امروزه با پیشرفت فناوریهای ارتباطی، خصوصاً شبکههای کامپیوتری و اینترنت، تعاملات و فعالیتها در محیطهای مجازی فزونی یافته است. در تعاملات فیزیکی، اعتماد نقش مهمی را در شرایط نایقینی بازی میکند. در فضاهای مجازی تعاملی نیز هنگام تصمیمگیری در مورد ارتباطات، و انتخاب از میان محتواهای ارائه شده میتوان با ارائه تعریف مناسبی از اعتماد و به کارگیری آن، سیستمهای کاراتر و پویاتری طراحی کرد.
در این ارائه به بررسی نحوه تعریف و محاسبه اعتماد در حوزههای کاربردی مختلف میپردازیم. سپس با برخی کاربردهای این مباحث در ایجاد سامانههای کارا و پویا (نظیر سیستمهای توصیه، جمعآوری اخبار، فیلترکردن ایمیل و مسیریابی همتا به همتا) آشنا میشویم.
PAPER: https://www.researchgate.net/publication/237075236_Uncertainty_in_Probabilistic_Trust_Models
Computational models of trust try to transfer the concept of trust from the real to the virtual world. While such models have been widely investigated in the past decade, the uncertainty involved in trust computation has been overlooked in the literature. In this paper, uncertainty of probabilistic trust models is quantified using confidence intervals and its factors are determined through simulation. The results confirm the importance and highlight the amount of uncertainty in the Beta and HMM (Hidden Markov Model) trust models. In addition, an uncertainty-driven method is proposed which reduces the risk involved in the trust-based utility maximization according to uncertainty.
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear PairingsCSCJournals
Abstract In a multi-proxy signature scheme, an original signer delegates his signing power to a group of proxy signers. Then the group of proxy signers cooperatively generates a multi-proxy signature on behalf of the original signer; and any one can verify the validity of the multi-proxy signature. But, when the signed message is sensitive to the signature receiver, it is necessary to combine the concepts of multi-proxy signatures with directed signatures. In this paper, we propose an identity based directed multi-proxy signature scheme using bilinear pairings. This scheme allows a group of proxy signers to generate a valid multi-proxy signature to a designated verifier. The designated verifier can only directly verify the multi-proxy signature generated by a group of proxy signers issued to him on behalf of the original signer and, in case of trouble or if necessary, he can convince any third party about the validity of the signatures. Finally, we discuss the correctness and security analysis of the proposed scheme.
We have envisioned that computers will understand natural language and predict what we need help in order to complete tasks via conversational interactions. This talk focuses on context-aware understanding in different levels: 1) word-level contexts in sentences 2) sentence-level contexts in dialogues. Word-level contexts contribute both semantic and syntactic relations, which benefit sense representation learning and knowledge-guided language understanding. Also, sentence-level contexts may significantly affect dialogue-level performance. This talk investigates how misunderstanding of a single-turn utterance degrades the success rate of an end-to-end reinforcement learning based dialogue system. Then we will highlight challenges and recent trends driven by deep learning and intelligent assistants.
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...csandit
Proxy signature scheme permits an original signer to delegate his/her signing capability to a
proxy signer and then the proxy signer generates a signing message on behalf of the original
signer. So far, the proxy signature scheme is only applied in a special duration, when the
original signer is not in his office or when he travels outside. The two parties must be able to
authenticate one another and agree on a secret encryption key, in order to communicate
securely over an unreliable public network. Authenticated key agreement protocols have an
important role in building a secure communications network between the two parties. In this
paper, we propose a secure proxy signature scheme over an efficient and secure authenticated
key agreement protocol based on RSA cryptosystem.
حریم خصوصی در دنیای مدرن: خواستهها، چالشها، و راهحلهاSadegh Dorri N.
حریم خصوصی جزو مسائلی است که از دیرباز جزوی جدایی ناپذیر از روابط انسانی بوده است. با ظهور ابزارهایی همچون تلفن و دوربین عکاسی، این مفهوم شکل جدیدی به خود گرفت. شاید بتوان ادعا کرد که حریم خصوصی در حال حاضر جزو مهمترین دغدغهها در دنیای مدرن است به طوری که در بسیاری کشورها جزو حقوق اساسی به شما میرود و سازمان ملل نیز این حق را به رسمیت شناخته است. در این سمینار با معرفی اصول اطلاعات منصفانه به بررسی موشکافانه این حق میپردازیم. سپس حریم خصوصی در وبگردی را به عنوان یکی از اولین دغدغههای فعالیت در فضای برخط بررسی میکنیم و روشهای ردگیری در وب و برخی راههای مبارزه با آنها را معرفی میکنیم. در پایان نیز مروری اجمالی بر فنون حفظ حریم خصوصی خواهیم داشت.
ارزیابی سامانههای رایانهای با کمک شبیهسازیSadegh Dorri N.
یکی از روشهای ارزیابی سامانههای رایانهای، شبیهسازی به کمک رایانه است. این روش پیشینهای طولانی دارد و در موارد بسیاری که ارزیابی با روشهای صوری ممکن نیست، به کمک طراحان سامانه میآید. در صورتی که بتوان تمام حالات ممکن برای رفتار یک سامانه را در نظر گرفت و بر اساس آن ارزیابی را انجام داد، میتوان به یک نتیجهگیری مطمئن هم رسید. اما در عمل این فضای حالت چنان گسترده است که ارزیاب را ناگزیر میکند شبیهسازی را بر مبنای فرضیاتی در خصوص نوع ورودیها و زمانبندی آنها انجام دهد. اینجاست که اگر تحلیل نتایج به درستی انجام نشود، چیزی جز دستاوردهای تصادفی نخواهد بود و هیچ ارزش علمی نخواهد داشت؛ و نه تنها راهگشا نخواهد بود بلکه موجب گمراهی خواهد شد. در این ارائه با طرح دو مثال واقعی سعی میکنیم برخی ملاحظات و پیچیدگیهایی را که طراحی و تحلیل درست شبیهسازی و نتایج آن با روشهای آماری دارد، مطرح کنیم.
