PTM is a novel decentralised model to manage trust relationships between peers, designed to open and dynamic environments. Similar to PGP, it can be used to provide security services such as key management and authentication. PTM allows devices with restricted capabilities to manage their own security in a little costly way . This model does not assume the existence of previous trust relationships or a deployed infrastructure, but if they exist, then it could make use of them.
PTM models both trustworthiness and untrustworthiness, because these are very important in open environments. It models both concepts using fuzzy logic because it enables us more granularity than boolean logic or deterministic values. The trust information is shared between peers using a recommendation protocol suited for ad-hoc networks. Finally, PTM models the evolutionary nature of the trust, being a dynamic model.
Devices with scarce security support can use PTM to enhance their security services, in order to participate in a secure way in ad-hoc networks, peer-to-peer applications, etc. In this way, devices with restricted capabilities (i.e. mobile phone, PDAs, etc.) can also act as a secure peer, not only as a secure client.
This page presents a prototype implementation of the PTM model in J2ME Personal Profile. It is supported by the cryptographic library, OpenSSL. This implementation has been tested in Linux, Windows, and Windows CE.
|