Confianza de grupo en sistemas distribuidos y sus relaciones con la seguridad de la información y la ciberseguridad

Abstract

This thesis describes aspects regarding trust, reputation, information security and cyber security as connected subjects. It is the belief of this research that without trust it is not possible to address security in computational systems properly. One fundamental aspect is to use information systems or to rely on them. One must trust the technology involved and consequently the entire system, without even knowing it in the rst place. Due to human characteristics, there is the tendency to trust that systems will keep our data secure. However, one basic problem is that trust and reputation deals with subjective evaluations. In many situations, information systems nowadays have distributed support. It means that there are a lot of parts that connect everything together, which is unknown to the ordinary users. Depending on the technology, it is even unknown to systems administrators when it comes to for example clusters, cloud and peer-to-peer systems. Considering the rst area of research - trust - from the perspective of this work, a group trust model for distributed systems is presented as an extension applied to conventional trust and reputation mechanisms, extension developed considering groups, which is herein de ned as a collection of entities with particular a nities and capabilities. Broadening this perspective, the formation of groups is very common, but very few trust and reputation models studied deal with trust in the perspective of a collection of entities with common a nities. Thus, group trust is a way of representing the set of trust and reputation of their particular members. One aspect to be aware of is the fact that this set has pre-de ned activities and common objectives....This thesis describes aspects regarding trust, reputation, information security and cyber security as connected subjects. It is the belief of this research that without trust it is not possible to address security in computational systems properly. One fundamental aspect is to use information systems or to rely on them. One must trust the technology involved and consequently the entire system, without even knowing it in the rst place. Due to human characteristics, there is the tendency to trust that systems will keep our data secure. However, one basic problem is that trust and reputation deals with subjective evaluations. In many situations, information systems nowadays have distributed support. It means that there are a lot of parts that connect everything together, which is unknown to the ordinary users. Depending on the technology, it is even unknown to systems administrators when it comes to for example clusters, cloud and peer-to-peer systems. Considering the rst area of research - trust - from the perspective of this work, a group trust model for distributed systems is presented as an extension applied to conventional trust and reputation mechanisms, extension developed considering groups, which is herein de ned as a collection of entities with particular a nities and capabilities. Broadening this perspective, the formation of groups is very common, but very few trust and reputation models studied deal with trust in the perspective of a collection of entities with common a nities. Thus, group trust is a way of representing the set of trust and reputation of their particular members. One aspect to be aware of is the fact that this set has pre-de ned activities and common objectives....