PAPER: https://www.researchgate.net/publication/237075236_Uncertainty_in_Probabilistic_Trust_Models
Computational models of trust try to transfer the concept of trust from the real to the virtual world. While such models have been widely investigated in the past decade, the uncertainty involved in trust computation has been overlooked in the literature. In this paper, uncertainty of probabilistic trust models is quantified using confidence intervals and its factors are determined through simulation. The results confirm the importance and highlight the amount of uncertainty in the Beta and HMM (Hidden Markov Model) trust models. In addition, an uncertainty-driven method is proposed which reduces the risk involved in the trust-based utility maximization according to uncertainty.
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear PairingsCSCJournals
Abstract In a multi-proxy signature scheme, an original signer delegates his signing power to a group of proxy signers. Then the group of proxy signers cooperatively generates a multi-proxy signature on behalf of the original signer; and any one can verify the validity of the multi-proxy signature. But, when the signed message is sensitive to the signature receiver, it is necessary to combine the concepts of multi-proxy signatures with directed signatures. In this paper, we propose an identity based directed multi-proxy signature scheme using bilinear pairings. This scheme allows a group of proxy signers to generate a valid multi-proxy signature to a designated verifier. The designated verifier can only directly verify the multi-proxy signature generated by a group of proxy signers issued to him on behalf of the original signer and, in case of trouble or if necessary, he can convince any third party about the validity of the signatures. Finally, we discuss the correctness and security analysis of the proposed scheme.
We have envisioned that computers will understand natural language and predict what we need help in order to complete tasks via conversational interactions. This talk focuses on context-aware understanding in different levels: 1) word-level contexts in sentences 2) sentence-level contexts in dialogues. Word-level contexts contribute both semantic and syntactic relations, which benefit sense representation learning and knowledge-guided language understanding. Also, sentence-level contexts may significantly affect dialogue-level performance. This talk investigates how misunderstanding of a single-turn utterance degrades the success rate of an end-to-end reinforcement learning based dialogue system. Then we will highlight challenges and recent trends driven by deep learning and intelligent assistants.
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...csandit
Proxy signature scheme permits an original signer to delegate his/her signing capability to a
proxy signer and then the proxy signer generates a signing message on behalf of the original
signer. So far, the proxy signature scheme is only applied in a special duration, when the
original signer is not in his office or when he travels outside. The two parties must be able to
authenticate one another and agree on a secret encryption key, in order to communicate
securely over an unreliable public network. Authenticated key agreement protocols have an
important role in building a secure communications network between the two parties. In this
paper, we propose a secure proxy signature scheme over an efficient and secure authenticated
key agreement protocol based on RSA cryptosystem.
حریم خصوصی در دنیای مدرن: خواستهها، چالشها، و راهحلهاSadegh Dorri N.
حریم خصوصی جزو مسائلی است که از دیرباز جزوی جدایی ناپذیر از روابط انسانی بوده است. با ظهور ابزارهایی همچون تلفن و دوربین عکاسی، این مفهوم شکل جدیدی به خود گرفت. شاید بتوان ادعا کرد که حریم خصوصی در حال حاضر جزو مهمترین دغدغهها در دنیای مدرن است به طوری که در بسیاری کشورها جزو حقوق اساسی به شما میرود و سازمان ملل نیز این حق را به رسمیت شناخته است. در این سمینار با معرفی اصول اطلاعات منصفانه به بررسی موشکافانه این حق میپردازیم. سپس حریم خصوصی در وبگردی را به عنوان یکی از اولین دغدغههای فعالیت در فضای برخط بررسی میکنیم و روشهای ردگیری در وب و برخی راههای مبارزه با آنها را معرفی میکنیم. در پایان نیز مروری اجمالی بر فنون حفظ حریم خصوصی خواهیم داشت.
ارزیابی سامانههای رایانهای با کمک شبیهسازیSadegh Dorri N.
یکی از روشهای ارزیابی سامانههای رایانهای، شبیهسازی به کمک رایانه است. این روش پیشینهای طولانی دارد و در موارد بسیاری که ارزیابی با روشهای صوری ممکن نیست، به کمک طراحان سامانه میآید. در صورتی که بتوان تمام حالات ممکن برای رفتار یک سامانه را در نظر گرفت و بر اساس آن ارزیابی را انجام داد، میتوان به یک نتیجهگیری مطمئن هم رسید. اما در عمل این فضای حالت چنان گسترده است که ارزیاب را ناگزیر میکند شبیهسازی را بر مبنای فرضیاتی در خصوص نوع ورودیها و زمانبندی آنها انجام دهد. اینجاست که اگر تحلیل نتایج به درستی انجام نشود، چیزی جز دستاوردهای تصادفی نخواهد بود و هیچ ارزش علمی نخواهد داشت؛ و نه تنها راهگشا نخواهد بود بلکه موجب گمراهی خواهد شد. در این ارائه با طرح دو مثال واقعی سعی میکنیم برخی ملاحظات و پیچیدگیهایی را که طراحی و تحلیل درست شبیهسازی و نتایج آن با روشهای آماری دارد، مطرح کنیم.
Trust models for Grid security environment – Authentication and Authorization methods – Grid security infrastructure – Cloud Infrastructure security: network, host and application level – aspects of data security, provider data and its security, Identity and access management architecture, IAM practices in the cloud, SaaS, PaaS, IaaS availability in the cloud, Key privacy issues in the cloud.
