Routing with Confidence: A Model for Trustworthy Communication

Kapadia, Apu C.; Naldurg, Prasad G.; Campbell, Roy H.

Permalink

https://hdl.handle.net/2142/11151 Copy

Description

Title

Routing with Confidence: A Model for Trustworthy Communication

Author(s)

• Kapadia, Apu C.
• Naldurg, Prasad G.
• Campbell, Roy H.

Issue Date

2006-01

Keyword(s)

• networking
• computer security

Abstract

"We present a model for trustworthy communication with respect to security and privacy in heterogeneous networks. In general, existing privacy protocols assume independently operated nodes spread over the Internet. Most of the analysis of these protocols has assumed a fraction of colluding nodes picked at random. While these approaches provide promising guarantees of anonymity for such attack models, we argue that trust relationships dominate threats to privacy at smaller scales, and such independence assumptions should not be made. For example, within an organization, all nodes along a chosen path may be physically collocated, making a collusion attack more likely. Users can have varying notions of threat to their privacy -- users may not trust nodes located in a particular domain, or consider nodes with low physical security to be a particularly strong threat to their privacy. We present a model for trustworthy communication that addresses users' privacy needs in such environments. Our model also applies to peer-to-peer anonymizing networks such as Tor for finding more trustworthy routes. For example, users may consider nodes operating in a particular country to be untrustworthy. We recognize that users in the network will have different perceived threats and must be allowed to ""route around"" untrustworthy nodes based on these threats. Our research makes the following contributions: We present a formalization of trustworthy routing and examine its properties in an effort to understand the boundaries of attribute based trustworthy routing schemes. We propose a model that exposes trust relationships in the network to concerned users. Our policy language allows users to specify qualitative path policies based on their own perceived threat to security and privacy. We define a general quantitative measure of trust that is used to find routes that are most trustworthy based on this measure. We identify feasible and infeasible interpretations of trust by showing how trustworthy routes can be computed efficiently for certain semantic models of trust and by contributing several NP-hardness results for infeasible models of trust."

Type of Resource

text

Permalink

http://hdl.handle.net/2142/11151

Copyright and License Information

You are granted permission for the non-commercial reproduction, distribution, display, and performance of this technical report in any format, BUT this permission is only for a period of 45 (forty-five) days from the most recent time that you verified that this technical report is still available from the University of Illinois at Urbana-Champaign Computer Science Department under terms that include this permission. All other rights are reserved by the author(s).

Owning Collections