|
Invited Talks
Title: Business Contracts Architecture
and Contract Enforcement Options
Presenter: Zoran Milosevic
Affiliation: Distributed Systems Technology Center
(DSTC), Australia
Abstract: From an economic point of view, the role
of contracts is to reduce uncertainty associated with
transactions among trading partners. A major factor of uncertainty
is the lack of trust of one partner in another. This can be
due either to the lack of complete information about a party's
individual intentions (as in the case of insurer vs. insured)
or the lack of observability of actions of the other party
(as in the case of service provider vs. customer). Automated
support for contracts is increasingly becoming a major element
of the e-business environment, spanning both intra and inter-organizational
aspects. We present our contract management framework that
supports a growing amount of automated contract management
activities - through various stages in the contract life-cycle.
This includes monitoring of contract-significant events, simple
notifications to the parties about non-compliance events and
a range of enforcement mechanisms. These mechanisms can be
either non-discretionary (as in preventive security mechanisms)
or
discretionary, which rely on a number of control mechanisms
that are applied when contract rules are violated. We describe
a number of such control mechanisms as extensions of the contract
management framework.
Biography: Dr Zoran Milosevic leads a project within
Enterprise Distributed Systems Technology Centre with a focus
on enterprise modeling and architectures for enterprise distributed
systems. This
includes major contributions to the OMG's UML profile for
Enterprise Distributed Object Computing standard and more
recently work on supporting automated contract management
as part of inter-organizational e-business interactions.
Title: Trust in e-business and value-chains
Presenter: Jakka Sairamesh
Affiliation: IBM T.J. Watson Research Center and IBM
Institute for Advanced Commerce, USA
Abstract: A crucial part of our activities for e-business
platforms is designing and developing mechanisms to ensure
trust in commercial transactions in the value-chain. A value-chain,
for example, is the sales and demand chain which connects
the following businesses and enterprises:
Manufacturers-->distributors----> dealers--->resellers--->consumers.
We currently have designed a few mechanisms that ensure trust
in order fulfillment in the value-chain
Biography: Dr. Jakka Sairamesh is a recognized Researcher
in Trust Management and has been actively
involved in the design and implementation in almost all IBM
e-Commerce Products. Dr. Jakka Sairamesh is a senior research
staff member in IBM Watson Research, Hawthorne. He obtained
his M.S. and M. Phil. from Columbia University in 1991 and
Ph. D. from Columbia University in 1995. Since then he has
been working with IBM Research (Institute for Advanced Commerce)
on electronic commerce platforms, trading systems, mobile
commerce, information economies, internet economics and distributed
systems. He has published numerous papers on e-business platforms,
trading systems, distributed systems, auctions, price-dynamics,
digital libraries and market-based control. He also played
a role as an architect from Research for IBM’s B2B products
such as Websphere Marketplace Edition and Websphere Business
Edition. He currently is a project manager of projects in
the areas of e-business
platforms, advanced contracts, trading systems and mobile
e-business.
The Ethics, Sociology and Psychology of
Trust
Title: Sociological Considerations
and Concerns for iTrust
Presenter: M. Samatas
Affiliation: University of Crete
Abstract: The aim of this initial presentation is to
introduce internet sociology in general and iTrust sociology
in particular, as an important and trustworthy scientific
partner in our cross-disciplinary consortium, investigating
trust management in open systems. For this purpose I will
briefly make: a) a very quick reference to the most significant
recent sociological trust debate; b) an assessment of a couple
of specific research projects on e-Commerce-trust studies
(like e.g. Merrill Lynch (Trust) Forum, & Cheskin e-Commerce
Research Trust Study, 1999), in order c) to suggest that iTrust
study and management should be placed from the virtual peculiarities
of the cyberspace within a real world socio-cultural context,
following not a universal, rigid trust model, but considering
each specific “glocal”, real
society and market .