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONSIJNSA Journal
The majority of current web authentication is built on username/password. Unfortunately, password replacement offers more security, but it is difficult to use and expensive to deploy. In this paper, we propose a new mutual authentication scheme called StrongAuth which preserves most password authentication advantages and simultaneously improves security using cryptographic primitives. Our scheme not only offers webmasters a clear framework which to build secure user authentication, but it also provides almost the same conventional user experience. Security analysis shows that the proposed scheme fulfills the required user authentication security benefits, and can resist various possible attacks.
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORKcscpconf
An ad hoc network is a group of wireless mobile hosts that are connected momentarily through
wireless connections in the dearth of any centralized control or some supporting services. The
mobile ad hoc network is at risk by its environment because of the vulnerabilities at channel and
node level. The conventional security mechanisms deals with only protecting resources from unauthorized access, but are not capable to safeguard the network from who offer resources. Adding trust to the on hand security infrastructures would improvise the security of these environments. A trust oriented security framework for adhoc network using ontological engineering approach is proposed by modeling ad hoc network, the OLSR (Optimized Link State Routing) protocol and trust model as OWL (Ontology Web language) ontologies, which are integrated using Jena. In this model, a trustor can calculate its trust about trustee and use the calculated trust values to make decisions depending on the context of the application or interaction about granting or rejecting it. A number of experiments with a potential implementation of suggested framework are performed to validate the characteristics of a trust oriented model suggested by the literature by this framework
A cryptographic mutual authentication scheme for web applicationsIJNSA Journal
The majority of current web authentication is built
on username/password. Unfortunately, password
replacement offers more security, but it is difficult to use and expensive to deploy. In this paper, we propose
a new mutual authentication scheme called StrongAuth which preserves most password authentication
advantages and simultaneously improves security using cryptographic primitives. Our scheme not only
offers webmasters a clear framework which to build
secure user authentication, but it also provides almost
the same conventional user experience. Security analysis shows that the proposed scheme fulfills the required user authentication security benefits, and can resist various possible attacks.
SelCSP: A Framework to Facilitate Selection of Cloud Service Providers1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
An exaustive survey of trust models in p2 p networkijwscjournal
Most of the peers accessing the services are under the assumption that the service accessed in a P2P
network is utmost secured. By means of prevailing hard security mechanisms, security goals like
authentication, authorization, privacy, non repudiation of services and other hard security issues are
resolved. But these mechanisms fail to provide soft security. An exhaustive survey of existing trust and
reputation models in P2P network regarding service provisioning is presented and challenges are listed.
Trust issues like trust bootstrapping, trust evidence procurement, trust assessment, trust interaction
outcome evaluation and other trust based classification of peer’s behavior into trusted,, inconsistent, un
trusted, malicious, betraying, redemptive are discussed,
DDNFS: a Distributed Digital Notary File SystemIJNSA Journal
Safeguarding online communications using public key cryptography is a well-established practice today, but with the increasing reliance on “faceless”, solely online entities one of the core aspects of public key cryptography is becoming a substantial problem in practice: Who can we trust to introduce us to and vouch for some online party whose public key we see for the first time? Most existing certification models lack flexibility and have come under attack repeatedly in recent years[1, 2], and finding practical improvements has a high priority. We propose that the real-world concept of a notary or certifying witness can be adapted to today’s online environment quite easily, and that such a system when combined with peer-topeer technologies for defense in depth is a viable alternative to monolithic trust infrastructures. Instead of trusting assurances from a single party, integrity certifications (and data replication) can be provided among a group of independent parties in a peer-to-peer fashion. As the likelihood of all such assurance providers being subverted at the very same time is very much less than that of a single party, overall robustness is improved. This paper presents the design and the implementation of our prototype online notary system where independent computer notaries provide integrity certification and highly-available replicated storage, and discusses how this online notary system handles some common threat patterns.
Implementation of user authentication as a service for cloud networkSalam Shah
There are so many security risks for the users of cloud computing, but still the organizations are switching towards the cloud. The cloud provides data protection and a huge amount of memory usage remotely or virtually. The organization has not adopted the cloud computing completely due to some security issues. The research in cloud computing has more focus on privacy and security in the new categorization attack surface. User authentication is the additional overhead for the companies besides the management of availability of cloud services. This paper is based on the proposed model to provide central authentication technique so that secured access of resources can be provided to users instead of adopting some unordered user authentication techniques. The model is also implemented as a prototype.
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...CREST
This presentation describes privacy engineering for mobile health apps. it revealed that top-ranked apps lack fundamental data protection mechanisms, and that explicit and understandable consent in apps is needed for data access/sharing within or across organisations
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRIDijngnjournal
In grid computing, trust has massive significance. There is lot of research to propose various models in providing trusted resource sharing mechanisms. The trust is a belief or perception that various researchers have tried to correlate with some computational model. Trust on any entity can be direct or indirect. Direct trust is the impact of either first impression over the entity or acquired during some direct interaction. Indirect trust is the trust may be due to either reputation gained or recommendations received from various recommenders of a particular domain in a grid or any other domain outside that grid or outside that grid itself. Unfortunately, malicious indirect trust leads to the misuse of valuable resources of the grid. This paper proposes the mechanism of identifying and purging the untrustworthy recommendations in the grid environment. Through the obtained results, we show the way of purging of untrustworthy entities.
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)Lal Chandran
This is a paper presentation on EUDI wallets with OpenID for verifiable credentials (OID4VCI and OID4VP) published at https://igrant.io/papers/EUDI-Wallets-with-OID4VCI_OID4VP_v1.0.pdf. or https://docs.igrant.io/concepts/openID4vc/.
