Enhancing role-based trust management with a reputation system for MANETs

  • PDF / 718,937 Bytes
  • 14 Pages / 595.28 x 793.7 pts Page_size
  • 77 Downloads / 180 Views

DOWNLOAD

REPORT


RESEARCH

Open Access

Enhancing role-based trust management with a reputation system for MANETs Rehan Akbani and Turgay Korkmaz*

Abstract We start with role-based trust management (RBTM) and address some of the challenges associated with using RBTM in mobile ad hoc networks (MANETs). We then enhance RBTM with reputation systems (RSs), and propose a new hybrid trust management system (HTMS). In HTMS, the privilege level of an entity is determined not only by its role in the system, but also by its reputation score, which in turn is based on its behavior. If a privileged node becomes compromised and conducts several malicious or risky transactions, then its privilege level is quickly reduced to limit its access to resources and minimize the damage it can inflict further. The system uses a global, network-wide perspective to thwart global attacks. Such fine-grained variations of access control and dynamically assigning privilege levels would be very difficult to accomplish manually. We evaluated HTMS by comparing an implementation of it against an ideal response. We show that HTMS performs very close to the ideal if we can accurately estimate the proportion of malicious nodes in the network. We suggest using sampling to estimate this proportion. However, even if this estimate is not accurate, the results are still much better than using RBTM by itself. EDICS: SYS-ARCH; SYS-PROT; FOR-DETE; SYS-INTR. Keywords: MANETs, trust management, access control, machine learning

I. Introduction A typical organization may have many resources, and entities which want to access those resources. For example, in a military setting, there may be resources, such as battle plans, communication systems, surveillance equipment, and weapons systems that may need to be accessed by different personnel at different times. Not all the personnel are granted full access rights to every resource, and so there must be a trust management system (TMS) in place to perform access control. However, it is cumbersome to enforce access rights based merely on an entity’s username. Every resource would need to have a database of usernames that are allowed to access it, along with authentication mechanisms to verify the authenticity of usernames provided by users. Making changes to a person’s access rights would be a daunting task as every resource that the person accesses would need to have its database updated. Furthermore, having separate databases and authentication mechanisms for * Correspondence: [email protected] Department of Computer Science, University of Texas at San Antonio, San Antonio, TX 78249, USA

each resource makes an attacker’s task easier by providing him or her with more potential points of entry. In response to overcoming some of the challenges in access control, Li et al. introduced role-based trust management (RBTM) [1]. In essence, RBTM combines the merits of some earlier studies by merging the concept of Roles from RBAC (role based access control) [2] with trust management [3], so that entities are granted access to resources ba