Seyed Alireza Hasheminasab; Behrouz Tork Ladani; Tansu Alpcan
Abstract
In today's highly interconnected networks, security of the entities are often interdependent. This means security decisions of the agents are not only influenced by their own costs and constraints, but also are affected by their neighbors’ decisions. Game theory provides a rich set of tools to ...
Read More
In today's highly interconnected networks, security of the entities are often interdependent. This means security decisions of the agents are not only influenced by their own costs and constraints, but also are affected by their neighbors’ decisions. Game theory provides a rich set of tools to analyze such influence networks. In the game model, players try to maximize their utilities through security investments considering the network structure, costs and constraints, which have been set by the network owner. However, decisions of selfish entities to maximize their utilities do not always lead to a socially optimum solution. Therefore, motivating players to reach the social optimum is of high value from the network owner’s point of view. The network owner wants to maximize the overall network security by designing the game's parameters. As far as we know, there is no notable work in the context of linear influence networks to introduce appropriate game design for this purpose. This paper presents design methods that make use of the adjustments of players’ costs, interdependencies, and constraints to align players' incentives with a network-wide global objective. We present a comprehensive investigation of existence and uniqueness conditions of Nash Equilibrium in such environments. Furthermore, numerical results of applying the proposed mechanisms in a sample real-world example are illustrated.
S. Ghasemi Falavarjani; Behrouz Tork Ladani; S. Ghasemi
Abstract
An important issue in P2P networks is the existence of malicious nodes that decreases the performance of such networks. Reputation system in which nodes are ranked based on their behavior, is one of the proposed solutions to detect and isolate malicious (low ranked) nodes. Gossip Trust is an interesting ...
Read More
An important issue in P2P networks is the existence of malicious nodes that decreases the performance of such networks. Reputation system in which nodes are ranked based on their behavior, is one of the proposed solutions to detect and isolate malicious (low ranked) nodes. Gossip Trust is an interesting previously proposed algorithm for reputation aggregation in P2P networks based on the concept of gossip. Despite its important contribution, this algorithm has deficiencies especially with high number of nodes that leads to high execution time and low accuracy in the results. In this paper, a grouped Gossip based Reputation Aggregation (GGRA) algorithm is proposed. In GGRA, Gossip Trust is executed in each group between group members and between groups instead of executing in the whole network. Due to the reduction in the number of nodes and using strongly connected graph instead of a weakly one, gossip algorithm in GGRA is executed quickly. With grouping, not only reputation aggregation is expected to be more scalable, but also because of the decrement in the number of errors of the gossiped communication, the results get more accurate. The evaluation of the proposed algorithm and its comparison with Gossip Trust confirms the expected results.
M. Ezhei; B. Tork Ladani
Abstract
Nowadays, the growth of virtual environments such as virtual organizations, social networks, and ubiquitous computing, has led to the adoption of trust concept. One of the methods of making trust in such environments is to use a long-term relationship with a trusted partner. The main problem of this ...
Read More
Nowadays, the growth of virtual environments such as virtual organizations, social networks, and ubiquitous computing, has led to the adoption of trust concept. One of the methods of making trust in such environments is to use a long-term relationship with a trusted partner. The main problem of this kind of trust, which is based on personal experiences, is its limited domain. Moreover, both parties of such trust relationship will face big problems of collecting data and forming reasonable and reliable beliefs. Considering the concept of "group" in modeling trust is a way to overcome the above mentioned problems. Since, group-based trust is more suited with the nature of trust in new virtual environments. In this paper, a new trust model called "GTrust" is proposed in which trust is considered as a collective and shared feature of all group members. Therefore, group membership is used as the judgment criteria regarding a person's expected behavior and how he can be a trustee. GTrust is based on Metagraphs which are graphical data structures for representing a collection of directed set-to-set mappings. We show that by using GTrust, large trust spaces between unknown individuals can be shaped effectively. The proposed model not only offers a better description of human sense of trust when considering communities, but also provides the setting for evaluating the trust of individuals whom we do not know, and therefore provides an extended evaluation domain.
Z. Derakhshandeh; B. Tork Ladani
Abstract
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access ...
Read More
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new independent formal model called Constrained Policy Graph (CPG) for specification of ACPs and their composition as well as verification of conflict or incompatibility among the ACPs is represented. It is shown how CPG can be used in modeling and verification of web service composition ACPs. Also the application of CPG for modeling policies in BPEL processes -as the most common composition method for web services- is illustrated.