Upload
jamalia-leblanc
View
35
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Daniele Quercia and Stephen Hailes CS department University College London {d.quercia,s.hailes}@cs.ucl.ac.uk. Risk Aware Decision Framework for Trusted Mobile Interactions. SECOVAL 2005. September 2005. Daniele Quercia. D. Quercia and S. Hailes. - PowerPoint PPT Presentation
Citation preview
Risk Aware Decision Framework for Risk Aware Decision Framework for Trusted Mobile InteractionsTrusted Mobile Interactions
September 2005
Daniele Quercia and Stephen HailesCS departmentUniversity College London{d.quercia,s.hailes}@cs.ucl.ac.uk
SECOVAL 2005
Daniele Quercia
SECOVAL 2005
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
22
OutlineMobile software concerns and
solutions;
Previous work on Trust Management and Expected Utility (EU);
Scenario;
Composing elements of the model;
Analysis of the model.
Daniele Quercia
33
Introduction
Mobile devices need to adapt to changing context.
How? They load software (sw) components from each other.
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
Problem: Security concerns when loading sw components (e.g., viral components and components not running as expected).
Daniele Quercia
44
Conventional Solution
Devices accept only digitally signed sw components. That’s acceptable as long as …
… #(sw providers) is low; … globally trustworthy Certification Authority.
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
Daniele Quercia
55
Our Proposal
A device uses a local decision framework to load software components.
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
model decision-making under uncertainty;
integrate user’s risk attitudes;
compute risk probabilities from trust mechanisms.
Such framework has desirable properties:
Daniele Quercia
66
Related Work – Trust Management Frameworks Marsh: computational trust concept.
Abdul-Rahmal and Hailes: use of recommendations.
Mui et al.: reputation concept.
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
formal trust model;
risk-based decision module.
Daniele Quercia
77
Related Work – Expected UtilityD. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
(a)
AC
TIO
NS
(b) STATES No Rain
Tak
e U
mbr
ella
Do
not
take
U
mbr
ella
(c) OUTCOME MATRIX
Rain
No Wet
No Wet
No Wet
Wet
(f) Decision Rule Max Overall Utility Function:
Action Utility
(d) Probability Function: State Probability (No Rain) (Rain)
(e) Elementary Utility Function:
Outcome Utilityu(Wet)
u(No Wet)
Daniele Quercia
88
Scenario: Secure Conference While Alice conferences on the move, her PDA guarantees secure communication across all traversed space.
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
Abstract Situation
1 2 3
Component Loader
Component Supplier
Semantics, Timeframe
Details, Service Level
BobAlice
Daniele Quercia
99
Scenario – Expected Utility Elements
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
(a)
AC
TIO
NS
(b) STATESCS
delivers C within R1
Tak
e C
Do
not
take
C
(c) OUTCOME MATRIX
CS delivers C within R2
CS delivers C within R3
Ask
Use
r
Carry on seamles-
sly
Carry on with
limited disruptions
Give up
Give up Give upGive up
Alice interacts with GUI
Alice interacts with GUI
Alice interacts with GUI
(f) Decision Rule
(d) Probability Function
(e) Elementary Utility Function
Daniele Quercia
1010
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
(f) Decision Rule
IN: - actions - nearby component suppliers.
OUT: max of expected utility.
action a and component supplier h, the expected utility is
outcome utility
Take CDo not take C
Ask User
state probability
Daniele Quercia
1111
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
(e) Elementary Utility Function o value(o) utility(o)
Logarithmic elementary utility function (user attitudes are risk-averse). To enhance tractability, 2 order Taylor approximation
We determine the application dimensions (e.g., absence of disruptions, spared user time, security gap)
ith dimension importance factors: • wi (user preferences);• Di(o) (function of outcome and application).
Daniele Quercia
1212
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
(d) Probability Function
h(s): component loader’s belief that a certain state s will take place when interacting with the component provider h.
Component loader receives Service Level= (dp, Confidence Level (CL)) computes each state probability (for a given h):
We need and : Trust and CL Uncertainty
CS delivers C within R1
CS delivers C within R2
CS delivers C within R3
Daniele Quercia
1313
Discussion Uncertainty is ……source of risks;…reduced through assurance (e.g, devices load only provable authored software) and trust (e.g., devices rely on trustworthiness assessments to make informed decisions).
Assurance-based approaches are preferable, but not always possible!
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005
Daniele Quercia
1414
Conclusion We have proposed a conceptual model of decision-making for software component loading, which…
…integrates trust mechanisms and risk assessment;…consider user risk attitudes.
Assumptions to be relaxed:constant risk-averse preferences;normal distribution for probability function.
D. Quercia and S. Hailes Risk Aware Decision Framework for Trusted Mobile Interactions
SECOVAL 2005