Developing a Reference Framework for Cybercraft Trust Evaluation - Shannon E M Hunt

. .

Résumé :
It should be no surprise that Department of Defense (DoD) and U.S. Air Force (USAF) networks are the target of constant attack. As a result, network defense remains a high priority for cyber warriors. On the technical side, trust issues for a comprehensive end-to-end network defense solution are abundant and involve multiple layers of complexity. The Air Force Research Labs (AFRL) is currently investigating the feasibility of a holistic approach to network defense, called Cybercraft. We envision Cybercraft to be trusted computer entities that cooperate with other Cybercraft to provide autonomous and responsive network defense services. A top research goal related to Cybercraft centers around how we may examine and ultimately prove features related to this root of trust. In this work, we investigate use-case scenarios for Cybercraft operation with a view towards analyzing and expressing trust requirements inherent in the environment. Based on a limited subset of functional requirements for Cybercraft in terms of their role, we consider how current trust models may be used to answer various questions of trust between components. We characterize generic model components that assist in answering questions regarding Cybercraft trust and pose relevant comparison criteria as evaluation points for various (existing) trust models. The contribution of this research is a framework for comparing trust models that are applicable to similar network-based architectures. Ultimately, we provide a reference evaluation framework for how (current and future) trust models may be developed or integrated into the Cybercraft architecture....