International Journal of Trust Management in Computing and Communications (3 papers in press)
Socio-cultural distrust of Internet information
by Kenneth David Strang
Abstract: We live in a globalized context due to Internet communications and computing technology. Given the false or misleading information provided by some information service providers, there may be a rising distrust of Internet-based material. In this paper the goal was to evaluate the distrust of Internet material, using a social demographic theoretical lens. The results of the study were fascinating, because the distrust for social media was higher than other Internet communications. Males distrusted Internet communications more than females. In contrast, American Indian and black females trusted Internet communications more than males. The results of this study should generalize to marketing discipline practitioners such as new business product/service development and also to national policy makers.
Keywords: Consumer Behavior; Online Information; Trust management; Cross-Culture.
Caucus: An Authentication Protocol for Cloud Federation
by Anant Nimkar, Soumya Ghosh
Abstract: Cloud federation provides computing services of internal and external cloud providers. Computing services can be virtual resources or services as per delivery models viz. IaaS, PaaS, SaaS. These computing services are collectively owned, accessed and controlled by one or more federating participants like user, broker, cloud providers, service provider etc. Thus, subjects are subsets of federating participants for use, execution, deployment and management of computing services in the established federation. Each such subject must be authenticated before authorization of computing services. In typical cross-domain authentication, each subject has two identities obtained from two identity providers. This cross-domain authentication can also be viewed as a federation of two entities. However, challenge lies in a situation where authentication needs to be done based on more than two identities of federating participants. All identity management solutions cannot address authentication of subjects comprising of more than two federating participants. In this paper, we propose a protocol for authentication (called as Caucus Authentication Protocol) of subjects as a subset of one or more federating participants using a variant of Multi-Party Computation (MPC). Theoretical study attempts to prove liveness and safety properties of proposed Caucus Authentication Protocol (CAP) for the validation of dead-lock-free communication. The simulation results show that the protocol provides authentication of subjects in acceptable response time.
Keywords: IaaS; SaaS; Cloud; Federation; Authentication; Security; Access Control;.
Personalized Reconfigurable Trust Management
by Hisham Rashad, Mohamed Eltoweissy
Abstract: Trust is the keystone of success in any relationship between two or more parties. Current technologies to include cloud computing, social networking, and mobile applications, coupled with the explosion in storage and processing power, are evolving massive-scale marketplaces for a wide variety of resources and services. In such marketplaces, users (consumers, providers and brokers) are largely autonomous with vastly diverse requirements, capabilities, and trust profiles. Thus trustworthy relationships (interactions and transactions) are challenging endeavors. We claim the need for a customizable trust management system that can be personalized for the robustness and wide-scale adoption of such vastly heterogeneous marketplaces. In this paper, we present architecture for customizable and reconfigurable trust management to accommodate varying levels of diversity and trust personalization. The proposed architecture decouples trust management operations and defines five interrelated reconfigurable components, which collectively can be used to implement a wide spectrum of trust management systems ranging from generic to highly personalized. We use our architecture to evaluate trust personalization. In our experiments, we implement both a personalized and a generic trust management system, and contrast their effectiveness, efficiency, resiliency and scalability. The results show that personalized trust management systems are more effective and efficient particularly with the increase in user diversity. The results also demonstrated the resiliency and scalability
Keywords: Trust Management; Reputation Management; Personalized Trust; Trust Architecture; Customizable Systems; Dynamic Clustering.