TY - GEN
T1 - Enhancement of critical financial infrastructure protection using trust management
AU - Elshaafi, Hisain
AU - McGibney, Jimmy
AU - Mulcahy, Barry
AU - Botvich, Dmitri
PY - 2011
Y1 - 2011
N2 - Providing protection to the financial infrastructure in the face of faults and malevolent attacks is vital to the stability, availability, and continuity of key financial markets and businesses worldwide. Traditional protection approaches have focused on protecting individual financial institutions (FIs) while ignoring the threats arising from cross-domain interactions as well as those originating from other critical infrastructures. With the growing complexity of inter-organisational boundaries and their increasing interdependence, such isolated approaches are no longer adequate. However, sharing information between FIs relating to critical events and the reliance on others' quality of service attributes such as security requires varying levels of trust between them depending on the requirements of each individual FI and the sensitivity of exchanged information. This paper describes a trust management system developed to allow the evaluation, monitoring, and management of trustworthiness levels of FIs exchanging critical events and information. Trustworthiness levels are used to assure FIs of the reliability of each other and to filter events and data being processed. The system introduces a novel reusable architecture that allows flexibility and extensibility of trust metrics and trust algorithms.
AB - Providing protection to the financial infrastructure in the face of faults and malevolent attacks is vital to the stability, availability, and continuity of key financial markets and businesses worldwide. Traditional protection approaches have focused on protecting individual financial institutions (FIs) while ignoring the threats arising from cross-domain interactions as well as those originating from other critical infrastructures. With the growing complexity of inter-organisational boundaries and their increasing interdependence, such isolated approaches are no longer adequate. However, sharing information between FIs relating to critical events and the reliance on others' quality of service attributes such as security requires varying levels of trust between them depending on the requirements of each individual FI and the sensitivity of exchanged information. This paper describes a trust management system developed to allow the evaluation, monitoring, and management of trustworthiness levels of FIs exchanging critical events and information. Trustworthiness levels are used to assure FIs of the reliability of each other and to filter events and data being processed. The system introduces a novel reusable architecture that allows flexibility and extensibility of trust metrics and trust algorithms.
KW - financial critical infrastructure
KW - protection
KW - semantic room
KW - trust management
UR - http://www.scopus.com/inward/record.url?scp=79960286727&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-22365-5_19
DO - 10.1007/978-3-642-22365-5_19
M3 - Conference contribution
AN - SCOPUS:79960286727
SN - 9783642223648
T3 - Communications in Computer and Information Science
SP - 156
EP - 165
BT - Secure and Trust Computing, Data Management, and Applications, STA 2011 Workshops
Y2 - 28 June 2011 through 30 June 2011
ER -