A Survey on Reputation and Trust Management in Wireless Sensor Network

Transcription

1 A Survey on Reputation and Trust Management in Wireless Sensor Network 1 Sakshi Srivastava, 2 Kushal Johari 1 Department of Computer Science & Engineering, Mahamaya Technical University, India 2 Department of Computer Application, Invertis University, Bareilly, India 1 sakshisrivastava2000@gmail.com 2 kushaljohari_2007@rediffmail.com ABSTRACT Wireless Sensor Network (WSN) has been proven a useful technology for perceiving information about the physical world and as a consequence has been used in many applications such as measurement of temperature, radiation, flow of liquids, etc. The nature of WSNs and also their vulnerabilities to attacks requires a special concern towards their security. The decision making in a WSN is essential for carrying out certain tasks as it aids sensors establish collaborations. In order to assist this process, trust management systems could play a relevant role. In the context of a network, trust may help its elements to decide whether another member of the same network is being uncooperative or malicious. Hence, trust becomes quite important in self-configurable and autonomous systems, such as wireless sensor networks (WSN). In this paper we study the state of the art of trust management systems for Wireless Sensor Networks and also try to identify the main features that a trust management system should have. Keywords: Sensor, Security, Attack, Trust, Reputation. I. INTRODUCTION Computer systems are not able to perceive the physical information of the real world by themselves. It is possible to use sensor hardware to convert a physical property (e.g. temperature, radiation) into a digital signal. However, it would be interesting to have a component, either application-specific or off-the-shelf, which provides the functionality of a sensory system to any kind of computer system. That is the task of Wireless Sensor Networks (WSN). The Wireless Sensor Networks paradigm has been shown as a growing area of research. One of the main reasons for this growth is its usefulness in many real-life situations such as environmental, healthcare or Ambient Intelligence scenarios. All of these scenarios require specific services that WSN can help to provide due to their autonomous capabilities and their potential to selfconfigure. In these networks a set of resourceconstrained devices, called sensor nodes, measure the physical information (e.g. temperature, light) of their environment. Later, they work collaboratively to send those measurements using a wireless channel to a central device, called base station. The benefits of using WSN technology are numerous: it is easy to deploy and not expensive mainly due to the use of a wireless interface [1] and it is able to run unattended and survive in its deployment area for long periods of time (e.g. a year or more [2]). However, security problems inherent to WSN also arise. WSN are usually very accessible within the physical world, what makes them very vulnerable. Also, due to their computational or energy constraints, an attack could make the network partially or totally unusable. Thus, providing WSN with security mechanisms becomes very important. Trust, or the trust on the behavior of the elements of the network, is a key aspect for WSN. Trust management systems for WSN could be very useful for detecting misbehaving nodes (faulty or malicious) and for assisting the decisionmaking process. It aids the members of WSN (trustors) to deal with uncertainty about the future actions of other participants (trustees). By evaluating and storing the reputation of other members, it is possible to calculate how much those members can be trusted to perform a particular task. Very little has been done so far in the area of trust management systems for WSN [4, 3]. Most of the work on this field has been made in the last few years. Big efforts, however, have been made in related

2 areas such as P2P and Ad-Hoc networks [5, 6]. Thus, some of the approaches adopted for WSN try to imitate those for Ad-hoc or P2P networks [8, 7]. However, this is not always possible due to the difference in the features of these networks. In this paper we provide an overview of the existing trust management approaches for some kind of networks, more specifically for Ad-hoc and P2P networks, and analyze how these approaches can be applied to WSN. We try to give a general overview of the state of the art on trust management systems for WSN. As a result, it becomes possible to extract what are the requirements that a trust management system should fulfill in a WSN environment, and to provide new directions for future works in this area. II. DEFINATION OF TRUST AND REPUTATION The concept of trust derives from sociological or psychological environments. Trust is an essential factor in any kind of network, social or computer networks. It becomes an important factor for members of the network to deal with uncertainty about the future actions of other participants. Thus, trust becomes especially important in distributed systems or internet transactions. Although we experience and rely on trust in everyday life, it is so challenging to define trust accurately. The literature on trust is also quite confusing, since it manifests itself in fairly different forms. Definition1. Trust is the subjective probability by which an