Analysis of system trustworthiness based on information flow noninterference theory

The trustworthiness analysis and evaluation are the bases of the trust chain transfer. In this paper the formal method of trustworthiness analysis of a system based on the noninterfer- ence （NI） theory of the information flow is studied. Firstly, existing methods cannot analyze the impact of the system states on the trustworthiness of software during the process of trust chain trans- fer. To solve this problem, the impact of the system state on trust- worthiness of software is investigated, the run-time mutual interfer- ence behavior of software entitles is described and an interference model of the access control automaton of a system is established. Secondly, based on the intransitive noninterference （INI） theory, a formal analytic method of trustworthiness for trust chain transfer is proposed, providing a theoretical basis for the analysis of dynamic trustworthiness of software during the trust chain transfer process. Thirdly, a prototype system with dynamic trustworthiness on a plat- form with dual core architecture is constructed and a verification algorithm of the system trustworthiness is provided. Finally, the monitor hypothesis is extended to the dynamic monitor hypothe- sis, a theorem of static judgment rule of system trustworthiness is provided, which is useful to prove dynamic trustworthiness of a system at the beginning of system construction. Compared with previous work in this field, this research proposes not only a formal analytic method for the determination of system trustworthiness, but also a modeling method and an analysis algorithm that are feasible for practical implementation.

Access Request Trustworthiness in Weighted Access Control Framework

Weighted factor is given to access eontrol policies to express the importanceof policy and its effect on access control decision. According to this weighted access controlframework, a trustworthiness model for aceess request is also given. In this model, we give themeasure of trustworthiness factor to access request- by using some idea of uncertainty reasoning ofexpert system, present and prove the parallel propagation formula of request trustworthiness factoramong multiple policies, and get thefinal trustworthiness factor to decide whether authorizing. Inthis model, authorization decision is given according to the calculation of request trustworthinessfactor, which is more understandable, more suitable for real requirement and more powerfulforsecurity enhancement than traditional methods. Meanwhile the finer access control granularity isanother advantage.

Component-Based Software Trustworthiness Fuzzy Analytic Hierarchy Process Model

For a more accurate and comprehensive assessment of the trustworthiness of component-based soft- ware system, the fuzzy analytic hierarchy process is introduced to establish the analysis model. Combine qualitative and quantitative analyses, the impacts to overall trustworthiness by the different types of components are distinguished. Considering the coupling relationship between components, dividing the system into several layers from target layer to scheme layer, evaluating the scheme advantages disadvantages by group decision-making, the trustworthiness of a typical J2EE structured component-based software is assessed. The trustworthiness asses model of the software components provides an effective methods of operation.

Hash Tree Based Trustworthiness Verification Mechanism in Virtual Environment

The trustworthiness of virtual machines is a big security issue in cloud computing. In this paper, we aimed at designing a practical trustworthiness mechanism in virtual environment. With the assist of a third certificate agent, the cloud user generates a trust base and extends it to its VMs. For each service running on the VM, a hash value is generated from all the necessary modules, and these hash values are organized and maintained with a specially designed hash tree whose root is extended from the user's trust base. Before the VM loads a service, the hash tree is verified from the coordinated hash value to check the trustworthiness of the service.

Reasoning about Software Trustworthiness with Derivation Trees

In order to analyze the trustworthiness of complex software systems,we propose a model of evidence-based software trustworthiness called trustworthiness derivation tree(TDT).The basic idea of constructing a TDT is to refine main properties into key ingredients and continue the refinement until basic facts such as evidences are reached.The skeleton of a TDT can be specified by a set of rules,which are convenient for automated reasoning in Prolog.We develop a visualization tool that can construct the skeleton of a TDT by taking the rules as input,and allow a user to edit the TDT in a graphical user interface.In a software development life cycle,TDTs can serve as a communication means for different stakeholders to agree on the properties about a system in the requirement analysis phase,and they can be used for deductive reasoning so as to verify whether the system achieves trustworthiness in the product validation phase.We have piloted the approach of using TDTs in more than a dozen real scenarios of software development.Indeed,using TDTs helped us to discover and then resolve some subtle problems.

Analysis of Software Trustworthiness Based on FAHP-CRITIC Method

Software trustworthiness includes many attributes.Reasonable weight allocation of trustworthy at-tributes plays a key role in the software trustworthiness measurement.In practical application,attribute weight usually comes from experts'evaluation to attributes and hidden information derived from attributes.Therefore,when the weight of attributes is researched,it is necessary to consider weight from subjective and objective as-pects.First,a novel weight allocation method is proposed by combining the fuzzy analytical hierarchy process(FAHP)method and the criteria importance though intercrieria correlation(CRITIC)method.Second,based on the weight allocation method,the trustworthiness measurement models of component-based software are estab-lished according to the seven combination structures of components.Third,the model reasonability is verified via proving some metric criteria.Finally,a case is carried out.According to the comparison with other models,the result shows that the model has the advantage of utilizing hidden information fully and analyzing the com-bination of components effectively.It is an important guide for measuring the trustworthiness measurement of component-based software.