Title: Research proposals on psychometric
testing of Trust Models
Presenter: Zoran Milosevic
Affiliation: DSTC
Abstract: The Distributed Systems Technology Centre
(DSTC) in Australia has developed a low level
trust inference calculus where any degree of trust and distrust
as well as uncertainty can be expressed. The Distributed Software
Engineering (DSE) group at Imperial College London has developed
a high level trust management framework that incorporates
specification and analysis of trust relationships, and the
DSE is looking at the inclusion of the DSTC's work on trust
reasoning under uncertainty in its framework. However, there
are open issues related to applying mathematical models in
practical settings
for example with regard to determining the numerical trust
measures that are used as input to the models, and to how
well such models reflect intuitive human reasoning. We propose
specific research activities targeted at verifying the suitability
of mathematical trust models from a psychologic point of view.
Some of the proposed work would require organising psychometric
testing for which neither the DSTC or the DSE have the required
skills. DSTC and DSE would like to initiate collaborative
research with interested members of the iTrust Consortium
in order to carry out this research.
Legal Issues Related to theManagement of
Trust
Title: Trust and Security Issues
in Virtual Organizations: A Legal Perspective
Presenter: Emily M. Weitzenböck
Affiliation: Institutt for Rettsinformatikk (Norwegian
Research Centre for Computers & Law), Faculty of Law,
University of Oslo
Abstract: With the growth of information and communications
technology - not least the Internet - new
forms of entrepreneurial co-operation between organizations,
such as virtual organizations, are emerging. This talk starts
by looking at the characteristics of virtual organizations.
It focuses on the underlying basis of trust among the virtual
organization’s partner members and the role of contract
as a form of control that bolsters trust. This is followed
by a look at some security risks and issues regarding virtual
organizations.
Title: Legal issues associated with
Trust Services
Presenter: Mike Child
Affiliation: HP Labs Bristol
Abstract: Not being a legal person my presentation
will provide much more in the way of questions than answers!
I will give a brief overview of the concept of Trust Services
from an HP Labs perspective, what they are, how they operate,
etc. I will then highlight some of the legal issues we have
come across from talking to customers, lawyers, etc. about
our ideas.
Models and Semantics of Trust
Title: Modeling Trust Requirements
Presenter: Bashar Nuseibeh, Jonathan Moffett
Affiliation: Visiting Research Fellow, The Open University
Computing Department
Abstract: The OU is embarking on a program of research
into Security Requirements. Trust is an important concept
for expressing security requirements, particularly for applications
that cannot rely upon a previously established relationship.
Requirements for trust are an issue because, if they are clearly
and precisely articulated, then there is more freedom for
designers to construct their systems without losing the essential
elements of trust. We are concentrating on a "whole system"
view, including the human and organizational context. Research
issues, to be addressed, include mapping between a software
view and a whole system view; factors that influence the acquisition
and loss of trust. The Open University, specializing in distance
(non face-to-face) learning/teaching, encounters many situations
occur in which specific trust issues arise, focusing our research
on these issues.
Title: A Computational Model for
Trust Management
Presenter: Helen Lowe
Affiliation: University of Strathclyde
Abstract: We present preliminary work on a model of
Trust as defined by the SECURE project. In the context of
computing entities which are autonomous, decentralized, mobile,
dynamically configurable, and capable of operation under partial
information: trustworthiness of a Principal P derives from
its interaction history with other principals and a system
based on trust evolves over time. A trust management system
must compute permissions according to its policies, and grant
access (or not) appropriately. Trust values are lattices,
where a lattice is a partial order (a pair consisting of a
set together with a relation which is reflexive, transitive,
and anti-symmetric) in which every subset of values has a
least upper bound and a greatest lower bound. We give a few
simple examples of trust values and demonstrate how permissions
may be computed by a trust engine in a file sharing system.
Title: Secure Environments for
Collaboration among Ubiquitous Roaming Entities
Presenter: Christian Jensen
Abstract: SECURE addresses the theoretical foundations
and supporting systems architecture for dyanmically building
Trust relationships between computational entities. These
trust "qualities" will then be used to assign roles
within a role based access control system. The overall system
will support decisions based on risk assessment. This brief
talk will outlien the research agenda of SECURE and present
pointers to the current status of the proposed theory and
architecture for our collaboration model.
SECURE is a project undet the FET Global Computing Intiative.
The partners are: Trinity College Dublin, University of Geneva,
BRICS - Denmark, University of Strathclyde, and the University
of Cambridge.
Title: On the concept of trust
Presenter: Andrew J I Jones.
