nodes, which are then used as an inherent aspect in predicting future behaviour. This ap- proach is based on a Bayesian formulation, specifically a beta reputation system [62], for the algorithm steps of reputation representation, updates, integration and trust evolution. Overall, reputation-based trust management are employed in WSNs to deal with malicious and unreliable nodes based on first and second hand information from the neighbours.
Based on the above discussion, most of the trust schemes in WSNs are using weight factors, so that the direct trust or recent trust can be given more weight in the overall trust calculation. Direct trust, indirect trust and trust that based on QoS characteristics are com- monly used in trust calculations of sensor nodes to check whether the nodes are trustworthy or untrustworthy based on Bayesian network, Naive Bayes and geometric mean. Regarding the above facts, there is no existing trust model that evaluates trust based on users’ behaviour information. This means that none of the existing trust models can be readily related to the decision-making process in the access control engine. The evaluation of trust for users based on their behaviour information is significant in forming a trustworthy network and is a new research issue in WSNs. Therefore, we propose a user behaviour trust model to use in WSNs and WMSNs in order to measure behaviour trust of the user from the system perspective to enhance access decisions. Unlike existing trust models in WSNs, the proposed model is aimed at calculating the trust value of each user regarding whether the users are trustworthy or untrustworthy, based on highly dynamic characteristics of their behaviour information.
7.3 A User Behaviour Trust Model
A user behaviour trust model that uses current user behaviour information and previous trust values to calculate user trustworthiness from the system perspective is proposed and intro- duced in WSNs. The current trust value is the geometric mean [88] of information obtained from the user’s current access requests to an object, such as user’s role, location and time. The main reason of using the geometric mean is that it compares different attributes - find- ing a single “figure of merit” for these attributes - when each attribute has different numeric ranges. The concept of using geometric mean to calculate the direct trust based on QoS characteristics of a sensor node for routing management [124] motivates us to reproduce a simple calculation for current trust evaluation based on a user’s behaviour information such as the role and the contextual information from the access request. The user’s behaviour information can be considered as user’s characteristic and calculated based on geometric
76 A Simple User Behaviour Trust Model
Fig. 7.1 Overview of the Trust Model
mean formula. The geometric mean equation can be seen as follow:
(
n
∏
i=1ai)1n =√an 1∗ a2∗ ... ∗ an (7.1)
For the previous trust value, the total trust value of the user from the previous transaction is used. This means that the total trust value of users does not rely completely on the evaluation of current trust. The traditional weighting approach [91] is used to calculate the total trust value of a user based on the current trust and the previous trust. The weight factor is commonly used in the trust calculation, so that the recent behaviour characteristics can be given more weight in the overall trust calculation. If total behaviour trust value is higher than the defined threshold, the user is trustworthy enough to perform an action on a certain object. When it goes under the defined threshold, the user becomes an untrustworthy person and the system may decline his access to a specific object. An overview of the user behaviour trust model can be seen in Figure 7.1. There are three sub-modules: current trust, previous trust and total trust.
7.3 A User Behaviour Trust Model 77
7.3.1 Current Behaviour Trust Value (T
cur)
A user’s behaviour information (such as the role and the contextual information from the access request) is used to calculate the current trust value of the user. The formula for the evaluation of current behaviour trust based on geometric mean is shown below:
Tcur = ( n
∏
i=1 ai)1n (7.2) where, n = Number of Attributes a = AttributeBased on the user’s behaviour information (such as location, role and time), the above equation is substituted as follow:
Tcur=√3
TLo∗ TRo∗ TTi (7.3)
where,
Tcur = Current Trust Value TLo = Trust Value for Location TRo= Trust Value for User’s Role TTi = Trust Value for Time Range
Equation 7.3 shows that the current behaviour trust value is evaluated based on three different attributes: location; user’s role; and user’s time range. Each attribute has a defined value between 1 and 4 because we consider three different conditions in the proposed model. The defined value of each attribute is evaluated differently. Based on the geometric mean, the maximum value of current behaviour trust can be up to 4 and the lowest value can be 1. In the proposed model, the physical location of a user (location of subject), which de- partment that user is from (department of subject) and where is the targeted data that the user tries to access (department of object) are considered as the evaluation criteria for the location attribute. Table 7.2 represents an example data set to evaluate the trust value of location for a user.