individual, A, expects that another individual, B, performs a given action on which its welfare depends [9]. Definition2. Reputation is what is generally said or believed about a thing s character or standing [9]. Trust is a subjective phenomenon which is based on various factors or evidences. Reputation exists only in a community which is observing its members in one way or the other. Accordingly, reputation is the collected and processed information about one partner s former behavior as experienced by others. Based on [10] and [9], we try to give the following more detailed trust and reputation definition. Definition3. In a wireless network, a node S s trust in another node P is the subjective expectation of node S receiving positive outcomes through the transactions with node P. Definition 4. A node S s reputation is the global perception of its trustworthiness in the wireless network. Furthermore, the trustworthiness can be evaluated from its past and current behaviors. Hence reputation can be defined as the trustworthiness of an entity whereas trust is the expectation of one entity about the actions of another. III. RELATIONSHIP BETWEEN TRUST AND REPUTATION The term trust and reputation have strongly linked meanings. Especially in WSN, trust is often defined as an abstract acquired attribute relative to some sensor nodes which is due to the amount of reputation held by such sensor nodes. By making full use of observing good long-term behavior, reputation ratings can be improved; therefore, trust relationships will be easily established [12]. In real-life communities, trust is the consequence of the satisfaction of certain desired properties [11]. As discussed in [9], the concept of reputation is closely linked to that of trust; however, there is a clear and significant difference. A node S can trust in another node P because of its good reputation. Likewise, node S can also trust in node P in spite of its bad reputation. Reputation is usually inspired by the past behaviors observed. Trust reflects the relying party s subjective view of an entity s trustworthiness, whereas reputation is a score which can be seen by the whole community. IV. TRUST MANAGEMENT Usually, trust management systems can be classified into two categories: credential-based trust management systems and behaviour-based trust management systems. This classification is based upon the approach used in order to establish trust among the peers of a system. Credential-Based Trust Management Systems- In this type of systems, peers (or nodes) use credential verification in order to establish trust with other peers (or nodes). The primary goal of credential-based trust management systems is to enable access control. Therefore their concept of trust management is limited to verifying credentials and restricting access to resources according to application- defined policies. A peer requests for access to a restricted resource. The access is controlled by a resource-owner that provides access only if it can verify the credentials of the requesting peer. Trust of the requesting peer in the resource- owner is not usually included. Thus, this type of systems is useful when there is an implicit trust in the resource-owner. However, these type of systems do not incorporate the need of the requesting peer to establish trust on the resource- owner. For this reason they are not very good trust management solutions for all decentralized

3 systems. Examples of credential-based trust management systems are Policy Maker [14], its successor, Key Note [13] or Referee [15]. Behavior-Based Trust Management Systems-These types of systems are also called experience-based. In these models an entity trusts another entity based on past experience or behavior. Thus, entities can perform evaluation on the other entities based on these features. These systems are mainly based on the concept of reputation, which is quite related to the concept of trust. There have been many attempts to specify trust for different domains. Our interest focus on trust management for WSN. Very little has been done on this field, but some efforts have been carried out in quite related areas such as Ad-hoc and P2P networks. Most of the trust management systems developed for these kind of networks consist of collection of data and the application of a certain engine in order to compute that data. Most of these systems are based, or take into consideration, the concept of reputation. Once the reputation ratings of a system are collected, they should be computed. There exist different reputation engines. A classification of them can be found in [16]. A. Trust Management Systems for Ad Hoc Networks In [15] the authors present a trust model for mobile Adhoc networks that can be used in a dynamic context within the routing process. Initially, each node is assigned a trust value according to its identity. For instance, if no information is available about the trustworthiness of a node the assigned value will be unknown. Each node records the trust levels about their neighbours. Then, by using simple, logical calculations similar to averages a node i can derive the trust level of node j, TLi (j). In [21] secure routing is also considered but the way of assigning the trust levels is carried out by evaluation of nodes over other nodes. Trust is evaluated considering factors such as statistics, data value, intrusion detection