NUST Institutions Library Catalogue

Pervasive compudng is characteri zedbylarge numbers of roaming entities and sence of the ab_ a globally available fixed infrastructure. In such an environment entities need to collaborate with little known or even unknown entities. In traditional environments with clearly defined administrative boundaries security decisions are usuarly deregated to a centralized administrative authority. In the pervasive computing environment no single entity can play this role, entities are required to make their own security deci- sions and as a result traditional techniques are not an option. Human notion of trust enables human societies to collaborate and interact based on personar and shared ex- periences' Thus a security model based on the real worrd characteristics of trust can provide the internal security for autonomous compudng devices embedded in pervasive environment before taking action, despite uncertainty and inadequate information. The work presents an adaptive trust and recommendation based access control model based on human nodon of trust. The proposed model provides support to calculate di_ rect as well as indirect trust based on recommendations. It handles situations (by itserf both in which the requesting entity has a past experience with the service and a stranger entity requesting to access the service without any past interaction with the service. A mathematical formula together with adaptabre security poricies is introduced to handle malicious strategic attack in direct trust computation. The moder encompasses the ab,- ity to reason human cognitive behavior and has the capability to adjust in accordance with behavioral pattern changes. The performance of indirect trust computation models (based on recommendations) can be easily compromised due to the subjective and social-based prejudice of the pro_ vided recommendations' Eradicating the influence of such recommendation remains an important and challenging issue in indirect trust computation models. An effective model for indirect trust computation is also proposed which is capabre of identifying dation (rather than credibility of recommender) using fiuzy inference engine is also proposed to determine the influence of each honest recommendation. The proposed model has been compared with other existing evolutionary recommendation models in this field, and it is shown that the model is more accurate in measuring the trustworthiness of unknown entity. An XML-over-UDP based recommendation exchange protocol to share recommendation information between smart devices, is also outlined to complement the model. Implementation of the proposed model on android smart phone using OSGi is presented to demonstrate the effectiveness of the protocol in pervasive computing environment. Experimental results demonstrate that using HTTP or TCP for recommendation exchange between smart devices in wireless environment lead to signiflcantly higher overhead as compared to XML-over-UDP. In general, our research work presents a comprehensive framework for secure trust based access control that will augment future research towards real world implementation of pervasive computing environment.