The paper extensively explores OpenID protocols harnessing the power of Verifiable Credentials, shedding light on the intricacies of these cutting-edge technologies. We delve into the realm of OpenID for Verifiable Credentials, delving into protocols such as Self-Issued OpenID Provider V2 (SIOPv2), Verifiable Credential Issuance (OID4VCI), and OpenID for Verifiable Presentations (OID4VP). These protocols are pivotal in bolstering privacy and strengthening digital identity in the modern age.
Throughout the paper, we showcase the transformative potential of these protocols, emphasising their crucial contributions to the ever-evolving landscape of digital wallets. Real-world scenarios are presented to illustrate the critical values of OID4VCI and OID4VP vividly. These scenarios serve as compelling examples of how these technologies can shape the future of digital identity, enhancing security and privacy while ensuring the seamless flow of information.
The paper spotlights the innovative European Union Digital Identity (EUDI) Wallets, a beacon of pioneering digital identity solutions. By bridging the gap between legacy eIDAS systems and SAML, EUDI Wallets pave the way for a secure and user-friendly digital identity ecosystem.
Key aspects covered in this paper include the authentication workflow, security measures like signatures and encryption, and the seamless passage of parameters within the EUDI Wallets ecosystem. By presenting these insights, we aim to highlight the substantial progress in digital identity and the role of OpenID protocols leveraging Verifiable Credentials in this ongoing revolution.
In summary, this paper serves as a comprehensive guide to understanding the significance of OpenID protocols in Verifiable Credentials. It explores their practical applications and transformative potential in shaping the future of digital identity. The research underscores the critical roles of OID4VCI and OID4VP in enhancing privacy and security while emphasising their vital contributions to the digital wallet landscape, specifically focusing on the innovative EUDI Wallets within the European Union.
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORKijwscjournal
Most of the peers accessing the services are under the assumption that the service accessed in a P2P network is utmost secured. By means of prevailing hard security mechanisms, security goals like authentication, authorization, privacy, non repudiation of services and other hard security issues are resolved. But these mechanisms fail to provide soft security. An exhaustive survey of existing trust and reputation models in P2P network regarding service provisioning is presented and challenges are listed. Trust issues like trust bootstrapping, trust evidence procurement, trust assessment, trust interaction outcome evaluation and other trust based classification of peer’s behavior into trusted,, inconsistent, un
trusted, malicious, betraying, redemptive are discussed,
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORKijwscjournal
ABSTRACT
Most of the peers accessing the services are under the assumption that the service accessed in a P2P
network is utmost secured. By means of prevailing hard security mechanisms, security goals like
authentication, authorization, privacy, non repudiation of services and other hard security issues are
resolved. But these mechanisms fail to provide soft security. An exhaustive survey of existing trust and
reputation models in P2P network regarding service provisioning is presented and challenges are listed.
Trust issues like trust bootstrapping, trust evidence procurement, trust assessment, trust interaction
outcome evaluation and other trust based classification of peer’s behavior into trusted,, inconsistent, un
trusted, malicious, betraying, redemptive are discussed,
معرفی آزمایشگاه زنجیره بلوک و زمینههای پژوهشیSadegh Dorri N.
اسلایدها مربوط به جلسه معرفی آزمایشگاه زنجیره بلوک دانشکده مهندسی برق و کامپیوتر دانشگاه تربیت مدرس است که در آن فناوری زنجیره بلوک (بلاکچین) و ارزهای دیجیتالی معرفی میشود و پس از آن زمینههای پژوهشی آزمایشگاه برای دانشجویان جدید معرفی میگردد.
Trust models for Grid security environment – Authentication and Authorization methods – Grid security infrastructure – Cloud Infrastructure security: network, host and application level – aspects of data security, provider data and its security, Identity and access management architecture, IAM practices in the cloud, SaaS, PaaS, IaaS availability in the cloud, Key privacy issues in the cloud.
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONSIJNSA Journal
The majority of current web authentication is built on username/password. Unfortunately, password replacement offers more security, but it is difficult to use and expensive to deploy. In this paper, we propose a new mutual authentication scheme called StrongAuth which preserves most password authentication advantages and simultaneously improves security using cryptographic primitives. Our scheme not only offers webmasters a clear framework which to build secure user authentication, but it also provides almost the same conventional user experience. Security analysis shows that the proposed scheme fulfills the required user authentication security benefits, and can resist various possible attacks.
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORKcscpconf
An ad hoc network is a group of wireless mobile hosts that are connected momentarily through
wireless connections in the dearth of any centralized control or some supporting services. The
mobile ad hoc network is at risk by its environment because of the vulnerabilities at channel and
node level. The conventional security mechanisms deals with only protecting resources from unauthorized access, but are not capable to safeguard the network from who offer resources. Adding trust to the on hand security infrastructures would improvise the security of these environments. A trust oriented security framework for adhoc network using ontological engineering approach is proposed by modeling ad hoc network, the OLSR (Optimized Link State Routing) protocol and trust model as OWL (Ontology Web language) ontologies, which are integrated using Jena. In this model, a trustor can calculate its trust about trustee and use the calculated trust values to make decisions depending on the context of the application or interaction about granting or rejecting it. A number of experiments with a potential implementation of suggested framework are performed to validate the characteristics of a trust oriented model suggested by the literature by this framework
A cryptographic mutual authentication scheme for web applicationsIJNSA Journal
The majority of current web authentication is built
on username/password. Unfortunately, password
replacement offers more security, but it is difficult to use and expensive to deploy. In this paper, we propose
a new mutual authentication scheme called StrongAuth which preserves most password authentication
advantages and simultaneously improves security using cryptographic primitives. Our scheme not only
offers webmasters a clear framework which to build
secure user authentication, but it also provides almost
the same conventional user experience. Security analysis shows that the proposed scheme fulfills the required user authentication security benefits, and can resist various possible attacks.