Affiliation: King's College
Abstract: Considerable diversity is exhibited by current
definitions of the concept of trust. It is argued that there
may nevertheless be an identifiable core to the concept. On
the basis of an analysis of five scenarios in which some agent
x trusts some other agent y, it is suggested that two types
of beliefs - here called the 'rule-belief' and the 'conformity-belief'
- form the core of the trusting attitude. The account presented
identifies the kinds of modalities that would figure in a
modal-logical specification of the conditions under which
one agent can be said to trust another.
Title: Trust and Mobility
Presenter: Andrew McGettrick
Affiliation: University of Strathclyde
Abstract: The concept of mobility introduces new challenges
for the meaning and definition of trust in
the context of software systems. The purpose of this paper
is to focus on precisely this issue. It is suggested that
a two level model will lead to an important separation of
concerns that will provide insights into a range of matters
many of which will need further exploration. This paper should
be seen as a starting point for further activity.
Title: When in doubt, neither think
nor compute, just ask: Agent's Inter-Action on the Web (the
constructive view of Web's knowledge)
Presenter: Stefano Cerri
Affiliation: LIRMM: CNRS & Universite Montpellier
II
Abstract: The major difference in Computing introduced
by the Web is the centrality of Communication with respect
to the -more classical- Control, in Wiener's point of view.
Terms (or issues) such as Interaction, Pragmatics, Protocols
of Conversations and the like become the new challenge for
researchers and practitioners. Further, Communication on the
Web occurs among Agents, artificial AND human autonomous entities
that solve problems in socially but remotely connected, dynamic,
evolving (or learning) Virtual Organizations. Trust is at
the core of collaboration in these organizations. Trust is
threatened when an Agent either does not understand the meaning
of a message of another one, or believes to understand it
but has also reasons to believe that the underlying meaning
may not favour its
interests. Understanding meaning from messages and interpreting
intentions of partners in conversations (modelling the partner)
are crucial for Trust on the Web. One solution may consist
of forcing an agreement on standards (semantics of terms,
e.g. Ontologies and conversational protocols). This works
fine in closed worlds, simple mutual services and ensured
collaborative situations. The Semantic Web community adopts
this view. Another (complementary) solution consists of negotiating
(constructing) meanings and the protocols themselves by means
of conversations. This assumes to use a peer-to-peer Agent's
architecture (see: the presentation in the session on Architectures)
and to dedicate the Agent's
preliminary interactions to the construction of shared Ontologies.
This approach of ours has been applied successfully in several
projects, including two EU on e-Commerce, where we showed
it to be feasible and necessary in order to support Trust
in electronic transactions. The side effect of the shared
construction of a semantics for terms by conversations, is
that when terms concern conversational protocols, the shared
semantics of those terms may become the shared pragmatics
of subsequent conversations, i.e. agreed conversational protocols.
Title: Towards a framework for managing
Trust in e-services
Presenter: Theo Dimitrakos
Affiliation: CLRC Rutherford Appleton Laboratory
Abstract: With the emergence of the Web-Service technology
and the Open Grid Service Architecture (OGSA) reference model,
"service-oriented" architecture paradigm is becoming
increasingly popular. In this talk, we present a working model
of trust that has been optimized for "service-oriented"
architectures. Emphasis is placed on the combination of risk
analysis, subjective reasoning and role-based modeling to
support trust management solutions. We also summarize a modeling
framework (currently under development) which aims to introduce
trust management elements in the lifecycle of e-commerce systems.
Title: Negotiating Contracts Based
on a Trust/Risk Model
Presenter: Yao-Hua Tan
Affiliation: Free University, Amsterdam
Abstract: Contracts play an important role in the every
day life of many individuals. Contracts are often negotiated
and drafted in an unstructured manner. In this paper we propose
a more structured model driven approach to contracting. In
particular, we focus on developing a risk and trust model
for the transaction that is subsequently used to negotiate
the contract. We show how rules can be applied to the risk
and trust model of the contract in order to advice the contracting
parties how the contract could be amended, e.g. by introducing
control mechanisms, to make it more appropriate to their respective
risk and trust assessments.
