Tr-OrBAC: A trust model for collaborative systems within critical infrastructures

In last decades, the notion of collaborative systems is presented as the new concept in Critical Infrastructures. It regroups different organizations collaborating in order to ensure the continuity of these infrastructures. However, some malicious behavior can arise causing perturbations on the information systems of the organizations. To avoid this behavior, building trust between collaborating organizations is necessary; it allows cooperating and sharing resources in a secure way. In this paper, we present Tr-OrBAC: a new trust model applicable in collaborative systems; it is based on the OrBAC (Organization Based Access Control) access control model and trust evaluation. In this paper, we will focus on explaining and detailing the proposed trust model.

[1]  Anas Abou El Kalam,et al.  Collaborative Access Control For Critical Infrastructures , 2008, Critical Infrastructure Protection.

[2]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[3]  Kai Hwang,et al.  PowerTrust: A Robust and Scalable Reputation System for Trusted Peer-to-Peer Computing , 2007, IEEE Transactions on Parallel and Distributed Systems.

[4]  Silvano Chiaradonna,et al.  Evaluation of Critical Infrastructures: Challenges and Viable Approaches , 2007, WADS.

[5]  L. Mui,et al.  A computational model of trust and reputation , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[6]  Abderrahim Marzouk,et al.  TOrBAC: A Trust Organization Based Access Control Model for Cloud Computing Systems , 2012 .

[7]  Ling Liu,et al.  PeerTrust: supporting reputation-based trust for peer-to-peer electronic communities , 2004, IEEE Transactions on Knowledge and Data Engineering.

[8]  S. Kent Evaluating certification authority security , 1998, 1998 IEEE Aerospace Conference Proceedings (Cat. No.98TH8339).

[9]  Songxin Wang A Community-Based Trust Management Framework in P2P Systems , 2013, ICCC.

[10]  Anas Abou El Kalam,et al.  Multi-OrBAC: un modèle de contrôle d'accès pour les systèmes multi-organisationnels” , 2006 .

[11]  Akbar Ghaffarpour Rahbar,et al.  PowerTrust: A Robust and Scalable Reputation System for Trusted Peer-to-Peer Computing , 2007, IEEE Transactions on Parallel and Distributed Systems.

[12]  John D. Moteff,et al.  Critical Infrastructure and Key Assets: Definition and Identification , 2004 .

[13]  Ray L. Benedicktus The effects of 3rd party consensus information on service expectations and online trust , 2011 .

[14]  Mohammed Hawa,et al.  On enhancing reputation management using Peer-to-Peer interaction history , 2013, Peer Peer Netw. Appl..

[15]  Anas Abou El Kalam,et al.  PolyOrBAC: A security framework for Critical Infrastructures , 2009, Int. J. Crit. Infrastructure Prot..

[16]  Lea Kutvonen,et al.  Trust Management Survey , 2005, iTrust.

[17]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[18]  Nora Cuppens-Boulahia,et al.  O2O: Virtual Private Organizations to Manage Security Policy Interoperability , 2006, ICISS.

[19]  Bassem Nasser,et al.  Access Control Model for Inter-organizational Grid Virtual Organizations , 2005, OTM Workshops.

[20]  Ana R. Cavalli,et al.  How to Evaluate Trust Using MMT , 2014, NSS.

[21]  Bharat K. Bhargava,et al.  SORT: A Self-ORganizing Trust Model for Peer-to-Peer Systems , 2013, IEEE Transactions on Dependable and Secure Computing.