Autonomic Trust Management In Dynamic Systems

Research in pervasive computing is aimed at creating environments where users can seamlessly benefit from ubiquitous computing resources despite the complexity of the environment. Providing security in such systems is a difficult task since traditional security mechanisms often require significant user attention and do not scale well to large, mobile, and open environments. To combat this problem, distributed trust has been proposed to provide security in pervasive systems. While much research has been performed in the area, many vulnerabilities and insufficiencies still exist, especially in mobile ad-hoc systems that cannot support distributed trust mechanisms requiring pre-existing infrastructure and cooperation. Dynamic pervasive systems operate in highly dynamic environments that introduce additional challenges such as intermittent connectivity and lack of infrastructure.This dissertation addresses several problems pertinent to the design and deployment of distributed trust mechanisms in dynamic pervasive systems. In particular, this dissertation presents the design and evaluation of the following framework and mechanisms to enhance security in dynamic systems. The Distributed Trust Toolkit (DTT) is a modular framework for the design and deployment of distributed trust mechanisms over a wide variety of systems, networks, and devices. Adaptive Resource Exploration (AREX) and Reliable Service Composition (ReSCo) are built for two specific classes of applications that occur frequently in dynamic systems. AREX uses a game theoretic approach to motivate strategic, malicious entities to attack less often. ReSCo is designed for dynamic service composition systems and works by adapting to make selections of compositions paths and nodes. Social Trust (SoTru) is a system for augmenting trust mechanisms such as AREX and ReSCo with information from users' social networks to reduce risk and enhance their performance. A unique feature of the above contributions is that each can be used independently or in combination to address challenges in secure dynamic systems. DTT facilitates the integration of AREX, ReSCo and SoTru into existing dynamic systems. AREX and ReSCo provide scalable, low cost security mechanisms that provide protection despite hostile, open, and mobile environments. When used together, with the addition of SoTru, the ideas presented in this dissertation can be used to enhance the effectiveness and seamlessness of security in dynamic systems.