Title: On the semantics of Information
Hiding
Presenter: Juan Bicarregui
Affiliation: CLRC Rutherford Appleton Laboratory
Abstract: We discuss the interpretation of read and
write frames in model-oriented specification taking the B's
generalized substitutions as the vehicle for the presentation.
In particular, we focus on the interpretation of read frames,
the semantics of which have not been considered by previous
authors in this field. We give several examples of the relevance
of read frames and show that a substitution admits a read
respecting implementation if and only if a certain bisimulation
condition is satisfied. We use this to motivate a richer semantic
model for substitutions which interprets read and write constraints
directly in the denotation of a substitution. This semantics
yields some non-interference results that relate to information
hiding and which cannot be given at this level without the
use of read and write frames.
Architectures for Trust
Session 1 Specification
Title: The Ponder policy specification
language
Presenter: Naranker Dulay, Emil Lupu, Morris Sloman
Affiliation: Imperial College
Abstract: The Ponder language provides a common means
of specifying security policies that map onto various access
control implementation mechanisms for firewalls, operating
systems, databases and Java. It supports obligation policies
that are event triggered condition-action rules for policy
based management of networks and distributed systems. Ponder
can also be used for security management activities such as
registration of users or logging and auditing events for dealing
with access to critical resources or security violations.
Key concepts of the language include roles to group policies
relating to a position in an organisation, relationships to
define interactions between roles and management structures
to define a configuration of roles and relationships pertaining
to an organisational unit such as a department. These reusable
composite policy specifications cater for the complexity of
large enterprise information systems. Ponder is declarative,
strongly-typed and object-oriented which makes the language
flexible, extensible and adaptable to a wide range of management
requirements.
Title: Trust and the Semantic Web
Presenter: Brian Matthews
Affiliation: CLRC Rutherford Appleton Laboratory
Abstract: The Semantic Web initiative of the World-Wide
Web Consortium (W3C) aims to augment the existing Web architecture
by adding communicable information about resources which can
then be processed by automated agents. While this initiative
has attracted much interest in the last few years, practical
applications have as yet been slow to appear. In this talk
I shall introduce a new European project: Semantic Web Advanced
Development in Europe (SWAD-Europe). This project aims to
provide practical examples of where real value can be added
to the Web through the semantic web. A class of information
which can be added to resources on the web is trust information;
indeed this is a key area where the Semantic Web can add real
value. A part of the SWAD-Europe project is concerned with
the use of the Semantic Web to express, interchange and process
trust statements. I shall discuss the
initial aims and ideas on how the Semantic Web could be used
to express and implement trust statements, policies and their
implementation.
Title: Secure and Selective Dissemination
of XML Data in the Author-X System
Presenter: Elisa Bertino
Affiliation: University of Milano
Abstract: XML has emerged as a relevant standard for
data representation and exchange on the Web. It is often the
case that XML data contain information of different sensitivity
degrees which must be selectively shared by (possibly large)
user communities. There is thus the need for models and mechanisms
enabling the specification and enforcement of access control
policies for XML. Mechanisms are also required enabling a
secure and selective dissemination of documents to users,
according to the authorizations that these users have, as
well as mechanisms for secure cooperative updates. In this
talk, we will describe solutions adopted by the Author-X system
to those issues and outline current rsearch
directions.
Session 2 Analysis
Title: Specifying and Analysing Trust
for Internet Applications
Presenter: Tyrone Grandison, Morris Sloman
Affiliation: Imperial College
Abstract: The Internet is now being used for commercial,
social and educational interactions, which previously relied
on direct face-to-face contact in order to establish trust
relationships. Thus, there is a need to be able to establish
and evaluate trust relationships relying only on electronic
interactions over the Internet. A trust framework for Internet
applications should incorporate concepts such as experience,
reputation and trusting propensity in order to specify and
evaluate trust. SULTAN (Simple Universal Logic-oriented Trust
Analysis Notation) is an abstract, logic-oriented notation
designed to facilitate the specification and analysis of trust
relationships. SULTAN seeks to address all the above issues,
although this paper focuses on our initial work on trust specification
and analysis.
Title: A Framework for Decentralised
Privilege Management
Presenter: Babak Sadighi
Affiliation: SICS
Abstract: We present our research on mechanisms for
decentralised privielge management for dynamic organisations.