SelCSP: A Framework to Facilitate Selection of Cloud Service Providers1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
An exaustive survey of trust models in p2 p networkijwscjournal
Most of the peers accessing the services are under the assumption that the service accessed in a P2P
network is utmost secured. By means of prevailing hard security mechanisms, security goals like
authentication, authorization, privacy, non repudiation of services and other hard security issues are
resolved. But these mechanisms fail to provide soft security. An exhaustive survey of existing trust and
reputation models in P2P network regarding service provisioning is presented and challenges are listed.
Trust issues like trust bootstrapping, trust evidence procurement, trust assessment, trust interaction
outcome evaluation and other trust based classification of peer’s behavior into trusted,, inconsistent, un
trusted, malicious, betraying, redemptive are discussed,
DDNFS: a Distributed Digital Notary File SystemIJNSA Journal
Safeguarding online communications using public key cryptography is a well-established practice today, but with the increasing reliance on “faceless”, solely online entities one of the core aspects of public key cryptography is becoming a substantial problem in practice: Who can we trust to introduce us to and vouch for some online party whose public key we see for the first time? Most existing certification models lack flexibility and have come under attack repeatedly in recent years[1, 2], and finding practical improvements has a high priority. We propose that the real-world concept of a notary or certifying witness can be adapted to today’s online environment quite easily, and that such a system when combined with peer-topeer technologies for defense in depth is a viable alternative to monolithic trust infrastructures. Instead of trusting assurances from a single party, integrity certifications (and data replication) can be provided among a group of independent parties in a peer-to-peer fashion. As the likelihood of all such assurance providers being subverted at the very same time is very much less than that of a single party, overall robustness is improved. This paper presents the design and the implementation of our prototype online notary system where independent computer notaries provide integrity certification and highly-available replicated storage, and discusses how this online notary system handles some common threat patterns.
Implementation of user authentication as a service for cloud networkSalam Shah
There are so many security risks for the users of cloud computing, but still the organizations are switching towards the cloud. The cloud provides data protection and a huge amount of memory usage remotely or virtually. The organization has not adopted the cloud computing completely due to some security issues. The research in cloud computing has more focus on privacy and security in the new categorization attack surface. User authentication is the additional overhead for the companies besides the management of availability of cloud services. This paper is based on the proposed model to provide central authentication technique so that secured access of resources can be provided to users instead of adopting some unordered user authentication techniques. The model is also implemented as a prototype.
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...CREST
This presentation describes privacy engineering for mobile health apps. it revealed that top-ranked apps lack fundamental data protection mechanisms, and that explicit and understandable consent in apps is needed for data access/sharing within or across organisations
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRIDijngnjournal
In grid computing, trust has massive significance. There is lot of research to propose various models in providing trusted resource sharing mechanisms. The trust is a belief or perception that various researchers have tried to correlate with some computational model. Trust on any entity can be direct or indirect. Direct trust is the impact of either first impression over the entity or acquired during some direct interaction. Indirect trust is the trust may be due to either reputation gained or recommendations received from various recommenders of a particular domain in a grid or any other domain outside that grid or outside that grid itself. Unfortunately, malicious indirect trust leads to the misuse of valuable resources of the grid. This paper proposes the mechanism of identifying and purging the untrustworthy recommendations in the grid environment. Through the obtained results, we show the way of purging of untrustworthy entities.
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)Lal Chandran
This is a paper presentation on EUDI wallets with OpenID for verifiable credentials (OID4VCI and OID4VP) published at https://igrant.io/papers/EUDI-Wallets-with-OID4VCI_OID4VP_v1.0.pdf. or https://docs.igrant.io/concepts/openID4vc/.
The paper extensively explores OpenID protocols harnessing the power of Verifiable Credentials, shedding light on the intricacies of these cutting-edge technologies. We delve into the realm of OpenID for Verifiable Credentials, delving into protocols such as Self-Issued OpenID Provider V2 (SIOPv2), Verifiable Credential Issuance (OID4VCI), and OpenID for Verifiable Presentations (OID4VP). These protocols are pivotal in bolstering privacy and strengthening digital identity in the modern age.
Throughout the paper, we showcase the transformative potential of these protocols, emphasising their crucial contributions to the ever-evolving landscape of digital wallets. Real-world scenarios are presented to illustrate the critical values of OID4VCI and OID4VP vividly. These scenarios serve as compelling examples of how these technologies can shape the future of digital identity, enhancing security and privacy while ensuring the seamless flow of information.
The paper spotlights the innovative European Union Digital Identity (EUDI) Wallets, a beacon of pioneering digital identity solutions. By bridging the gap between legacy eIDAS systems and SAML, EUDI Wallets pave the way for a secure and user-friendly digital identity ecosystem.
Key aspects covered in this paper include the authentication workflow, security measures like signatures and encryption, and the seamless passage of parameters within the EUDI Wallets ecosystem. By presenting these insights, we aim to highlight the substantial progress in digital identity and the role of OpenID protocols leveraging Verifiable Credentials in this ongoing revolution.
In summary, this paper serves as a comprehensive guide to understanding the significance of OpenID protocols in Verifiable Credentials. It explores their practical applications and transformative potential in shaping the future of digital identity. The research underscores the critical roles of OID4VCI and OID4VP in enhancing privacy and security while emphasising their vital contributions to the digital wallet landscape, specifically focusing on the innovative EUDI Wallets within the European Union.
