Agent approaches to Security, Trust and Privacy in Pervasive Computing Anupam Joshi joshi@cs.umbc.edu http://www.cs.umbc.edu/~joshi/ The Vision • Pervasive Computing: a natural extension of the present human computing life style • Using computing technologies will be as natural as using other non-computing technologies (e.g., pen, paper, and cups) • Computing services will be available anytime and anywhere. Pervasive Computing “The most profound technologies are those that disappear. They weave themselves into the fabric of everyday life until they are indistinguishable from it ” – Mark Weiser Think: writing, central heating, electric lighting, … Not: taking your laptop to the beach, or immersing yourself into a virtual reality Today: Life is Good. Tomorrow: We Got Problems! The Brave New World • Devices increasingly more {powerful ^ smaller ^ cheaper} • People interact daily with hundreds of computing devices (many of them mobile): • • • • • • Cars Desktops/Laptops Cell phones PDAs MP3 players Transportation passes Computing is becoming pervasive Securing Data & Services • Security is critical because in many pervasive applications, we interact with agents that are not in our “home” or “office” environment. • Much of the work in security for distributed systems is not directly applicable to pervasive environments • Need to build analogs to trust and reputation relationships in human societies • Need to worry about privacy! An early policy for agents 1 A robot may not injure a human being, or, through inaction, allow a human being to come to harm. 2 A robot must obey the orders given it by human beings except where such orders would conflict with the First Law. 3 A robot must protect its own existence as long as such protection does not conflict with the First or Second Law. -- Handbook of Robotics, 56th Edition, 2058 A.D. On policies, rules and laws • The interesting thing about Asimov’s laws were that robots did not always strictly follow them. • This is a point of departure from more traditional “hard coded” rules like DB access control, and OS file permissions • For autonomous agents, we need policies that describe “norms of behavior” that they should follow to be good citizens. • So, it’s natural to worry about issues like • When an agent is governed by multiple policies, how does it resolve conflicts among them? • How can we define penalties when agents don’t fulfill their obligations? • How can we relate notions of trust and reputation to policies? The Role of Ontologies We will require shared ontologies to support this framework • A common ontology to represent basic concepts: agents, actions, permissions, obligations, prohibitions, delegations, credentials, etc. • Appropriate shared ontologies to describe classes, properties and roles of people and agents, e.g., • “any device owned by TimFinin” • “any request from a faculty member at ETZ” • Ontologies to encode policy rules ad-hoc networking technologies • Ad-hoc networking technologies (e.g. Bluetooth) • Main characteristics: • Short range • Spontaneous connectivity • Free, at least for now • Mobile devices • Aware of their neighborhood • Can discover others in their vicinity • Interact with peers in their neighborhood • inter-operate and cooperate as needed and as desired • Both information consumers and providers Ad-hoc mobile technology challenges the traditional client/server information access model pervasive environment paradigm • Pervasive Computing Environment 1. Ad-Hoc mobile connectivity • Spontaneous interaction 2. Peers • Service/Information consumers and providers • Autonomous, adaptive, and proactive 3. “Data intensive” “deeply networked” environment • Everyone can exchange information • Data-centric model • Some sources generate “streams” of data, e.g. sensors Pervasive Computing Environments motivation – conference scenario • Smart-room infrastructure and personal devices can assist an ongoing meeting: data exchange, schedulers, etc. imperfect world • In a perfect world • • everything available and done automatically In the real world • Limited resources • Battery, memory, computation, connection, bandwidth Must live with less than perfect results • Dumb devices Must explicitly be told What, When, and How • • “Foreign” entities and unknown peers So, we really want Smart, autonomous, dynamic, adaptive, and proactive methods to handle data and services… Securing Ad-Hoc Networks • MANETs underlie much of pervasive computing • They bring to fore interesting problems related to • Open • Dynamic • Distributed Systems • Each node is an “independent, autonomous” router • Has to interact with other nodes, some never seen before. • How do you detect bad guys ? “Network Level : Good Neighbor” • Ad hoc network • Node A sends packet destined for E, through B. • B and C make snoop entry (A,E,Ck,B,D,E). • B and C check for snoop entry. • Perform Misroute A E B D C “Good Neighbor” • • • • • No Broadcast Hidden terminal Exposed terminal DSR vs. AODV GLOMOSIM A E B D C Intrusion Detection • Behaviors • Selfish • Malicious • Detection vs. Reactions • Shunning bad nodes • Cluster Voting • Incentives (Game Theoretic) • Colluding nodes • Forgiveness Simulation in GlomoSim • Passive Intrusion Detection • Individual determination • No results forwarding • Active Intrusion Detection • Cluster Scheme • Voting • Result flooding GlomoSim Setup • 16 nodes communication • 4 nodes sources for 2 CBR streams • 2 nodes pair CBR streams • Mobility 0 – 20 meters/sec • Pause time 0 – 15s • No bad nodes Simulation Results Preliminary Results • Passive • False alarm rate > 50% • Throughput rate decrease < 3% additional • Active • False alarm rate < 30% • Throughput rate decrease ~ 25% additional challenges – is that all? (1) 1. Spatio-temporal variation of data and data sources • • • • • All devices in the neighborhood are potential information providers Nothing is fixed No global catalog No global routing table No centralized control • However, each entity can interact with its neighbors • • By advertising / registering its service By collecting / registering services of others challenges – is that all? (2) 2. Query may be explicit or implicit, but is often known up-front • Users sometimes ask explicitly • • e.g. tell me the nearest restaurant that has vegetarian menu items The system can “guess” likely queries based on declarative information or past behavior • e.g. the user always wants to know the price of IBM stock challenges – is that all? (3) 3. Since information sources are not known a priori, schema translations cannot be done beforehand • Resource limited devices so hope for common, domain specific ontologies • Different modes: • • • Device could interact with only such providers whose schemas it understands Device could interact with anyone, and cache the information in hopes of a translation in the future. Device could always try to translate itself • Prior work in Schema Translation, Ongoing work in Ontology Mapping. challenges – is that all? (4) 4. Cooperation amongst information sources cannot be guaranteed • Device has reliable information, but makes it inaccessible • Devices provides information, which is unreliable • Once device shares information, it needs the capability to protect future propagation and changes to that information challenges – is that all? (5) • Need to avoid humans in the loop • Devices must dynamically "predict" data importance and utility based on the current context • The key insight: declarative (or inferred) descriptions help • Information needs • Information capability • Constraints • Resources • Data • Answer fidelity • Expressive Profiles can capture such descriptions 4. our data management architecture MoGATU • Design and implementation consists of • Data • Metadata • Profiles • Entities • • • • Communication interfaces Information Providers Information Consumers Information Managers MoGATU – metadata • Metadata representation • To provide information about • Information providers and consumers, • Data objects, and • Queries and answers • To describe relationships • To describe restrictions • To reason over the information Semantic language • DAML+OIL / DAML-S • http://mogatu.umbc.edu/ont/ MoGATU – profile • Profile • User – preferences, schedule, requirements • Device – constraints, providers, consumers • Data – ownership, restriction, requirements, process model • Profiles based on BDI models • Beliefs are “facts” • about user or environment/context • Desires and Intentions • higher level expressions of beliefs and goals • Devices “reason” over the BDI profiles • Generate domains of interest and utility functions • Change domains and utility functions based on context MoGATU – information manager (8) • Problems • Not all sources and data are correct/accurate/reliable • No common sense • Person can evaluate a web site based on how it looks, a computer cannot • No centralized party that could verify peer reliability or reliability of its data • Device is reliable, malicious, ignorant or uncooperative • Distributed Belief • Need to depend on other peers • Evaluate integrity of peers and data based on peer distributed belief • Detect which peer and what data is accurate • Detect malicious peers • Incentive model: if A is malicious, it will be excluded from the network… MoGATU – information manager (9) • Distributed Belief Model • Device sends a query to multiple peers • Ask its vicinity for reputation of untrusted peers that responded to the query • Trust a device only if trusted before or if enough of trusted peers trust it… • Use answers from (recommended to be) trusted peers to determine answer • Update reputation/trust level for all devices that responded • A trust level