We present a semantic framework for privileges and certificates
and an associated calculus, encoded as a logic program, for
reasoning about them. The framework distinguishes between
the time a certificate is issued or revoked and the time for
which the associated privilege is created. This enables certificates
to have prospective and retrospective effects, and allows
us to reason about privileges and their consequences in the
past, present, and future. The calculus provides a verification
procedure for determining, given a set of declaration and
revocation certificates, whether a certain privilege holds.
We
present the idea of constrained delegation for restricting
future delegations and keeping some level of control for distribution
of privielges. We also present Delegent Authorisation Server
developed as a specialised deductive database based on this
framework.
Title: Using Simulation to Explore
Trust Lifecycle Issues
Presenter: Sotirios Terzis
Affiliation: University of Strathclyde
Abstract: Simulation is a vital tool in research methods
for investigating lifecycle issues in critical application
areas, such as scenarios involving trust. Our trust model
is premised on the belief that the ability to form and evolve
explicit values for trust in other principals in an interaction
allows autonomous computational entities to make better decisions
in situations where only partial information is available.
In our model we view the trust lifecycle as a three stage
process: trust formation, trust evolution and trust exploitation.
Our framework is based on model and will allow us to run a
series of experiments, which simulate principals collaborating
over time for a number of applications. For its design we
investigated three trust-based application scenarios namely:
agent-based file sharing, dynamic routing in ad hoc networks
and agent-based meeting organiser. These applications capture
a variety of trust relationships. In this paper, we start
with a presentation of our initial motivation. We continue
with an examination of the characteristics of our trust lifecycle
model and an overview of our application scenarios. We examine
in more detail the agent-based file sharing application scenario
and conclude with a discussion of our experiences and remaining
open issues.
Session 3 Certification
Title: Issues in Public Key Infrastructures
for e-Business – Theory and Practice
Presenter: Dmitris Raptis
Affiliation: INTRACOM
Abstract: The talk will address practical issues and
problems related to the deployment of PKIs, usage of digital
certificates, standardisation and interoperability concern,
and constraints of currently available technology.
Title: Open Points and Relational
Troubles of Trusted Third Parties
Presenter: Enrique Crespo
Affiliation: SGI
Abstract: In every e-community and e-service interaction
becomes compulsory the witness of the transaction for the
so-called “Third Trusted Party”. To this Entity
we assume fair behavior and technological excellence while
performing its duty whatever it was. In this entity we anchor
the Security of the System, and if not so, we should fall
in a never-ending loop. The problem is when this Entity has
to interact with services that require End User presence beyond
what this Entity can manage. In this point several trust point
arise and no clear solution is given at this point. Adequate
schemes and accurate technology are still loomed. From the
application point of view several risks do arise while applying
Security Mechanism in Mobile Communications. In this Position
Paper we shall come along a brief
resume of such risks and current Technological Frame in order
to better understand how to face and manage actual situation.
Title: Trust Services: A Multi-Disciplinary
Research Program
Presenter: Simon Shiu
Affiliation: HP Labs Bristol
Abstract: Trust services are 3rd party services run
by expert organizations that take responsibility for performing
trust tasks with due diligence. Trust tasks include vetting
potential trading partners, assuring identities, or credentials,
storing documents, creating and preserving audit trails and
so on. Thus trust services are wider in scope than Certificate
Authorities (CAs) being concerned with many more trust processes.
Research on trust services is a multi disciplinary activity
concerning technology, legal aspects, business effectiveness
and reality, as well as a deep understanding of trust. The
Trust Services research group at HP makes progress on the
technology front by envisioning ideal trust services, and
then trying to meet the technology challenges these pose.
This paper gives an example of this methodology by examining
the problems concerning digital evidence. Trust services such
as CAs already help with non-repudiation, but a lot of complexity
and due diligence surrounding private key usage is still required
by the trading partners. An ideal situation is for a trusted
third party to actually help control how the keys get used,
and moreover manage the resulting non-repudiable digital data.
Such a service introduces many technology challenges, especially
concerning how the trading partners can trust the service
provider. It is not possible to discuss all the issues raised
but to illustrate the method a hint of the types of technology
that might help is provided.
