Countering Threats in Decentralized Systems using Reputation-Based Trust Models

Abstract:

Open decentralized applications, such as decentralized auctioning, can contain malicious entities that execute attacks on other entities in the system. In the absence of a centralized authority that can help regulate the entry of these malicious entities and help protect against their attacks, each entity must itself adopt protective measures. Trust management has been found to serve as a potential countermeasure and has, therefore, received increasing attention from researchers.

My talk will focus on two shortcomings of existing research on trust management. The first is the lack of a framework that can help designers decide what trust model should be adopted for a particular application. To address this need, I have developed SIFT, a simulation-based framework that analyzes reputation-based trust models under different application settings and threat scenarios. SIFT simulation results help highlight the interplay between trust and application settings, point at refinements to existing trust models, and guide the design of a suitable trust model for a given setting.

Once a suitable trust model is chosen, it needs to be integrated within the application to leverage its benefits. However, existing research does not provide systematic guidance on how to do this. To address this second shortcoming, I have developed PACE, a software architectural style that guides the construction of trust-enabled decentralized entities. PACE includes guidelines and constraints that inform an application designer how to incorporate a trust model within the architecture of each entity so that the entity can address potential threats. PACE has been shown to be applicable to multiple domains and multiple trust models. I have also developed a tool along with reusable PACE components that help support application development in the PACE style.

Bio:

Girish Suryanarayana is currently a post-doctoral researcher at the Institute for Software Research at University of California, Irvine. His research interests include software architectures, decentralized peer-to-peer systems, and trust and reputation management systems. He received his Ph.D. in Information and Computer Science from the University of California Irvine in 2007, his M.S. in Information and Computer Science from the University of California Irvine in 2001, and his B.E. in Electrical and Electronics Engineering from the Birla Institute of Technology and Science, Pilani, India in 1999.