charlotte prezo2016Unc charlotte prezo2016
Unc charlotte prezo2016
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
 
IT Series: Cloud Computing Done Right @One 2011
IT Series: Cloud Computing Done Right @One 2011IT Series: Cloud Computing Done Right @One 2011
IT Series: Cloud Computing Done Right @One 2011
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
 
Respect Connect: From Social Login to Personal Cloud Login
Respect Connect: From Social Login to Personal Cloud LoginRespect Connect: From Social Login to Personal Cloud Login
Respect Connect: From Social Login to Personal Cloud Login
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formatted
 
Beware the Firewall My Son: The Workshop
Beware the Firewall My Son: The WorkshopBeware the Firewall My Son: The Workshop
Beware the Firewall My Son: The Workshop
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
3 Reasons Why the Cloud is More Secure than Your Server
3 Reasons Why the Cloud is More Secure than Your Server3 Reasons Why the Cloud is More Secure than Your Server
3 Reasons Why the Cloud is More Secure than Your Server
 
Don’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersDon’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud Providers
 
Cyber review-guide
Cyber review-guideCyber review-guide
Cyber review-guide
 
Building Trust in Blockchain: How Blockchain Will Revolutionize Businesses in...
Building Trust in Blockchain: How Blockchain Will Revolutionize Businesses in...Building Trust in Blockchain: How Blockchain Will Revolutionize Businesses in...
Building Trust in Blockchain: How Blockchain Will Revolutionize Businesses in...
 
IEEE 1609.2 and Connected Vehicle Security: Standards Making in a Pocket Univ...
IEEE 1609.2 and Connected Vehicle Security: Standards Making in a Pocket Univ...IEEE 1609.2 and Connected Vehicle Security: Standards Making in a Pocket Univ...
IEEE 1609.2 and Connected Vehicle Security: Standards Making in a Pocket Univ...
 

Más de Tyrone Grandison

Global Scientific Research as a Tool to Unlock and Engage Talent and Expand t...
Global Scientific Research as a Tool to Unlock and Engage Talent and Expand t...Global Scientific Research as a Tool to Unlock and Engage Talent and Expand t...
Global Scientific Research as a Tool to Unlock and Engage Talent and Expand t...Tyrone Grandison
 
Learning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global PandemicLearning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global PandemicTyrone Grandison
 
Systemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and AccessSystemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and AccessTyrone Grandison
 
Are There Ethical Limits to What Science Can Achieve or Should Pursue?
Are There Ethical Limits to What Science Can Achieve or Should Pursue?Are There Ethical Limits to What Science Can Achieve or Should Pursue?
Are There Ethical Limits to What Science Can Achieve or Should Pursue?Tyrone Grandison
 
Using Data and Computing for the Greater Good
Using Data and Computing for the Greater GoodUsing Data and Computing for the Greater Good
Using Data and Computing for the Greater GoodTyrone Grandison
 
How to effectively collaborate with your IT Departments to Develop Secure IA ...
How to effectively collaborate with your IT Departments to Develop Secure IA ...How to effectively collaborate with your IT Departments to Develop Secure IA ...
How to effectively collaborate with your IT Departments to Develop Secure IA ...Tyrone Grandison
 
DOES innovation Lab Launch
DOES innovation Lab LaunchDOES innovation Lab Launch
DOES innovation Lab LaunchTyrone Grandison
 
Creating Chandler's IT Strategic Plan
Creating Chandler's IT Strategic PlanCreating Chandler's IT Strategic Plan
Creating Chandler's IT Strategic PlanTyrone Grandison
 
Inventing with Purpose, Intention and Focus
Inventing with Purpose, Intention and FocusInventing with Purpose, Intention and Focus
Inventing with Purpose, Intention and FocusTyrone Grandison
 
Becoming a Nation of Innovation
Becoming a Nation of InnovationBecoming a Nation of Innovation
Becoming a Nation of InnovationTyrone Grandison
 
Running Mixed Workloads on Kubernetes at IHME
Running Mixed Workloads on Kubernetes at IHMERunning Mixed Workloads on Kubernetes at IHME
Running Mixed Workloads on Kubernetes at IHMETyrone Grandison
 
ISPAB Presentation - The Commerce Data Service
ISPAB Presentation - The Commerce Data ServiceISPAB Presentation - The Commerce Data Service
ISPAB Presentation - The Commerce Data ServiceTyrone Grandison
 
Building APIs in Government for Social Good
Building APIs in Government for Social GoodBuilding APIs in Government for Social Good
Building APIs in Government for Social GoodTyrone Grandison
 
Strategies and Tactics for Accelerating IT Modernization
Strategies and Tactics for Accelerating IT ModernizationStrategies and Tactics for Accelerating IT Modernization
Strategies and Tactics for Accelerating IT ModernizationTyrone Grandison
 
The Creative Economy within the United States of America
The Creative Economy within the United States of AmericaThe Creative Economy within the United States of America
The Creative Economy within the United States of AmericaTyrone Grandison
 