Session 4 Components for Trust-Based Architectures
Title: Components of Trust-based
Architectures
Presenter: David Chadwick
Affiliation: University of Salford
Abstract: This paper describes (some of) the components
that are needed within an authentication and authorisation
trust based infrastructure. It is not meant to be exhaustive,
but rather is an initial list of the components that are currently
seen to be needed. It is expected that this list of components
will be added to (and possibly subtracted from) as research
into this subject further develops.
Title: Standardizing a Trust Framework
Presenter: Graham Klyne
Affiliation: Nine by Nine
Abstract: To be effective, a framework for establishing
trust between parties must be based on agreed protocols to
exchange information on which trust decisions may be based.
This in turn calls for broadly accepted standards. Obtaining
the consensus needed for a technical specification to become
a standard is very much easier if existing relevant standards
work is used to the maximum extent possible. This talk will
survey and introduce some emerging Internet standards work,
from W3C and IETF, that may be relevant to deliberations about
trust based architectures and decision making systems; touching
on: MIME, XML, RDF, HTTP, BEEP, SOAP, instant messaging protocols,
XMLDSIG, XMLENC, X.509, XKMS, SAML, XACML, ...
Title: Trust-based Security Policy
Enforcement of Software Components
Presenter: Peter Herrmann
Affiliation: University of Dortmund
Abstract: Software component technology supports the
cost-effective development of e-commerce applications but
also introduces special security problems. In particular,
a malicious component is a threat to any application incorporating
it. Therefore wrappers are of interest which control the behaviour
of components at run-time and enforce the application's security
policies. The wrapper of a component monitors the component
behaviour at its interfaces and checks its compliance with
the security behaviour constraints of the component's employment
contract. Wrappers, however, lead to a significant runtime
overhead. To reduce the expense of evaluating components,
we use trust management in order to consider the experience
of other customers with a component. A trust information service
collects evaluation reports from certification authorities
as well as from users deploying a component. From these evaluations
trust values are calculated which can be used to adjust the
amount of monitoring the component. This talk mainly focuses
on the architecture of the enforcement system consisting of
the
trust information service, the software wrappers, and a trust
manager component which decides about the monitoring and enforcement
strategies based on the current trust values.
Session 5 Agent-Based Architectures
Title: MARISM-A, Bringing Trust and
Mobile Agents Together
Presenter: Sergi Robles
Affiliation: Univ. Autonoma de Barcelona
Abstract: In this talk we will introduce the CCD research
group through its interests in the fields of trust and security.
The main project of the group at present is MARISM-A, Architecture
for Mobile Agents with Recursive Itinerary and Secure Migration.
This platform intends to be the intersection of the different
areas under research at the moment: trust modelling, resource
access control, itinerary protection mechanisms and distributed
intrusion detection systems. The platform is being developed
in java and provides several novel features. We plan to use
MARISM-A to develop some secure sea-of-data applications.
Title: When in Doubt, Neither Think
or Compute, just Ask: Agent’s Inter-Action on the Web
(architectural foundations)
Presenter: Stefano Cerri
Affiliation: LIRMM CNRS and U. Montpellier II
Abstract: This talk links to the one delivered within
the session on Models and Semantics. Assuming successful Conversations
to be the core for Societies of human and artificial Agents
to trust each other and thus cooperate in solving problems,
the key issue becomes how to develop models, architectures
and linguistic primitives able to facilitate those conversations
on the Web. In our work (including several EU projects) we
have proposed and applied experimentally a few foundational
concepts, all around the STROBE model (first class STReams
of exchanged messages, OBjects and Environments). In our view,
XML documents and messages are instances of explicitly typed,
complex Abstract Data Types such as those generated by a dynamically
(weakly) typed programming language; Agents are Actors with
a dynamic scheduling mechanism that adopt lazy evaluation
of incoming messages in order to delay the interpretation
of dubious terms until the partner has explained its meaning
and Environments are models for evolving partial viewpoints.
The goal of this presentation is to challenge the classic
Client-Server model of most current Agent's architectures
in favour of our peer-to-peer one; to outline our proposed
solutions and to link them to the emerging concepts around
the Grid. The underlying philosophy considers Trust as a notion
that cannot make sense when Agents are not autonomous, and
therefore that we should deepen the autonomy of (cognitive)
Agents in order to allow them to trust each other.