Complexity of software trustworthiness and its dynamical statistical analysis methods

Developing trusted softwares has become an important trend and a natural choice in the development of software technology and applications. At present, the method of measurement and assessment of software trustworthiness cannot guarantee safe and reliable operations of software systems completely and effectively. Based on the dynamical system study, this paper interprets the characteristics of be- haviors of software systems and the basic scientific problems of software trustworthiness complexity, analyzes the characteristics of complexity of software trustworthiness, and proposes to study the soft- ware trustworthiness measurement in terms of the complexity of software trustworthiness. Using the dynamical statistical analysis methods, the paper advances an invariant-measure based assessment method of software trustworthiness by statistical indices, and hereby provides a dynamical criterion for the untrustworthiness of software systems. By an example, the feasibility of the proposed dynamical statistical analysis method in software trustworthiness measurement is demonstrated using numerical simulations and theoretical analysis.

Dynamical characteristics of software trustworthiness and their evolutionary complexity

Developing trusted softwares has become an important trend and a natural choice in the development of software technology and applications, and software trustworthiness modeling has become a prerequisite and necessary means. To discuss and explain the basic scientific problems in software trustworthiness and to establish theoretical foundations for software trustworthiness measurement, combining the ideas of dynamical system study, this paper studies evolutionary laws of software trustworthiness and the dynamical mechanism under the effect of various internal and external factors, and proposes dynamical models for software trustworthiness, thus, software trustworthiness can be considered as the statistical characteristics of behaviors of software systems in the dynamical and open environment. By analyzing two simple examples, the paper explains the relationship between the limit evolutionary behaviors of software trustworthiness attributes and dynamical system characteristics, and interprets the dynamical characteristics of software trustworthiness and their evolutionary complexity.

Research on Network Architecture with Trustworthiness and Controllability

In this paper, the architecture of trustworthy and controllable networks is discussed to meet arising application requirements. After reviewing the lessons and experiences of success and failure in the Internet and summarizing related work, we analyze the basic targets of providing trustworthiness and controllability. Then, the anticipant architecture is introduced. Based on the resulting design, several trustworthy and controllable mechanisms are also discussed.

Trustworthiness of Internet-based software

Recent years see an increasing concern over the trustworthiness of Internet-based software. By analyzing the trustworthiness of Internet-based software and the nature of the Internet applications, we point out that, on the one hand, due to the openness and dynamic nature of the Internet, the identity trustworthiness and the capability trustworthiness of the software are facing serious challenges; on the other hand, in order to ensure the trustworthiness of the whole system, emerging computing paradigms based on the collaboration of autonomous software need some impacts on the behavior of the software. Here we put forward a conceptual model for the trustworthiness of Internet-based software, and propose a trustworthy assurance framework for Internet-based virtual computing environment （iVCE）. This framework deals with the trustworthy properties of software on identity, capability and behavior in a combinated way. The authorization management in inter-domain computing environment, assurance on high availability of service and incentive mechanism for autonomic collaboration are taken as three core mechanisms of iVCE trustworthy assurance.

Data trustworthiness and user reputation as indicators of VGI quality

Volunteered geographic information(VGI)has entered a phase where there are both a substantial amount of crowdsourced information available and a big interest in using it by organizations.But the issue of deciding the quality of VGI without resorting to a comparison with authoritative data remains an open challenge.This article first formulates the problem of quality assessment of VGI data.Then presents a model to measure trustworthiness of information and reputation of contributors by analyzing geometric,qualitative,and semantic aspects of edits over time.An implementation of the model is running on a small data-set for a preliminary empirical validation.The results indicate that the computed trustworthiness provides a valid approximation of VGI quality.

A Unified Measurement Solution of Software Trustworthiness Based on Social-to-Software Framework

As trust becomes increasingly important in software domain, software trustworthiness--as a complex high- composite concept, has developed into a big challenge people have to face, especially in the current open, dynamic and ever-changing Internet environment. Furthermore, how to recognize and define trust problem from its nature and how to measure software trustworthiness correctly and effectively play a key role in improving users＇ trust in choosing software. Based on trust theory in the field of humanities and sociology, this paper proposes a measurable S2S （Social-to-Software） software trustworthiness framework, introduces a generalized indicator loss to unify three parts of trustworthiness result, and presents a whole metric solution for software trustworthiness, including the advanced J-M model based on power function and time-loss rate for ability trustworthiness measurement, the fuzzy comprehensive evaluation advanced-model considering effect of multiple short boards for basic standard trustworthiness, and the identity trustworthiness measurement method based on the code homology detecting tools. Finally, it provides a case study to verify that the solution is applicable and effective.