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORKijwscjournal
Most of the peers accessing the services are under the assumption that the service accessed in a P2P network is utmost secured. By means of prevailing hard security mechanisms, security goals like authentication, authorization, privacy, non repudiation of services and other hard security issues are resolved. But these mechanisms fail to provide soft security. An exhaustive survey of existing trust and reputation models in P2P network regarding service provisioning is presented and challenges are listed. Trust issues like trust bootstrapping, trust evidence procurement, trust assessment, trust interaction outcome evaluation and other trust based classification of peer’s behavior into trusted,, inconsistent, un
trusted, malicious, betraying, redemptive are discussed,
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORKijwscjournal
ABSTRACT
Most of the peers accessing the services are under the assumption that the service accessed in a P2P
network is utmost secured. By means of prevailing hard security mechanisms, security goals like
authentication, authorization, privacy, non repudiation of services and other hard security issues are
resolved. But these mechanisms fail to provide soft security. An exhaustive survey of existing trust and
reputation models in P2P network regarding service provisioning is presented and challenges are listed.
Trust issues like trust bootstrapping, trust evidence procurement, trust assessment, trust interaction
outcome evaluation and other trust based classification of peer’s behavior into trusted,, inconsistent, un
trusted, malicious, betraying, redemptive are discussed,
معرفی آزمایشگاه زنجیره بلوک و زمینههای پژوهشیSadegh Dorri N.
اسلایدها مربوط به جلسه معرفی آزمایشگاه زنجیره بلوک دانشکده مهندسی برق و کامپیوتر دانشگاه تربیت مدرس است که در آن فناوری زنجیره بلوک (بلاکچین) و ارزهای دیجیتالی معرفی میشود و پس از آن زمینههای پژوهشی آزمایشگاه برای دانشجویان جدید معرفی میگردد.
امروزه مجازیسازی یکی از روشهای پرطرفدار برای پیادهسازی کارگزاران وب است. این فناوری موجب کاهش هزینههای تجارتهای کوچک میشود. مجازیسازی یکی از جنبههای مهم ارائه خدمات ابری است که حتی برای تجارتهای بزرگ نیز از جذابیت زیادی برخوردار است.
در این سخنرانی به امکاناتی همچون Control Groups و Containers که در نسخههای جدیدتر هسته سیستم عامل لینوکس پیادهسازی شده است میپردازیم. هرچند این امکانات مجازیسازی کامل را به ارمغان نمیآورند، اما بسیاری از مزایای آن را با سربار بسیار کم در سطح هسته فراهم میکنند. راه حلهایی همچون LXC و Docker بر اساس این امکانات توانستهاند به نتایج خوبی برسند که هم از لحاظ تجاری در خور توجه هستند و هم تبعات و کاربردهای امنیتی دارند.
کنترل دسترسی بر مبنای اعتماد و آگاه از مخاطره در توریSadegh Dorri N.
PAPER: https://www.researchgate.net/publication/273834491_TIRIAC_A_trust-driven_risk-aware_access_control_framework_for_Grid_environments
دو رویکرد مهم به اعتماد در محیطهای محاسباتی وجود دارد. رویکرد اول که در آن اعتماد بر مبنای خطمشیها تعیین میشود، دقت بیشتری دارد اما در عوض پیچیدهتر و سختگیرتر، و نسبت به تغییرات در اعتمادپذیر آسیبپذیر است. در رویکرد دوم، اعتماد بر مبنای سابقه رفتار و به صورت پویا تعیین میشود. یکی از کاربردهای مهم اعتماد که از لحاظ مفهومی هم جایگاه روشنی دارد، کنترل دسترسی است؛ به طوری که حتی برخی کنترل دسترسی را معادل مدیریت اعتماد (خطمشیبنیاد) دانستهاند. اعتماد سابقهبنیاد هم میتواند به عنوان یکی از خصوصیات موجودیتها، توانایی توصیف خطمشیهای کنترل دسترسی را افزایش دهد یا به عنوان نمایندهٔ سابقهٔ رفتار موجودیت عمل کند و امکان پیشبینی و اصلاح دادههای ناقص در کنترل دسترسی را بدهد.
در این سخنرانی، چارچوب کنترل دسترسی آرام (اعتماد-رانهٔ آگاه از مخاطره) را معرفی میکنیم که حاصل پژوهش دوره دکتری اینجانب است. در این چارچوب به منظور رفع بخشی از کاستیهای روشهای موجود، رویکردهای سابقهبنیاد و خطمشیبنیاد ترکیب میشود و در کنترلدسترسی توزیع شده به کار گرفته میشود. نمونه متعالی یک سامانه توزیع شده کنترل دسترسی، توری است. چارچوب پیشنهادی به عنوان یک مؤلفهٔ نسبتاً مستقل سامانه کنترل دسترسی در توری ارائه شده است. در چارچوب پیشنهادی، التزامها به عنوان راه حلی یکپارچه برای ارزیابی اعتماد و مدیریت مخاطره در کنترل دسترسی به کار گرفته میشوند. از یک سو، التزامهای اعتمادساز به مدیران اجازه میدهند وظایف کاربران را در قبال خدماتی که دریافت میکنند مشخص کنند. از طرف دیگر، برآورده شدن التزامها به واسطه دسته دیگری از التزامها به صورت نظاممند و قابل اتکایی تحت نظر گرفته میشود.
Privacy is a fundamental concern in human societies. While not a new concept, its meaning has been renovated in modern age. From the social perspective, the new generation of people with “always connected” smart phones which can instantly share photos, videos, and voice records with a country-scale virtual society brings about lots of new privacy challenges. From the business perspective, the users' privacy has become a top demand, and challenging technological requirement which is sometimes in conflict with marketing techniques. And from the government perspective, surveillance is really confronting citizens' privacy. Privacy has been accepted as a fundamental right in the United Nations and many countries. In this talk, we will have a quick look to the needs, challenges, and solutions for privacy from an engineering perspective.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSEDuvanRamosGarzon1
AIRCRAFT GENERAL
The Single Aisle is the most advanced family aircraft in service today, with fly-by-wire flight controls.