Enabling Data-Driven Private-Public Collaborations
Enabling Data-Driven Private-Public CollaborationsEnabling Data-Driven Private-Public Collaborations
Enabling Data-Driven Private-Public CollaborationsTyrone Grandison
 
Creating a Data-Driven Government: Big Data With Purpose
Creating a Data-Driven Government: Big Data With PurposeCreating a Data-Driven Government: Big Data With Purpose
Creating a Data-Driven Government: Big Data With PurposeTyrone Grandison
 
Security and Privacy in Healthcare
Security and Privacy in HealthcareSecurity and Privacy in Healthcare
Security and Privacy in HealthcareTyrone Grandison
 

Más de Tyrone Grandison (20)

Global Scientific Research as a Tool to Unlock and Engage Talent and Expand t...
Global Scientific Research as a Tool to Unlock and Engage Talent and Expand t...Global Scientific Research as a Tool to Unlock and Engage Talent and Expand t...
Global Scientific Research as a Tool to Unlock and Engage Talent and Expand t...
 
Learning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global PandemicLearning From the COViD-19 Global Pandemic
Learning From the COViD-19 Global Pandemic
 
Systemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and AccessSystemic Barriers in Technology: Striving for Equity and Access
Systemic Barriers in Technology: Striving for Equity and Access
 
COVID and the Ederly
COVID and the EderlyCOVID and the Ederly
COVID and the Ederly
 
Are There Ethical Limits to What Science Can Achieve or Should Pursue?
Are There Ethical Limits to What Science Can Achieve or Should Pursue?Are There Ethical Limits to What Science Can Achieve or Should Pursue?
Are There Ethical Limits to What Science Can Achieve or Should Pursue?
 
Using Data and Computing for the Greater Good
Using Data and Computing for the Greater GoodUsing Data and Computing for the Greater Good
Using Data and Computing for the Greater Good
 
How to effectively collaborate with your IT Departments to Develop Secure IA ...
How to effectively collaborate with your IT Departments to Develop Secure IA ...How to effectively collaborate with your IT Departments to Develop Secure IA ...
How to effectively collaborate with your IT Departments to Develop Secure IA ...
 
DOES innovation Lab Launch
DOES innovation Lab LaunchDOES innovation Lab Launch
DOES innovation Lab Launch
 
Creating Chandler's IT Strategic Plan
Creating Chandler's IT Strategic PlanCreating Chandler's IT Strategic Plan
Creating Chandler's IT Strategic Plan
 
Inventing with Purpose, Intention and Focus
Inventing with Purpose, Intention and FocusInventing with Purpose, Intention and Focus
Inventing with Purpose, Intention and Focus
 
Becoming a Nation of Innovation
Becoming a Nation of InnovationBecoming a Nation of Innovation
Becoming a Nation of Innovation
 
Running Mixed Workloads on Kubernetes at IHME
Running Mixed Workloads on Kubernetes at IHMERunning Mixed Workloads on Kubernetes at IHME
Running Mixed Workloads on Kubernetes at IHME
 
The Power Of Open
The Power Of OpenThe Power Of Open
The Power Of Open
 
ISPAB Presentation - The Commerce Data Service
ISPAB Presentation - The Commerce Data ServiceISPAB Presentation - The Commerce Data Service
ISPAB Presentation - The Commerce Data Service
 
Building APIs in Government for Social Good
Building APIs in Government for Social GoodBuilding APIs in Government for Social Good
Building APIs in Government for Social Good
 
Strategies and Tactics for Accelerating IT Modernization
Strategies and Tactics for Accelerating IT ModernizationStrategies and Tactics for Accelerating IT Modernization
Strategies and Tactics for Accelerating IT Modernization
 
The Creative Economy within the United States of America
The Creative Economy within the United States of AmericaThe Creative Economy within the United States of America
The Creative Economy within the United States of America
 
Enabling Data-Driven Private-Public Collaborations
Enabling Data-Driven Private-Public CollaborationsEnabling Data-Driven Private-Public Collaborations
Enabling Data-Driven Private-Public Collaborations
 
Creating a Data-Driven Government: Big Data With Purpose
Creating a Data-Driven Government: Big Data With PurposeCreating a Data-Driven Government: Big Data With Purpose
Creating a Data-Driven Government: Big Data With Purpose
 
Security and Privacy in Healthcare
Security and Privacy in HealthcareSecurity and Privacy in Healthcare
Security and Privacy in Healthcare
 