A Trustworthiness-Based Distribution Model for Data Leakage Prevention

Under the global circumstances where data leakage gets more and more severe, we present a trustworthiness-based distribution model that aims at data leakage prevention （DLP）. In our model, first, the distributor calculates the user＇s trustworthiness based on his historical behaviors; second, according to the user＇s trustworthiness and his obtained file set overlapping leaked file set, the distributor accesses the probability of the user＇s intentional leak behavior as the subjective risk assessment; third, the distributor evaluates the user＇s platform vulnerability as an objective element; last, the distributor makes decisions whether to distribute the file based on the integrated risk assessment. The experiments indicate that the model can distinguish users of different types and make the probability of malicious users＇ requirements being denied much higher than that of honest users＇ requirements being denied, so that the model is capable of preventing data leakage validly.

Towards trustworthy multi-modal motion prediction:Holistic evaluation and interpretability of outputs

Predicting the motion of other road agents enables autonomous vehicles to perform safe and efficient path planning.This task is very complex,as the behaviour of road agents depends on many factors and the number of possible future trajectories can be consid-erable(multi-modal).Most prior approaches proposed to address multi-modal motion prediction are based on complex machine learning systems that have limited interpret-ability.Moreover,the metrics used in current benchmarks do not evaluate all aspects of the problem,such as the diversity and admissibility of the output.The authors aim to advance towards the design of trustworthy motion prediction systems,based on some of the re-quirements for the design of Trustworthy Artificial Intelligence.The focus is on evaluation criteria,robustness,and interpretability of outputs.First,the evaluation metrics are comprehensively analysed,the main gaps of current benchmarks are identified,and a new holistic evaluation framework is proposed.Then,a method for the assessment of spatial and temporal robustness is introduced by simulating noise in the perception system.To enhance the interpretability of the outputs and generate more balanced results in the proposed evaluation framework,an intent prediction layer that can be attached to multi-modal motion prediction models is proposed.The effectiveness of this approach is assessed through a survey that explores different elements in the visualisation of the multi-modal trajectories and intentions.The proposed approach and findings make a significant contribution to the development of trustworthy motion prediction systems for autono-mous vehicles,advancing the field towards greater safety and reliability.

CrossLinkNet: An Explainable and Trustworthy AI Framework for Whole-Slide Images Segmentation

In the intelligent medical diagnosis area,Artificial Intelligence(AI)’s trustworthiness,reliability,and interpretability are critical,especially in cancer diagnosis.Traditional neural networks,while excellent at processing natural images,often lack interpretability and adaptability when processing high-resolution digital pathological images.This limitation is particularly evident in pathological diagnosis,which is the gold standard of cancer diagnosis and relies on a pathologist’s careful examination and analysis of digital pathological slides to identify the features and progression of the disease.Therefore,the integration of interpretable AI into smart medical diagnosis is not only an inevitable technological trend but also a key to improving diagnostic accuracy and reliability.In this paper,we introduce an innovative Multi-Scale Multi-Branch Feature Encoder(MSBE)and present the design of the CrossLinkNet Framework.The MSBE enhances the network’s capability for feature extraction by allowing the adjustment of hyperparameters to configure the number of branches and modules.The CrossLinkNet Framework,serving as a versatile image segmentation network architecture,employs cross-layer encoder-decoder connections for multi-level feature fusion,thereby enhancing feature integration and segmentation accuracy.Comprehensive quantitative and qualitative experiments on two datasets demonstrate that CrossLinkNet,equipped with the MSBE encoder,not only achieves accurate segmentation results but is also adaptable to various tumor segmentation tasks and scenarios by replacing different feature encoders.Crucially,CrossLinkNet emphasizes the interpretability of the AI model,a crucial aspect for medical professionals,providing an in-depth understanding of the model’s decisions and thereby enhancing trust and reliability in AI-assisted diagnostics.