78 A Simple User Behaviour Trust Model
Department of Subject Department of Object Location of Subject TLo
A A A 4
A A B 3
A B A 2
A B B 1
Table 7.2 An Evaluation Criteria for Location Attribute
Based on Table 7.2, if the department of the subject, the location of the subject and the department of the object are the same (in this case “A” department), the trust value of lo- cation for a user is defined as 4 that is a maximum value. If the user works in department “A” and tries to access data which stores the same department “A” but his actual location is from another department (“B”), his trust value is set as 3. If the object is stored in “B” department but both department of subject and location of subject are from “A” department, the trust value is defined as 2 because the user tries to access data which is stored in the dif- ferent department. In last case, the trust value of location for a user is the lowest 1 when the location of subject and the department of object are different compared to the department of the subject.
The defined trust value for a user’s role is reflected based on their responsibility and duty. For the doctor, the trust value for user’s role is set as 4 but for the nurses, it is defined as 2. The trust value can be different for other roles (such as administration staff, laboratory staff, etc.) but we only consider doctors’ and nurses’ roles. In general, if the current user’s time range is within the system defined time frame, the trust value of the time criteria TTi
is set between 1 to 4. In a medical application, some users work in the daytime and some in the night time. Therefore, the defined trust value for time criteria can change based on users’ working schedule or time framework. Example conditions for time criteria can be seen in Table 7.3. Ti TTi 12 ≤ Ti < 18 4 6 ≤ Ti < 12 3 18 ≤ Ti < 24 2 0 ≤ Ti < 6 1
7.3 A User Behaviour Trust Model 79 Based on the above discussion, the evaluation for each criterion is considered separately based on the requirements of the application for the current behaviour trust. The proposed current trust module can easily be extended with additional attributes for extra criteria for evaluation of trust.
7.3.2 Previous Trust Value (T
pre)
In the proposed model, the previous trust value is used as one of the supporting factors for total trust evaluation when the user requests at the next attempt. The user trust values from the previous transactions are used as the previous trust value of the users. Tpreis equivalent
to the total trust value of users from the previous transactions.
7.3.3 Total Trust Value (T
total)
The total behaviour trust value checks whether the user is trustworthy or untrustworthy to perform some actions based on his or her current and previous behaviour trust values. The total trust value is a function of current and previous trust values. The proposed model also uses the traditional weighting approach as in [91], [8] to combine current and previous trust to form the total trust per relation in the system, as shown in equation 7.4.
Ttotal(n) = ( α * Tcur(n)) + ( β* Tpre(n)) (7.4) where,
Ttotal(n) = Total Trust Value of the nth Transaction
Tcur(n) = Current Trust Value of the nth Transaction
Tpre(n) = Previous Trust Value of the nth Transaction
α = Constant Weighting Factor ( 0 ≤ α ≤ 1 ) to the current trust β = Constant Weighting Factor ( 1 - α ) to the previous trust
α is a weighting given to the current trust and β to the previous trust where α + β = 1 and 0 ≤ α, β ≤ 1. Weights can be assigned using different approaches. Depending on the application, sometimes the current trust may be given more weight and the previous trust may be given less weight i.e. α > β , and vice-versa. Additionally, the traditional weighting approach is commonly used in the overall trust calculation in WSNs regarding direct and indirect trust. If there is no previous behaviour trust, the current behaviour trust value is used as the total behaviour trust value. Based on the evaluation of the total behaviour trust
80 A Simple User Behaviour Trust Model value of a user, the levels of trustworthiness can be expressed as follows:
• A user is trustworthy if Ttotal≥ Tthreshold
• A user is untrustworthy if Ttotal<Tthreshold
Currently, a simple method is used to differentiate whether a user is trustworthy or un- trustworthy based on the total trust. If the total trust value of the user is higher than or equal to the defined threshold (Tthreshold) which is 2.5 based on the arithmetic mean3[31] of previ-
ous trust and current trust, he is a trustworthy person, but when the total trust value is under the defined threshold, that person is deemed an untrustworthy person. After the evaluation of total behaviour trust value for that user, that value will be forwarded to the access control module for decisions regarding data access. Using behaviour trust values can enhance the decision-making process at the access control module. The behaviour trust module assists the decision-making process regarding whether the user is trustworthy or un-trustworthy to perform some actions in the specific targeted objects.