Trustworthy Infrastructure Services for a Secure and Privacy-Respecting Internet of Things

Security is an important cornerstone for the Internet of Things (IoT). Due to the expected pervasion of IoT and its relevance in all fields of human activity, it will likely become a critical asset. Thus, the integrity of data and trust in the services offering the data is crucial. Further, to protect important data and user interests, confidentiality of data and privacy of users must be ensured. Moreover, each request and response in the frame of IoT has to be authenticated in a proper and secure way to ensure accountability and proper operation. Finally, with the usage of IoT for vital functionalities, availability becomes increasingly important, although availability is out of the scope of this document. The resolution infrastructure introduced in this work is a crucial component of the overall IoT architecture and most security goals are anchored here. Our suggested architecture ensures privacy and security for the resolution functions and offers as well a basis for other security functionalities needed outside the resolution infrastructure.

[1]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[2]  Diego Gambetta Can We Trust Trust , 2000 .

[3]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[4]  Ling Liu,et al.  TrustMe: anonymous management of trust relationships in decentralized P2P systems , 2003, Proceedings Third International Conference on Peer-to-Peer Computing (P2P2003).

[5]  Zhu Han,et al.  Defense of trust management vulnerabilities in distributed networks , 2008, IEEE Communications Magazine.

[6]  Stephen Marsh,et al.  Formalising Trust as a Computational Concept , 1994 .

[7]  Hector Garcia-Molina,et al.  Taxonomy of trust: Categorizing P2P reputation systems , 2006, Comput. Networks.

[8]  Akbar Ghaffarpour Rahbar,et al.  PowerTrust: A Robust and Scalable Reputation System for Trusted Peer-to-Peer Computing , 2007, IEEE Transactions on Parallel and Distributed Systems.

[9]  Kai Hwang,et al.  PowerTrust: A Robust and Scalable Reputation System for Trusted Peer-to-Peer Computing , 2007, IEEE Transactions on Parallel and Distributed Systems.

[10]  Belden Menkus,et al.  Understanding the use of passwords , 1988, Comput. Secur..

[11]  Huanguo Zhang,et al.  An Improved Global Trust Value Computing Method in P2P System , 2006, ATC.

[12]  Félix Gómez Mármol,et al.  Security threats scenarios in trust and reputation models for distributed systems , 2009, Comput. Secur..

[13]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[14]  Stephen Hailes,et al.  Supporting trust in virtual communities , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[15]  Jordi Sabater-Mir,et al.  REGRET: reputation in gregarious societies , 2001, AGENTS '01.

[16]  Suphithat Songsiri,et al.  MTrust: A Reputation-Based Trust Model for a Mobile Agent System , 2006, ATC.