Uncertainty-Aware Deep Learning: A Promising Tool for Trustworthy Fault Diagnosis

Recently,intelligent fault diagnosis based on deep learning has been extensively investigated,exhibiting state-of-the-art performance.However,the deep learning model is often not truly trusted by users due to the lack of interpretability of“black box”,which limits its deployment in safety-critical applications.A trusted fault diagnosis system requires that the faults can be accurately diagnosed in most cases,and the human in the deci-sion-making loop can be found to deal with the abnormal situa-tion when the models fail.In this paper,we explore a simplified method for quantifying both aleatoric and epistemic uncertainty in deterministic networks,called SAEU.In SAEU,Multivariate Gaussian distribution is employed in the deep architecture to compensate for the shortcomings of complexity and applicability of Bayesian neural networks.Based on the SAEU,we propose a unified uncertainty-aware deep learning framework(UU-DLF)to realize the grand vision of trustworthy fault diagnosis.Moreover,our UU-DLF effectively embodies the idea of“humans in the loop”,which not only allows for manual intervention in abnor-mal situations of diagnostic models,but also makes correspond-ing improvements on existing models based on traceability analy-sis.Finally,two experiments conducted on the gearbox and aero-engine bevel gears are used to demonstrate the effectiveness of UU-DLF and explore the effective reasons behind.

A new type of blockchain for secure message exchange in VANET

In the Vehicular Ad-hoc NETworks(VANET),the collection and dissemination of life-threatening traffic event information by vehicles are of utmost importance.However,traditional VANETs face several security issues.We propose a new type of blockchain to resolve critical message dissemination issues in the VANET.We create a local blockchain for real-world event message exchange among vehicles within the boundary of a country,which is a new type of blockchain suitable for the VANET.We present a public blockchain that stores the node trustworthiness and message trustworthiness in a distributed ledger that is appropriate for secure message dissemination.

A personalized trustworthy service selection method

A personalized trustworthy service selection method is proposed to fully express the features of trust, emphasize the importance of user preference and improve the trustworthiness of service selection. The trustworthiness of web service is defined as customized multi-dimensional trust metrics and the user preference is embodied in the weight of each trust metric. A service selection method combining AHP （analytic hierarchy process） and PROMETHEE （preference ranking organization method for enrichment evaluations） is proposed. AHP is used to determine the weights of trust metrics according to users＇ preferences. Hierarchy and pairwise comparison matrices are constructed. The weights of trust metrics are derived from the highest eigenvalue and eigenvector of the matrix. to obtain the final rank of candidate services. The preference functions are defined according to the inherent characteristics of the trust metrics and net outranking flows are calculated. Experimental results show that the proposed method can effectively express users＇ personalized preferences for trust metrics, and the trustworthiness of service ranking and selection is efficiently improved.

Screening for scoliosis-New recommendations,old dilemmas,no straight solutions

This opinion review considers the prevailing question of whether to screen or notto screen for adolescent idiopathic scoliosis. New and improved standards ofpeople-oriented care and person-centredness, as well as improved principles ofpreventive screening and guideline development, have been postulated andimplemented in health care systems and cultures. Recommendations addressingscreening for scoliosis differ substantially, in terms of their content, standards ofdevelopment and screening principles. Some countries have discontinued issuingrecommendations. In the last decade, a number of updated and newrecommendations and statements have been released. Systematically developedguidelines and recommendations are confronted by consensus and opinion-basedstatements. The dilemmas and discrepancies prevail. The arguments concentrateon the issues of the need for early detection through screening in terms of theeffectiveness of early treatment, on costs and cost-effectiveness issues, scientificand epidemiologic value of screenings, and the credibility of the sources ofevidence. The problem matter is of global scale and applies to millions of people.It regards clinical and methodological dilemmas, but also the matter of vulnerableand fragile time of adolescence and, more generally, children’s rights. Thedecisions need to integrate people’s values and preferences – screening tests needto be acceptable to the population, and treatments need to be acceptable forpatients. Therefore we present one more crucial, but underrepresented in thediscussion, issue of understanding and implementation of the contemporaryprinciples of person-centred care, standards of preventive screening, andguideline development, in the context of screening for scoliosis.

DIV： Dynamic Integrity Validation Framework for Detecting Compromises on Virtual Machine Based Cloud Services in Real Time

with the increasing popularity of cloud services,attacks on the cloud infrastructure also increase dramatically.Especially,how to monitor the integrity of cloud execution environments is still a difficult task.In this paper,a real-time dynamic integrity validation(DIV) framework is proposed to monitor the integrity of virtual machine based execution environments in the cloud.DIV can detect the integrity of the whole architecture stack from the cloud servers up to the VM OS by extending the current trusted chain into virtual machine's architecture stack.DIV introduces a trusted third party(TTP) to collect the integrity information and detect remotely the integrity violations on VMs periodically to avoid the heavy involvement of cloud tenants and unnecessary information leakage of the cloud providers.To evaluate the effectiveness and efficiency of DIV framework,a prototype on KVM/QEMU is implemented,and extensive analysis and experimental evaluation are performed.Experimental results show that the DIV can efficiently validate the integrity of files and loaded programs in real-time,with minor performance overhead.