Trust Establishment in

Pervasive Grid Environments

Syed Naqvi, Michel Riguidel

TÉLÉCOM PARISTÉLÉCOM PARIS

ÉÉcole NNationale SSupérieur des TTélécommunications (ENST)

46 Rue Barrault, Paris 75013, France

{naqvi, riguidel}@enst.fr

22 November 2005 CGW'05 - Krakow, Poland 2

Outline

• Introduction

• Trust Establishment

• Implementation Status

• Conclusions

22 November 2005 CGW'05 - Krakow, Poland 3

Outline

• Introduction

• Trust Establishment

• Implementation Status

• Conclusions

22 November 2005 CGW'05 - Krakow, Poland 4

The reliance on a property or a virtue of a person, or the conviction that a given premise is true.

Oxford Dictionary

An entity A is considered to trust another entity B when entity A believes that entity B will behave exactly as expected and required.

International Telecommunication Union

Trust

Pervasive Grid Environments

• The Grid can be accessed from any networked device– laptop, mobile phone, PDA, …

• The Grid can be composed of Internet-connected light-weight devices– Inherent limitations of these devices, physical security, …

• Ubiquitous access to the computing and storage resources– Adaptable to users’ environments; available anywhere anytime– Enable mobile users to launch, monitor, and steer applications

on the Grid

• Introduces new challenges– Bandwidth, heterogeneity, connectivity, scalability, interfacing– Security: physical; gaps; requires knowledge of context and

state

22 November 2005 CGW'05 - Krakow, Poland 6

The Problem Statement

• How pervasive grid nodes can trust unknown infrastructure with their private data; and

• How a computing infrastructure can trust a mobile node which is seeking access to its resources.

22 November 2005 CGW'05 - Krakow, Poland 7

Outline

• Introduction

• Trust Establishment

• Implementation Status

• Conclusions

8

Trust Requirements

• Identification, Access Control, Privacy, …

• User-based Trust Relationships– If a user has the right to use sites A and B, the user should be

able to use sites A and B together without requiring the security administrators from sites A and B to interact.

• Distributed Trust Evaluation– The decentralized nature of administration makes it difficult to

establish and propagate trust. A distributed trust evaluation scheme is therefore required for the pervasive grid environments.

• Non-History-based Trust Establishment– If there is no trust among parties and there is no mechanism to

build some trust based on a history of previous interactions.

22 November 2005 CGW'05 - Krakow, Poland 9

• Delegation of trust– Decentralized hierarchical administration, scalability of certificate

issuing capacity, …

• Continuous monitoring of the changes to the trust level of each node– Dynamic evaluation of the trust relationships, broadcast the

presence of a malicious node in the environment, …

• Consideration of context and state– Determination of the access control on the basis of user’s

location and the state of the user’s environment.

Trust Establishment Approach

22 November 2005 CGW'05 - Krakow, Poland 10

• Instead of having a single value representing the trust-worthiness of a node, the value should be broken into separate attributes – confidences– Each confidence represents a characteristic of a node from which

trust can be synthesized. For example:• We can trust a node to be accurate (important for data integrity)

• We can trust a node to complete task reliably

• We can trust nodes to return data quickly (or always in the guaranteed time).

• These attributes form a virtual plane to link the resources, users (individuals & services) and the applications– Virtual and extensible basis for synthesizing

varying types of trust• Signifies that there is not a fix form of trust

among the various entities

• Allows the greatest flexibility from one entityto the other

22 November 2005 CGW'05 - Krakow, Poland 11

• From the functional point of view: – Attribute certificates are used in compliment with identity

certificates provided by the existing infrastructure.• Identity certificates are used to verify the identity of an entity in a

highly anonymous environment (e.g. the internet)

• Attribute certificates are used to determine the trustworthiness of an uncertain environment (such as Pervasive Grid)

– For direct trust relationship within a single domain, a node estimates the trustworthiness of the node it is going to interact.

• By using the centralized credentials architecture to determine the trust values of the individual nodes.

• By maintaining a trust table of the domain.

– For indirect trust relationships across multiple domains, a node has to trust all the intermediaries that it traversed before arriving the second node.

• By evaluating the trust degree along the whole path.

22 November 2005 CGW'05 - Krakow, Poland 12

Outline

• Introduction

• Trust Establishment

• Implementation Status

• Conclusions

22 November 2005 13

Exam Hall Library

CA / Storage & Display Center

S S S S

T T

SS

Experimental Set-up

22 November 2005 CGW'05 - Krakow, Poland 14

22 November 2005 CGW'05 - Krakow, Poland 15

Outline

• Introduction

• Trust Establishment

• Implementation Status

• Conclusions

22 November 2005 CGW'05 - Krakow, Poland 16

• The computing world is moving from the desktop computing to the mobile and nomadic computing.

• The near future Grid users will prefer to access the grid resources from their smart devices.

• Current research efforts to address trust problem in a Grid environment focus on relatively static scenarios.

• Pervasive Grid Environments require dynamic establishment of trust.

• These pervasive Grid environments may be few years ahead but its important to envision how things will be dealt with in the future.

• Our future directions include:– Implementation of deeper and fine grained interactions among

the various entities of the Pervasive Grid Environments.– Implementation of our trust model as an extension to the GSI.

22 November 2005 CGW'05 - Krakow, Poland 17