Modelling Interaction using Trust and Recommendations in Pervasive Computing Environment

Abstract

Pervasive computing is characterized by large numbers of roaming entities and the absence of a globally available fixed infrastructure. In such an environment entities need to collaborate with little known or even unknown entities. In traditional environments with clearly defined administrative boundaries security decisions are usually delegated to a centralized administrative authority. In the pervasive computing environment no single entity can play this role, entities are required to make their own security decisions and as a result traditional techniques are not an option. Human notion of trust enables human societies to collaborate and interact based on personal and shared experiences. Thus a security model based on the real world characteristics of trust can provide the internal security for autonomous computing devices embedded in pervasive environment before taking action, despite uncertainty and inadequate information. The work presents an adaptive trust and recommendation based access control model based on human notion of trust. The proposed model provides support to calculate direct as well as indirect trust based on recommendations. It handles situations (by itself) both in which the requesting entity has a past experience with the service and a stranger entity requesting to access the service without any past interaction with the service. A mathematical formula together with adaptable security policies is introduced to handle malicious strategic attack in direct trust computation. The model encompasses the ability to reason human cognitive behavior and has the capability to adjust in accordance with behavioral pattern changes. The performance of indirect trust computation models (based on recommendations) can be easily compromised due to the subjective and social-based prejudice of the provided recommendations. Eradicating the influence of such recommendation remains an important and challenging issue in indirect trust computation models. An effective model for indirect trust computation is also proposed which is capable of identifying dishonest recommendations. Dishonest recommendations are identified by using deviation based detecting technique. The concept of measuring the credibility of recommeni dation (rather than credibility of recommender) using fuzzy inference engine is also proposed to determine the influence of each honest recommendation. The proposed model has been compared with other existing evolutionary recommendation models in this field, and it is shown that the model is more accurate in measuring the trustworthiness of unknown entity. An XML-over-UDP based recommendation exchange protocol to share recommendation information between smart devices, is also outlined to complement the model. Implementation of the proposed model on android smart phone using OSGi is presented to demonstrate the effectiveness of the protocol in pervasive computing environment. Experimental results demonstrate that using HTTP or TCP for recommendation exchange between smart devices in wireless environment lead to significantly higher overhead as compared to XML-over-UDP. In general, our research work presents a comprehensive framework for secure trust based access control that will augment future research towards real world implementation of pervasive computing environment.