or personal reference to other nodes. The trust evaluation values, TE (i; j), are stored in a matrix. The final trust value is calculated via a linear function that uses the values stored in the matrix. Reputation is considered in [16] as a way for building trust. The mechanism builds trust through an entity called the trust manager. An important part of the trust manager is the reputation handling module. Each node monitors the activities of its neighbours and sends the information to the reputation manager. Then, the information is passed to the reputation handling module and the reputation values are obtained via simple metrics. Zhu et al [22] provide a practical approach to compute trust in wireless networks by viewing any individual mobile device as a node of a delegation graph G and mapping a delegation graph from the source node S to the target node T into an edge in the correspondent transitive closure of the graph G, from which the trust value is computed. B. Trust Management Systems for P2P Networks PET [14] is a personalized trust model that evaluates risk and reputation separately in order to derive trust values. Reputation is also used as a way to obtain trust in [1]. In this work, when an agent wants to evaluate the trustworthiness of another agent, it starts to search for complaints on it. Once the data about the complaints is collected trust can be assessed by an algorithm proposed by the authors. Bayesian networks have also been used [3, 20]. Other approaches [18] use statistics methods such as standard deviation and mean in order to detect anomalies or malicious behaviour of peers. Trust Me [17] is a secure protocol for anonymous trust management that uses public-key cryptography. A similar approach is presented in [11] where the authors introduce a protocol based on a polling mechanism. This protocol also uses public key cryptography. V. SENSOR NETWORK AND TRUST A. Introduction The main purpose of a WSN is to serve as an interface to the real world, providing physical information such as temperature, light, radiation, and others, to a computer system. (a)

4 clusters or group of nodes. Inside a cluster all organizational decisions, like data aggregation, are made by a single entity called cluster head. It should be noticed that it is also possible to have a combination of the two previous configurations into the same network; for instance, to avoid situations where the spinal cord of the network the cluster heads fails and the information must be routed to the base station. Regarding the services offered by wireless sensor networks they can be classified into four major categories: monitoring, alerting, provisioning of information on-demand and actuating. (b) Fig.1: Architecture of WSN From a technological perspective, as shown in Fig. 1(a), a WSN is mainly composed of two types of devices: sensor nodes and base stations. A sensor network can be abstracted as a living being", where honest and fully cooperative sensor nodes ( sensing cells") are managed by an entity named base station ( brain"). There is a high number of sensor nodes, usually densely deployed, that can perceive the physical events as they occur. All these nodes process and forward their signals through a wireless channel to the base station that, based on that information, provides a number of services to an external system. The base station is a more powerful device that behaves as a front-end between the services provided by the sensor nodes and the users of the network. While it would seem that WSN are highly dependent on the existence of this base station, the architecture of the network is not centralized. The nodes operate in a decentralized fashion, managing themselves without accessing the base station. In fact, there are some specific networks, known as unattended sensor networks, where the base station is only available at certain moments in time. Still, the base station usually plays an important role on the overall behaviour of WSN. Normally, a base station collects all the information coming from the sensor nodes and stores it for later use. Also, it may issue control orders to the sensor nodes in order to change their behaviour. In fig.1 (b), the network architecture of a WSN can be organized in a completely distributed way (flat configuration), but it can also implement levels of hierarchy (hierarchical configurations). In flat configurations all the nodes contribute in the decision-making process and participate in internal protocols such as routing. Conversely, in hierarchical configurations the network is divided into 1) Monitoring: Sensor nodes can continuously monitor certain features of their surroundings (e.g. measuring the ambient noise level) and timely send such information to the base station. 2) Alerting: Sensor nodes can check whether certain physical circumstances (e.g. a fire) are occurring, alerting the users of the system when an alarm is triggered. 3) Information on-demand: The network can be queried about the actual levels of a certain feature, providing information whenever the user needs it. 4) Actuating: Sensor nodes can be able to change the behavior of an external system (e.g.an irrigation system) according to actual state of context (e.g. humidity of the soil). B. Importance of Trust in Sensor Networks It is possible that the emerging importance of sensor networks could be hindered by their inherent security problems. It is then imperative to provide a set of security primitives and services that can protect those networks and improve their robustness and reliability. Trust management, which models the trust on the behavior of the elements of the network, can be especially useful for a sensor network environment. Not only it can help the nodes of the network to selfconfigure themselves against any change in their neighborhoods, but it can also assist and/or take advantage of the other security protocols, as shown in the following paragraphs. The first step towards a robust and reliable sensor network is to properly secure the node as a physical entity, by using code and data obfuscation schemes or software attestation mechanisms. The outputs of these schemes can be easily integrated