Session 6 Applications
Title: Using the CORAS approach to
analyse trust
Presenter: Ketil Stølen
Affiliation: SINTEF
Abstract: The EU-funded CORAS project (IST-2000-25031)
is developing a framework for model-based risk assessment
of security-critical systems. This framework is characterised
by: (1) A careful integration of techniques and features from
partly complementary risk assessment methods. (2) Patterns
and methodology for UML oriented modelling targeting the different
risk assessment methods. (3) A risk management process based
on AS/NZS 4360. (4) A risk documentation framework based on
RM-ODP. (5) An integrated risk management and system development
process based on UP. (6) A platform for tool-inclusion based
on XML.
This talk provides an overview of the CORAS approach and discusses
its suitability to analyse trust.
Title: B2B Trust Service Provider:
Concept Demonstrator
Presenter: Paul Kearney
Affiliation: British Telecom
Abstract: This paper describes a demonstration that
was created as part of the security theme within EURESCOM
project P1106, entitled 'E-commerce Impacts on Service and
Network Operations and Management'. Eurescom (www.eurescom.de)
co-ordinates collaborative research projects for European
telecommunication companies.
The project goal is to investigate the impacts of e-commerce.
Obviously automated trading has a great impact on security
mechanisms. The differences between electronic and paper based
systems mean there are new vulnerabilities for unfriendly
entities to exploit. The nature of automation means that transactions
will be processed more quickly and with less human interaction.
There will be less time to spot attacks and less opportunity
to react to them. Furthermore, gateways have to be connected
to the public Internet giving anyone the potential to access
them. A demonstrator has been built making use of of-the-shelf
commercial software applications to help understand how B2B
interfaces work in the telecommunications market and to test
the applicability of the security framework.
The demonstration is of a secure interaction between telco
supply chain trading partners using automated business to
business (B2B) gateways. It shows the execution of security
controls during a service negotiation between the trading
partners. Integral to this scenario is a third party who occupies
a trusted position between the partners. The common point
of trust allows a party to establish a trading relationship
with an otherwise unknown organisation.
Title: Building Trust on the GRID:
Trust Issues Underpinning Large Dynamic Virtual Organisations
Presenter: Theo Dimitrakos
Affiliation: CLRC Rutherford Appleton Laboratory
Abstract: GRID computing has emerged as a new approach
to a high-performance distributed computing infrastructure
within the last five years. The GRID concept has been generalised
to cover a virtual organisation, defined as any dynamic collection
of individuals and institutions which are required to share
resources to achieve certain goals. In this talk we highlight
some trust issues related to GRID computing and provide an
overview of ongoing research towards building GRID-aware security
and trust management solutions.
Title: Trust management in Telecommunication
Presenter: Dimitrios Tsigos
Abstract: Telecommunication industry can greatly benefit
of a distributed Trust Management framework. Trust Management
in Telecommunications generally falls into the following two
categories:
i. "Soft" actions based on trustworthiness of
various customers, that affect issues like pricing and Quality
of Service
ii. "Hard" actions that are designed to protect
from malicious users
We propose a hybrid approach; with both centralized and decentralized
trust management. "Soft" actions related trust can
be communicated via a decentralised recommendation system.
Recommenders might be network operators or even simple users.
On the other hand, "Hard" actions related trust
can be communicated via a centralised recommendation systems,
where recommenders can be only public authorities.
Title: Security and Trust Interoperability
in Heterogeneous Multiple Multi-Agent Systems
Presenter: Stefan Poslad
Abstract: Distributed multi-agent systems propose new
infrastructure solutions to support the interoperability of
electronic services. Security is a central issue for such
infrastructures and is compounded by their intrinsic openness,
heterogeneity and because of the autonomous and potentially
interested nature of the agents therein. This article reviews
the work that the FIPA agent standards group has undertaken
to specify security in multi-agent systems. This enables a
discussion about the main issues that developers have to face
at different levels (i.e., intra-platform, inter-platform
and application level) when developing agent-based security
solutions in various domains.
|
