[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

Virtual Fingerprinting as a Foundation for Reputation in Open Systems

  • Conference paper
Trust Management (iTrust 2006)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3986))

Included in the following conference series:

Abstract

The lack of available identity information in attribute-based trust management systems complicates the design of the audit and incident response systems, anomaly detection algorithms, collusion detection/prevention mechanisms, and reputation systems taken for granted in traditional distributed systems. In this paper, we show that as two entities in an attribute-based trust management system interact, each learns one of a limited number of virtual fingerprints describing their communication partner. We show that these virtual fingerprints can be disclosed to other entities in the open system without divulging any attribute or absolute-identity information, thereby forming an opaque pseudo-identity that can be used as the basis for the above-mentioned types of services. We explore the use of virtual fingerprints as the basis of Xiphos, a system that allows reputation establishment without requiring explicit knowledge of entities’ civil identities. We discuss the trade-off between privacy and trust, examine the impacts of several attacks on the Xiphos system, and discuss the performance of Xiphos in a simulated grid computing system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 35.99
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 44.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bauer, L., Garriss, S., Reiter, M.K.: Distributed proving in access-control systems. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy (May 2005)

    Google Scholar 

  2. Becker, M.Y., Sewell, P.: Cassandra: Distributed access control policies with tunable expressiveness. In: Proceedings of the 5th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2004), pp. 159–168 (2004)

    Google Scholar 

  3. Bertino, E., Ferrari, E., Squicciarini, A.C.: Trust-X: A peer-to-peer framework for trust establishment. IEEE Transactions on Knowledge and Data Engineering 16(7), 827–842 (2004)

    Article  Google Scholar 

  4. Blaze, M., Feigenbaum, J., Keromytis, A.D.: KeyNote: Trust management for public-key infrastructures (position paper). In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, pp. 59–63. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  5. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: IEEE Conference on Security and Privacy (May 1996)

    Google Scholar 

  6. Bonatti, P., Samarati, P.: Regulating service access and information release on the web. In: 7th ACM Conference on Computer and Communications Security, pp. 134–143 (2000)

    Google Scholar 

  7. Camenisch, J., Herreweghen, E.V.: Design and implementation of the idemix anonymous credential system. In: CCS 2002: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 21–30 (2002)

    Google Scholar 

  8. Chaum, D., Evertse, J.-H.: A secure and privacy-protecting protocol for transmitting personal information between organizations. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 118–167. Springer, Heidelberg (1987)

    Chapter  Google Scholar 

  9. Fernandes, A., Kotsovinos, E., Östring, S., Dragovic, B.: Pinocchio: Incentives for honest participation in distributed trust management. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 63–77. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Gunter, C.A., Jim, T.: Policy-directed certificate retrieval. Software—Practice and Experience 30(15), 1609–1640 (2000)

    Article  MATH  Google Scholar 

  11. Holt, J., Bradshaw, R., Seamons, K.E., Orman, H.: Hidden credentials. In: 2nd ACM Workshop on Privacy in the Electronic Society (October 2003)

    Google Scholar 

  12. Kamvar, S.D., Schlosser, M.T., Garcia-Molina, H.: The eigentrust algorithm for reputation management in P2P networks. In: WWW 2003: Proceedings of the 12th International Conference on World Wide Web, pp. 640–651 (2003)

    Google Scholar 

  13. Koshutanski, H., Massacci, F.: An interactive trust management and negotiation scheme. In: 2nd International Workshop on Formal Aspects in Security and Trust (FAST), pp. 139–152 (August 2004)

    Google Scholar 

  14. Lee, A.J., Winslett, M.: Virtual fingerprinting as a foundation for reputation in open systems. Technical Report UIUCDCS-R-2006-2691, University of Illinois at Urbana-Champaign (February 2006), Available at: http://dais.cs.uiuc.edu/pubs/adamlee/xiphos_tech.pdf

  15. Li, N., Mitchell, J.: RT: A role-based trust-management framework. In: Third DARPA Information Survivability Conference and Exposition (April 2003)

    Google Scholar 

  16. Liu, J., Issarny, V.: Enhanced reputation mechanism for mobile ad hoc networks. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 48–62. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  17. Obreiter, P.: A case for evidence-aware distributed reputation systems. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 33–47. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  18. Seigneur, J.-M., Jensen, C.D.: Trading privacy for trust. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 93–107. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  19. Selçuk, A.A., Uzun, E., Pariente, M.R.: A reputation-based trust management system for P2P networks. In: 4th IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGRID 2004) (2004)

    Google Scholar 

  20. Wang, L., Wijesekera, D., Jajodia, S.: A logic-based framework for attribute based access control. In: 2nd ACM Workshop on Formal Methods in Security Engineering (FMSE 2004), pp. 45–55 (October 2004)

    Google Scholar 

  21. Winsborough, W.H., Seamons, K.E., Jones, V.E.: Automated trust negotiation. In: DARPA Information Survivability Conference and Exposition (January 2000)

    Google Scholar 

  22. Winslett, M., Yu, T., Seamons, K.E., Hess, A., Jacobson, J., Jarvis, R., Smith, B., Yu, L.: The TrustBuilder architecture for trust negotiation. IEEE Internet Computing 6(6), 30–37 (2002)

    Article  Google Scholar 

  23. Winslett, M., Zhang, C., Bonatti, P.A.: PeerAccess: A logic for distributed authorization. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS 2005) (November 2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Illinois at Urbana-Champaign, Urbana, IL, 61801, USA

    Adam J. Lee & Marianne Winslett

Authors
  1. Adam J. Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marianne Winslett
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Oslo, Norway

    Ketil Stølen

  2. Department of Computer Science, University of Texas, San Antonio, USA

    William H. Winsborough

  3. IIT CNR, Pisa, via Moruzzi, 1, 56125, Pisa, Italy

    Fabio Martinelli

  4. University of Trento, Povo, (Trento), Italy

    Fabio Massacci

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lee, A.J., Winslett, M. (2006). Virtual Fingerprinting as a Foundation for Reputation in Open Systems. In: Stølen, K., Winsborough, W.H., Martinelli, F., Massacci, F. (eds) Trust Management. iTrust 2006. Lecture Notes in Computer Science, vol 3986. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11755593_18

Download citation

  • DOI: https://doi.org/10.1007/11755593_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-34295-3

  • Online ISBN: 978-3-540-34297-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation