CT-ISG: A Software Architecture Approach for Decentralized Reputation Management
University Of California-Irvine, Irvine CA
Investigators
Abstract
Decentralized systems are characterized by the absence of a single central coordinating authority responsible for making system-wide decisions and controlling the behavior of participant entities in the system. Each participant makes local autonomous decisions towards its individual goals which may potentially conflict with those of other participants. Open decentralized systems do not regulate the entry of participants into the system, potentially exposing the system to participants with malicious goals. In the absence of a controlling authority, each decentralized participant must take upon itself the responsibility of safeguarding itself against such attacks. Trust relationships based on reputation of participants can serve as important constituents in countermeasures against such attacks. A participant accumulates trust related information, analyzes the information, and builds trust relationships with other participants. These established trust relationships can be used to determine who can be trusted during future ensuing interactions. Substantial effort has been devoted to developing decentralized reputation management systems. However, the existing literature has two major shortcomings. First, it has not directly addressed how such reputation management systems can be designed and developed in the context of an application. The underlying issue is that from a software engineering perspective, we lack a fundamental understanding of how all these components should be put together in a networked decentralized environment to provide a stable and secure system capable of withstanding security attacks. Second, there has been insufficient work directed at evaluating whether existing models effectively address critical threats. In addition, there has also been no comprehensive study of how a reputation model can be designed to counter various kinds of security attacks. The fundamental problem is that from a security perspective, there is a lack of both theoretical and empirical insights on how a reputation model can help detect, protect, and resist against attacks launched by a malicious participant or a group of colluding malicious participants. Building on prior work, and drawing insights from a host of domains such as security, trust management, and software architecture, the project will create a comprehensive software architecture-based approach to engineering secure decentralized applications. The investigation of new modeling constructs, reasoning techniques, design principles and supporting tools will be conducted in three phases: theoretical analysis, development and assessment of guidelines, techniques, and tools through prototyping, and finally scalability and robustness assessment through simulation. Broader impacts will include influencing how large decentralized systems are built as well as educational curriculum.
View original record on NSF Award Search →