Último

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 

Último (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 

Trust in Distributed Systems

  • 1. 1 Trust in Distributed Systems - Tyrone W. A. Grandison Supervisors: Prof Morris Sloman and Dr Naranker Dulay Outline Definition Motivation Properties of trust and trust relationships Trust classification Trust management solutions Future work
  • 2. 2 Definition The contemporary approach My Definition “The firm belief in the reliability, truth and competence of an entity and its transmissions” - Reliable, dependable, honest, secure, competent and timely Attributes that relate to trust: What are trustors and trustees? Motivation The need for a universal way to specify and monitor trust. Remove trust complexity from application layer. Enable E-Commerce. Risk. Domain Navigation.
  • 3. 3 Properties Constraints on trusted actions. I believe that you will find a way to bridge this gap Properties Trust levels. I have to admit that I do trust the manual system more
  • 4. 4 The issue of transitivity. Not symmetrical. A trust relationship can be: Properties One-to-One TR TE Many-to-One TR TE One-to-Many TR TE Many-to-Many TR TE Trust Classification Access to Trustor Resources Tom is trusted to install NT on Server B “The trustor trusts a trustee to use resources that he owns or controls” Resources may be anything from trustor’s services to trustor software environment. Resource Access Trust can be refined into authorisation policies.
  • 5. 5 Trust Classification Provision of Service by the Trustee “The trustor trusts the trustee to provide a service that does not involve access to the trustor’s resources” Forms of Service Provision Trust: Confidence, Competence & Reliability Tom trusts news.com Trust Classification Certification “The trustor trusts the trustee based on certification from a third party about the trustee’s trustworthiness” ME YOU CA Certification is actually a special form of service provision trust.
  • 6. 6 Trust Classification Delegation “The trustor trusts the trustee to make decision(s) on its behalf, with respect to a resource or service that the trustor owns or controls” Micky delegates all decisions concerning his investments to his financial advisor Delegation is also a special form of service provision trust - a trust decision-making service. Trust Classification Infrastructure Trust “The trustor’s trust in its infrastructure” I hope this tight rope holds
  • 7. 7 Trust Management Solutions Current Solutions include: – Public Key Certificates – PICS (Platform for Internet Content Selection) – IBM Trust Establishment Framework – PolicyMaker and KeyNote – REFEREE The problem with current solutions N-Time Solutions - i.e. run once or at the coder’s discretion, do not learn, believe calling applications unconditionally, suggestion-oriented, no monitoring. Trust Management Solutions Public Key Certificates “Who is the owner of this public key? ” A third party vouches for key-name validity.
  • 8. 8 Trust Management Solutions Public Key Certificates Address authentication (public-key-to-name binding), but leaves determination of access rights to application. Two more popular certificate frameworks: PGP and X.509 PGP’s informality is good for email, but not E- Commerce, X.509 may lead to unnatural alliances. Both suffer from expiry problems. Trust Management Solutions PICS A solution to the problem of protecting children from pornography, without compromising freedom of speech. Developed by MIT WWW Consortium. PICS defines standards for format and distribution of labels. PICS doesn’t stipulate a label vocabulary nor state which labels are important. It merely defines standards for stating ratings services and rating systems. There is an associated policy language, PICSRules.
  • 9. 9 Trust Management Solutions A Very Simple PICSRules StatementA PICS Label A PICS Rating Service (PicsRule-1.1 ( Policy (RejectByURL ( “http://*@www.doc.ic.ac.uk*/*” “http://*@www.yahoo.com*/s*” ) ) Policy (AcceptIf “otherwise) ) ) ( (PICS-version1.1) “http://www.doc.worldwide.com/descrip.html” labels on “1998.11.05T08:15-0500” until “1999.09.30T23:34-0000” for “http://www-dse.doc.ic.ac.uk/~per/index.html” by “Tom Green” ratings (rc “a lot”) ) ( category (transmit-as rc) (name “Research Content”) (label (name “very little”) (value 0) (icon “icons/little.gif”) ) (label (name “a lot”) (value 1) (icon “icons/lots.gif”) ) ) ) ( (PICS-version1.1) (rating-system “http://www.doc.worldwide.com/ratings/”) (rating-service “http://www.doc.worldwide.com/descrip.html”) (icon “icons/good.gif”) (name “The Computing Department Rating System”) (description “All about the rating of the pages offered by computing departments all over the world”) PICS Trust Management Solutions PolicyMaker Seeks to solve a problem with public key certificates. “What is a public key authorised to do?” PolicyMaker is a query engine. It accepts local policy, a set of credentials and an action string from a calling application. Policies and credentials are assertions. An assertion is of the form: Source ASSERTS AuthorityStruct WHERE Filter
  • 10. 10 Trust Management Solutions PolicyMaker Examples of assertions: policy ASSERTS doctor_key WHERE filter that allows check-up if the field is not plastic surgery BMA_key ASSERTS “0x12345” WHERE filter that returns “not a plastic surgeon”, if the field is not plastic surgery Policymaker has no standard assertion language. Filters are interpreted programs. Filter language is external to PolicyMaker. Trust Management Solutions PolicyMaker The format of a PolicyMaker query is: key1, key2, key3, ……… REQUESTS ActionString Action strings are application-specific. Example of a query: “0x12345” REQUESTS “do check-up” PolicyMaker tries to prove that the credentials contain a proof that the requested actions(s) compiles with the policy.
  • 11. 11 Future Work Composing Trust Classes Conflict Detection and Resolution resulting from Trust Class Composition Formulation of a generic trust establishment framework Trust Enforcement, Monitoring and Management Implementing a Trust Specification Language Implementing a Trust Management System