System Architecture and Networking group (SAN) Department of Mathematics and Computer Science

EIRICT Eindhoven Institute for Research on ICT

VITRUVIUS: Trust Management Model for Component-based Applications in Body Sensor Networks

Vinh Bui, Johan Lukkien, Richard Verhoeven, Jean-Paul Linnartz, Joep de Groot, Shudong Chen

1. Introduction • Context Body Sensor Network (BSN) becomes a common platform Diverse applications: healthcare, sport coaching, gaming Any application or component a user can download and install

dynamically in order to configure functionality of BSN Vital requirements are dependability, privacy, and user-

centric control

• Problem: New installed components, applications may affect system (BSN) properties: dependability, privacy

• Approach: Trust management model assists to preserve system properties under dynamic changes in applications

2. System Architecture

• Backend systems Doctor ‘programs’ in his own environment and uploads

application-specific components to the BSN Retrieve and examine data from the BSN

• Sensor nodes Extract and send sensing data to the Body hub Signal processing components, can be uploaded over the

air by the Body hub, to pre-process data • Body hub Store and process data according to instructions from

components and decision support engine Security interface and configuration manager provide run-

time upload and configuration of components Trust & ownership manager predicts and monitors system

properties at system configuration and run time

3. Trust Management Model • Example threats New component disables other running components by

excessive use of system resources: CPU time, battery, etc Functionality or computing accuracy is not acceptable Unauthorized access or leakage of private information

• Trust management Evaluate trustworthiness at component, application, and

system levels in installation and run time Provide controlling mechanisms for misbehavior or

untrusted components

• Basic trust evaluation

4. Conclusions • Trust management model can provide the user a

transparent view on trust levels of applications and the system, and assist to preserve system properties

• Current platform allows to install dynamically applications, collect and process sensing data at several levels

• Future work is to specify the quality profile, trust policy, and trust evaluation more precisely and to create an experiment of budget-based resource monitoring and control

5. Contact & Reference • Website: http://www.win.tue.nl/san/projects/vitruvius/

• Emails: t.v.bui@tue.nl, j.j.lukkien@tue.nl, p.h.f.m.verhoeven@tue.nl

• Vinh T. Bui, Johan J. Lukkien, and Richard Verhoeven. Toward a Trust Management Model for a Configurable Body Sensor Platform. In Proceeding 6th ICST Conference on Bodynets. 2011

Fig 2. Vitruvius system architecture. Component C is downloaded to Body hub B to configure functionality of the BSN.

…

Sens

or

Nod

e

IEEE 802.15.4

Actuator

Signal Processing

Sensor

Apps

Bod

y Se

nsor

Net

wor

k (B

SN)

Bod

y hu

b (B

)

Application Specific

Component

Sensor Abstraction Layer

Data Storage

Application Specific

Component

Trus

t & O

wne

rshi

p M

anag

er

Con

figur

atio

n

Man

ager

Decision Support Engine

Backend System

Data

Sens

or

Nod

e

Actuator

Signal Processing

Sensor

IEEE 802.11

Package (C)

Expert System

Security Interface

Fig 3. The factors related to trustworthiness and the trust evaluations at component, application, and system levels.

Fig 4. The process of trust evaluation, monitoring, and controlling for a trustee at runtime.

Fig 6. Demonstration GUI, showing sensing data collection, low-level event processing, and diagnostic data.

Fig 5. Demonstration GUI, showing the installation of multiple applications.

ICT.OPEN 2011

Fig 1. The Vitruvius platform regards a BSN as a mobile cluster represented by the Body hub, a more advanced node in the network. The BSN connects to backend systems for software updates and data exchange.

ECG

Blood pressure

EMG Internet

Body hub

Social care

Epilepsy monitoring

BSN Backend systems

1

n

C i ii

tv w qa=

= ×∑ : trust value of component C : a quality attribute of component C, getting from the

quality profile or from monitoring behavior of C : weight of quality attribute , depending on the system

context and the trust policy

Ctviqa

iqaiw