5 into a trust management system that can also be used as a tool launched by the trust system for testing the integrity of a suspected node. After protecting the node, it is time to protect the communication channel against eavesdroppers and other adversaries using cryptographic primitives. These primitives need a Key Management System (KMS) for distributing and maintaining their security credentials. The existence of a trust management system can assist the activities of such KMS by, for example, pointing out which nodes are completely untrusted for the purpose of revoking their keys. Protecting the channel is not enough for assuring the security of the network. The functionality of the network relies on a minimal set of core protocols required for providing services, which are routing, data aggregation and time synchronization. Finally, a sensor network may also require the assistance of other services like secure location for creating services of greater complexity. All these services core or not, can benefit from the existence of a trust management system, either by using the output of the trust system as an assistant in their decision-making process, or by providing useful inputs for the trust system that could be of use for any other service. C. Elements and Features of Sensor Networks While modern research on sensor networks started on the late seventies [17], this paradigm acquired an identity of its own at the beginning of the twenty-first century [18]. Present-day sensor networks can be considered as living beings, usually born (configured) in a controlled environment, where all its nodes are cells that work selflessly towards a common goal. Such nodes can work autonomously and are able to perform various tasks. The overall architecture of a WSN is highly dependent on its intended functionality. Another relevant feature of these networks is that no human user directly controls the nodes: they are usually accessed through the base station. Finally, WSN are usually long-lived, and the sensor nodes may have limited mobility [19]. As aforementioned, the elements of a sensor network are the sensor nodes and the base station. The main tasks of a sensor node are the following: 1) To get the physical information of the surroundings using its built-in sensors, 2) To process the raw information by benefiting from its limited computational capabilities, and 3) To communicate with other nodes in the area around using a wireless channel. All sensor nodes are battery-powered; hence, totally independent and able to operate autonomously, if required. Nevertheless, they can also collaborate with other nodes in pursuing a common goal, such as vehicle tracking. On the other hand, the base station is the element for accessing to the services provided by the sensor network. All data coming from the sensor nodes, as well as all control commands that can be issued to those nodes, will traverse the base station. D. Security Problem and attacks in WSN Since sensor networks is a young technology there are many interesting research problems, like development of models and tools for the design of better WSN architectures, elaboration of standard protocols adapted to work robustly on certain scenarios, etc. However, one of the most important issues that remain mostly open is security. Sensor nodes are highly constrained in terms of computational capabilities, memory, and communication bandwidth and battery power. Additionally, it is easy to physically access the nodes because they must be located near the physical source of the events, and they usually are not tamper-resistant due to cost constraints. Furthermore, any device can access the information exchange because the communication channel is public. As a result, any malicious adversary can manipulate the sensor nodes, the environment, or the communication channel for its own benefit. For these reasons, it is necessary to provide the sensor network with basic security mechanisms and protocols that can guarantee a minimal protection to the services and the information flow. This means to provide protection on the hardware layer, the communication stack, and the core protocols". In other words, (i) it is necessary to protect the hardware of the nodes against attacks, (ii) the communication channels must meet security goals (like confidentiality, integrity and authentication), and (iii) the core protocols of the network must be robust against any possible interferences. In order to solve the security problems present in WSN, a set of security primitives that could improve the robustness and the reliability of the network should be included. For example, cryptographic primitives are needed in order to create secure communication channels; and the security credentials used by those primitives must be distributed