increases for devices that responded according to final answer • A trust level decreases for devices that responded in a conflicting way • Each devices builds a ring of trust… A: B, where is Bob? A: C, where is Bob? A: D, where is Bob? B: A, Bob is home. D: A, Bob is home. C: A, Bob is at work. A: B: Bob at home, C: Bob at work, D: Bob at home A: I have enough trust in D. What about B and C? B: I am not sure. C: I always do. F: I do. E: I don’t. A: Do you trust C? D: I don’t. A: I don’t care what C says. I don’t know enough about B, but I trust D, E, and F. Together, they don’t trust C, so won’t I. B: I do. C: I never do. F: I am not sure. E: I do. A: Do you trust B? D: I am not sure. A: I don’t care what B says. I don’t trust C, but I trust D, E, and F. Together, they trust B a little, so will I. A: I trust B and D, both say Bob is home… A: Bob is home! A: Increase trust in B. A: Decrease trust in C. A: Increase trust in D. MoGATU – information manager (10) • Distributed Belief Model • Initial Trust Function • Positive, negative, undecided • Trust Learning Function • Blindly +, Blindly -, F+/S-, S+/F-, F+/F-, S+/S-, Exp • Trust Weighting Function • Multiplication, cosine • Accuracy Merging Function • Max, min, average experiments • Primary goal of distributed belief • Improve query processing accuracy by using trusted sources and trusted data • Problems • Not all sources and data are correct/accurate/reliable • No centralized party that could verify peer reliability or reliability of its data • Need to depend on other peers • No common sense • Person can evaluate a web site based on how it looks, a computer cannot • Solution • Evaluate integrity of peers and data based on peer distributed belief • Detect which peer and what data is accurate • Detect malicious peers • Incentive model: if A is malicious, it will be excluded from the network… experiments • Devices • • • • Reliable (Share reliable data only) Malicious (Try to share unreliable data as reliable) Ignorant (Have unreliable data but believe they are reliable) Uncooperative (Have reliable data, will not share) • Model • Device sends a query to multiple peers • Ask its vicinity for reputation of untrusted peers that responded to the query • Trust a device only if trusted before or if enough of trusted peers trust it… • Use answers from (recommended to be) trusted peers to determine answer • Update reputation/trust level for all devices that responded • A trust level increases for devices that responded according to final answer • A trust level decreases for devices that responded in a conflicting way experimental environment • HOW: • • Mogatu and GloMoSim Spatio-temporal environment: • 150 x 150 m2 field • 50 nodes • Random way-point mobility • AODV • Cache to hold 50% of global knowledge • Trust-based LRU • 50 minute each simulation run • 800 questions-tuples • • Each device 100 random unique questions Each device 100 random unique answers not matching its questions • Each device initially trusts 3-5 other devices experimental environment (2) • Level of Dishonesty • • 0 – 100% Dishonest device • Never provides an honest answer • Honest device • Best effort • Initial Trust Function • • Trust Learning Function • • Multiplication, cosine Accuracy Merging Function • • Blindly +, Blindly -, F+/S-, S+/F-, F+/F-, S+/S-, Exp Trust Weighting Function • • Positive, negative, undecided Max, min, avg Trust and Distrust Convergence • How soon are dishonest devices detected results • Answer Accuracy vs. Trust Learning Functions • Answer Accuracy vs. Accuracy Merging Functions • Distrust Convergence vs. Dishonesty Level Answer Accuracy vs. Trust Learning Functions • The effects of trust learning functions with an initial optimistic trust for environments with varying level of dishonesty. • The results are shown for ∆++, ∆--, ∆s, ∆f, ∆f+, ∆f-, and ∆exp learning functions. Answer Accuracy vs. Trust Learning Functions (2) • The effects of trust learning functions with an initial pessimistic trust for environments with varying level of dishonesty. • The results are shown for ∆++, ∆--, ∆s, ∆f, ∆f+, ∆f-, and ∆exp learning functions. Answer Accuracy vs. Accuracy Merging Functions • The effects of accuracy merging functions for environments with varying level of dishonesty. The results are shown for • • • (a) MIN using only-one (OO) final answer approach (b) MIN using {\it highest-one} (HO) final answer approach (c) MAX + OO, (d) MAX + HO, (e) AVG + OO, and (f) AVG + HO. Distrust Convergence vs. Dishonesty Level • Average distrust convergence period in seconds for environments with varying level of dishonesty. • The results are shown for ∆++, ∆--, ∆s, and ∆f trust learning functions with an initial optimal trust strategy and for the same functions using an undecided initial trust strategy for results (e-h), respectively. http://ebiquity.umbc.edu/