The A318, A319, A320 and A321 are twin-engine subsonic medium range aircraft.
The family offers a choice of engines
Automobile Management System Project Report.pdfKamal Acharya
The proposed project is developed to manage the automobile in the automobile dealer company. The main module in this project is login, automobile management, customer management, sales, complaints and reports. The first module is the login. The automobile showroom owner should login to the project for usage. The username and password are verified and if it is correct, next form opens. If the username and password are not correct, it shows the error message.
When a customer search for a automobile, if the automobile is available, they will be taken to a page that shows the details of the automobile including automobile name, automobile ID, quantity, price etc. “Automobile Management System” is useful for maintaining automobiles, customers effectively and hence helps for establishing good relation between customer and automobile organization. It contains various customized modules for effectively maintaining automobiles and stock information accurately and safely.
When the automobile is sold to the customer, stock will be reduced automatically. When a new purchase is made, stock will be increased automatically. While selecting automobiles for sale, the proposed software will automatically check for total number of available stock of that particular item, if the total stock of that particular item is less than 5, software will notify the user to purchase the particular item.
Also when the user tries to sale items which are not in stock, the system will prompt the user that the stock is not enough. Customers of this system can search for a automobile; can purchase a automobile easily by selecting fast. On the other hand the stock of automobiles can be maintained perfectly by the automobile shop manager overcoming the drawbacks of existing system.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
1. Trust in the Virtual World
By: Sadegh Dorri Nogoorani
http://ce.sharif.edu/~dorri
1390/8/2 – 2011/10/24
(ISC Monthly Seminar)
In the Name of Allah
2. Who Knows on the Net...?
A notion of trust similar to
real world trust is
needed in the virtual
world…
Coordinating Agent
Interactions without
Strict Control
Mechanisms
Fig. by Peter Steiner (The New Yorker, 5 July 1993)
1390/8/2 - 2011/10/24 2Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
3. Outline
Concepts
Definitions and basic terminology
Trust and Reputation in Action
Applications
Attacks
Trust Engines
Probabilistic, logic, …
Trust in CROWDS
A detailed example
1390/8/2 - 2011/10/24 3Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
5. Trust ()اعتماد
Definition [CF10]
The expectation/belief that…
… trustee will perform actions designed to produce
positive results in the future for the trustor…
… in situations of consistent perceived risk.
Properties
Subjective, context dependent, asymmetric, transitive,
dynamic
Calculation
Structural: organizational, category-membership
Relational: history-based, using trust transitivity
Cognitive: dispositional, trustee attributes
1390/8/2 - 2011/10/24 5Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
6. Trust Scenario
Trustor
(اعتمادگر)
Trustee
(معتمد)
Direct Trust (مستقیم )اعتماد
Functional
(عملکردی)
Referential
(ارجاعی)
Functional
Functional
Indirect Trust (Inference)
مستقیم غیر اعتماد(استنتاج)
1390/8/2 - 2011/10/24 6Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Recommenders (گران)توصیه
7. Reputation ( شهرت/وجهه )
Definition (Concise Oxford Dictionary)
A widespread belief that someone or
something has a particular characteristic.
Common belief
Relationship with Trust
Trust is subjective and has more weight
“I trust you because of your good reputation”
“I trust you despite your bad reputation”
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 7
9. Aspects of a Trust System [HZN09]
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 9
10. Applications of Trust
Soft Security Mechanism against
Low quality services
Misrepresentation of services
Incorrect information
Fraud
Others
Recommender and filtering systems
Targets
Content, services, people
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 10
11. Attacks on a Trust-Based System
Self-Promotion
Falsely increase the trust on the attacker(s)
Whitewashing ()الپوشانی
Restoring the broken trust
Slandering (کردن )الغر
Falsely reduce the trust on other nodes
Other
Hybrid of the above attacks, DoS, …
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 11
12. Example: Reputation in a P2P
System
● Nodes have no information about most others
● Fake or virus infected content
● Free riders
● Challenges
● Anonymity -> selfish users
● Highly distributed
● Unreliable network connections
● Partial information (in unstructured topologies)
● Untrustworthiness of storage peers
1390/8/2 - 2011/10/24 12Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
13. Example: Email Filtering
● Blind delivery of messages
● In Jan.of 2008, 75% of Internet email was spam.
● Detecting spam after delivery wastes a lot of
resources and is error-prone.
● KarmaNET [SXMW09]
● Messages are routed through social paths
● Trust is defined in three aspects:
– Routing (against free-riders)
– Forwarding (distinguish malicious nodes from careless
forwarders)
– Initiation
● Bad messages penalize all related peers, so they
(automatically) tune their behavior
1390/8/2 - 2011/10/24 13Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
14. Example: Social Routing
● Blind routing
● Has inherent security problems such as DDoS
and Spam
● No separation between routing addr. & identity
● Lack of msg. receiver control
● Solutions are not scalable and/or inefficient
● DSL [BYHW09]
● Messages are routed through social paths
between sender and receiver, and based on the
keywords describing the intention of the
message.