6 using key management systems. Besides, additional services, such as self-healing and trust management services should exist. They can help to protect the core protocols of the network: aggregation, time synchronization and routing. Finally, other aspects such as distributed computing, secure location, secure mobile base station location need to be protected, if included inside a sensor network. Trust management can help improving the security of WSN. For example, for the routing process, sensor nodes might need to know which other nodes to trust for forwarding a packet. For sensing purposes a node might need to trust other neighbouring nodes for checking anomalous measurements. Other examples of trust in sensor networks include data disclosure decisions and key exchange. However, as sensor nodes are usually constrained devices, the trust management systems must be lightweight enough to provide a good performance without hindering the functionality of the system. Moreover, due to the distributed nature of those networks, trust management systems for them are susceptible to attacks. According to [20] some of the most common attacks to a trust management system for WSN are: 2) ON-Off Attack: If bad behavior can be compensated with good behavior, dishonest nodes can take advantage of it and behave well and badly alternatively. Thus, they can remain trusted while behaving badly. See Fig. 3. Fig.3: ON-OFF Attack 3) Selective behaviour attack: The trust system may accept recommendations only from certain relevant nodes or from all the neighboring nodes. If a node behaves well from the point of view of most of their neighbours, it can still behave badly with respect to the rest of the nodes. This way, the average recommendation will remain positive, while it can cause damage to certain nodes. See Fig. 4. Fig. 2: Bad Mothering Attack 1) Bad Mothering Attack: When taking recommendations into account in a trust management system we take the risk of receiving dishonest recommendations. Some nodes may also try to bad mouth an honest node that has reported them as dishonest previously. This causes a fear for retaliation which might result in a recommendation that does not reflect the real opinion of the recommender. See Fig.2. Note that arrows represent recommendations and black nodes represent the dishonest nodes. Fig 4: Selective Behaviour Attack 5) Sybil attack and newcomer attack: If a node can create, emulate or impersonate different nodes in the network it can manipulate the recommendations and promote itself as a respected node. These attacks are also related to the white-washer attack where a node can throwaway its bad reputation by creating a new identity. See Fig. 5.

7 VI. Figure 5: Sybil Attack or New Comer Attack TRUST MANAGEMENT FOR WSN A. Importance of trust in WSN Given the previously mentioned attacks that can affect the functionality of a WSN, it may be argued that adopting a trust management system for WSN does not bring enough advantages. But, trust is an important tool that can solve one of the intrinsic problems of WSN: the problem of uncertainty in collaboration. Besides, trust established between nodes can be used for other purposes beyond collaboration. Moreover, once the possible attacks against a trust management system are known, it should be possible to create more robust systems. In order to explain the suitability of trust for sensor networks, we will start with the concept of collaboration. All the members of a WSN (sensor nodes and base stations) need to collaborate in order to provide the services of the network. Examples of these collaboration processes are sensing and routing. All sensor nodes use their sensing hardware in order to obtain physical information from the environment. Besides, every node behaves as a router, forwarding the physical information to the base station through other nodes. For assuring a successful collaboration, a node should be able to discover which nodes are more likely of accomplishing a certain task. However, in a WSN the outcome of a certain situation cannot be clearly established or assured. That is, we need to take uncertainty into account. Uncertainty is originated basically from two sources: information asymmetry (a partner does not have all the information it needs about others) and opportunism (transacting partners have different goals). On the context of sensor networks, opportunism is not a problem. All the elements of the network work towards the same goal, and they have neither reason nor the will to behave egoistically. On the other hand, a sensor node does not have information regarding others that will allow it to know in advance how a transacting partner is going to behave. Therefore, there is some information asymmetry that the node must deal with. Once the importance of trust have been clarified, it is necessary to describe where it could be of use in a WSN context. Its primary purpose is to allow self-sufficiency: a Wireless Sensor Network must be able to configure itself during its lifetime in presence of extraordinary events. By knowing the reputation of their neighbourhood and their actual behaviour, it is possible for the nodes to calculate a trust value