1390/8/2 - 2011/10/24 14Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
15. Example: Security and Privacy with
Trust
Probabilistic Security
Security is not definite in many cases
Hard-to-break security: birthday attack
Trust can be used to tune the desired security
Access control
User levels are determined using trust metrics
(Advogato, StackExchange)
Hybrid security policy: super computer example
Privacy in Anonymity Networks
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 15
16. Other Applications
● News syndication
● Using trust in order to resolve contradictions
in information
● Discard the statements from the least trusted
sources
● Recommender systems
● To use trust in place of similarity
● Users are significantly more similar to their
trusted peers than to the population as a
whole
1390/8/2 - 2011/10/24 16Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
18. Simple Summation or Average of
Ratings
● More advanced: weighted average
● Trustworthiness/reputation
● Age of the rating
● Distance between rating and current
score
1390/8/2 - 2011/10/24 18Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
i
ii
w
wr
19. Probabilistic Engines
Trust: Expected Probability of Success
Bayesian Approach [JI02]
Use the Bayes rule to update p
HMM Approach [ElS10]
Use a Hidden Markov Model to calculate p
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 19
},{ xxR
),,|Pr( ,,
1
,, tetr
tn
tetr
t
tetr
t
tetr
t OOxOp
][ ,, tetr
t
tetr
t pE
2
1
sr
r
20. Trust Inference
● Trust in an unknown peer can be
inferred according to paths in social
networks
● Strongest path
● Weighted paths
● BFS-like (TidalTrust)
● Probabilistic and Bayesian methods
● Subjective logic operators
1390/8/2 - 2011/10/24 20Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
21. Subjective Logic [JHP06]
1390/8/2 - 2011/10/24 21Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
),,,( audbA
B B
C
A
B
BA
C : B
C
A
B
BA
C
22. Other Engines
Fuzzy Inference Engines
Direct trust: multi-criteria decision making
Trust inference: fuzzy aggregation operators
Game Theoretic Approaches
Try to defend strategic attacks
Many Proposals: or ?
Evaluation: human-based vs. utility-based
Must be related to human notion of trust
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 22
24. The CROWDS Protocol [RR98]
Provides Anonymous Web Transactions
A user is either completely honest or dishonest
The originator passes the message to a randomly
selected path of users to reach destination (the reverse
for reply).
Probability of Forwarding
1-pf: forward to the end server
pf: forward to a random user
Privacy (Anonymity) Level: Probable Innocence
… the sender appears no more likely to be the
originator than to not be.
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 24
25. CROWDS + Trust
Extended Protocol [SEH10]
The users may switch between honest and
dishonest.
Trust (reputation) info + forwarding policy
ti (in [0,1]): The Reputation of a User
Robustness of user i to becoming corrupt
(probability)
{q1,…,qn}: The Forwarding Policy
Common to all users
qi: The probability of forwarding to user i
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 25
26. Anonymity in CROWDS + Trust
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 26
Guaranteeing Probable Innocence
Idea: adjust the forwarding policy according to
reputation values
Solve the following system of linear inequalities
to find the desired forwarding policy(ies):
2
1
27. Anonymity in CROWDS + Trust (cont.)
Example with Three Principles
The equations yield two solutions:
A possible choice:
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 27
28. Comparing with the Original CROWDS
Forwarding Policy of the original protocol:
Does not satisfy the innocence inequalities
Consequence:
If the users are partially honest, the CROWDS
may not provide probable innocence.
Trust information can be used to provide the
required anonymity.
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 28
29. Conclusions
● Trust in the VW
● Translating social concepts to computational
methods
● Many applications
● Sound mathematical basis
● Trust as a Soft Security Mechanism
● Access control
● Probabilistic security
● …
● A Long Way in Front!
1390/8/2 - 2011/10/24 29Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
31. References
[BYHW09] L. Banks, S. Ye, Y. Huang, and S. F. Wu, “Davis social links: integrating
social networks with internet routing,” in Proceedings of the 2007 Workshop on
Large Scale Attack Defense (LSAD’07), New York, NY, USA, 2007, pp. 121–128.
[CF10] C. Castelfranchi and R. Falcone, Trust theory: a socio-cognitive and
computational model. Chichester, West Sussex, England: Wiley, 2010.
[ElS10] E. ElSalamouny, “HMM-based trust model,” Revised Selected Papers of the 6th
International Workshop on Formal Aspects in Security and Trust (FAST), Eindhoven,
The Netherlands, Nov. 2009, vol. 5983, pp. 21-35, 2010.
[Gol06] J. Golbeck, “Trust on the World Wide Web: A Survey”, Foundation and Trends
in Web Science, vol. 1, no. 2, pp. 131–197, 2006.
[HZN09] K. Hoffman, D. Zage, and C. Nita-Rotaru, “A survey of attack and defense
techniques for reputation systems,” ACM Computing Surveys, vol. 42, no. 1, pp. 1-
31, Dec. 2009.
[JHP06] A. Jøsang, R. Hayward, and S. Pope, “Trust network analysis with subjective
logic,” in Proceedings of the 29th Australasian Computer Science Conference -
Volume 48, Hobart, Australia, 2006, pp. 85-94.
[JI02] A. Jøsang and R. Ismail, “The Beta Reputation System,” in Proceedings of the
15th Bled Conference on Electronic Commerce, Bled, Slovenia, 2002.
1390/8/2 - 2011/10/24 31Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
32. References (cont’d)
[SEH10] V. Sassone, E. ElSalamouny, and S. Hamadou, “Trust in Crowds:
Probabilistic Behaviour in Anonymity Protocols,” in Trustworthly Global
Computing, vol. 6084, M. Wirsing, M. Hofmann, and A. Rauschmayer, Eds.
Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 88-102.
[SXMW09] M. Spear, Xiaoming Lu, N. Matloff, and S. F. Wu, “KarmaNET:
Leveraging trusted social paths to create judicious forwarders,” in
Proceedings of the 1st International Conference on Future Information
Networks (ICFIN), Beinjin, China, 2009, pp. 218-223.
[RR98] M. K. Reiter and A. D. Rubin, “Crowds: anonymity for Web transactions,”
ACM Transactions on Information Systems Security, vol. 1, no. 1, pp. 66–92,
Nov. 1998.
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 32