and choose a suitable course of action when taking operational decisions (knowing who is the best partner for starting a collaboration) or in extreme situations (e.g. nodes malfunctioning). Self-configuration is not the only benefit of trust: a trust management system can also assist and/or take advantage of other security protocols. Regarding hardware protection, existing code obfuscation and code attestation schemes can be easily integrated into a trust management system as tools for testing the integrity of an untrusted node. The existence of a trust management system can also assist the activities of Key Management Systems (KMS) by, for example, revoking the keys of an untrusted entity. Finally, complex services such as secure location and intrusion detection systems can benefit from the existence of a trust management system, either by using the output of the system as an assistant in their decisionmaking process, or by providing useful trust inputs that could be of use for any other service. B. Trust Management Architecture We have already discussed the importance of trust for WSN and why we need trust management systems for these types of networks. Fig. 6: Structure of a Trust Entity for Sensor Networks

8 The architectures considered in the literature for solving the challenge of managing trust relationships differ depending on the underlying problem. For sensor networks, it is necessary to have a lightweight distributed architecture that tries to assure coverage of the whole network. This architecture must be behaviour-based" in order to react to the events that may occur during the lifetime of the network. These requisites are given by the decentralized nature of WSN and its specific characteristics and constraints. An important element of any trust management system is the trust entity. This entity is in charge of obtaining, calculating and maintaining reputation and trust values. For sensor networks, it is possible to define the structure of a generic trust entity, as shown in Fig. 6. In this structure, the information" modules obtain information about the behaviour of the members of its neighbourhood, either through observation and experience (i.e 1st -hand information") or by sharing the observed events with other entities (i.e. second-hand information"). After this process, the reputation manager" module can use this list of events to infer and store the reputation of the members of its neighbourhood. Such reputation will be later used by the trust manager" module to obtain the trust values. They can be used to decide which the best partner for a certain operation is, or discover if one entity is behaving maliciously. Both modules need to maintain and update their values during the lifetime of the network. C. Existing Trust Management Solution for WSN As we have mentioned in previous sections very little has been done in the field of trust management for WSN, however most of them are designed in order to solve a very specific problem and do not deal with all the features that a good trust management system for sensor networks should possess. In the following, we will discuss some of the most relevant existing approaches of trust management systems for WSN. In [4] the authors propose a reputation-based framework for sensor networks where nodes maintain reputation for other nodes and use it to evaluate their trustworthiness. Reputation is represented through a Bayesian formulation, more specifically, a beta reputation system. The architecture of the system consists of a watchdog mechanism, reputation, second hand information, trust and behaviour. The mathematical tool used for representing and updating the reputation values is the beta distribution of Josang. A watchdog mechanism is also used in [3]. This work uses reputation in order to define the trust management system for WSN. They consider the concept of certainty for trust. The first-hand information is gathered by using a watchdog mechanism. Then a reputation space, RS is defined considering the positive and the negative outcomes. A trust space is defined from the reputation space. In [22] the authors introduce a lightweight groupbased trust management system scheme (GTMS) for distributed wireless sensor networks. GTMS uses a hybrid trust management approach instead of using completely centralized or distributed schemes. The problem isolating misbehaving nodes is also addressed in [23]. In this work the authors consider as a basis for their work the case of industrial sensor networks which are static. Other systems deal with specific problems such as detecting misbehaving nodes in core protocols" (such as routing) or electing non-compromised cluster heads. [24] Presents a location-centric architecture for isolating misbehavior nodes and establishing trust in sensor networks. The underlying problem the authors target is a misbehaviour model in which compromised or faulty nodes consistently drop data packets while participating in signaling and routing protocols, always over static networks. The trust routing protocol is called TRANS. The aggregation problem is considered in [25]. The authors consider the problem of aggregation for WSN. The sensor network is organized into clusters where the cluster head acts as a gateway between the cluster and the BS. Some nodes on the network act as "aggregators", responsible for aggregating data and reporting the information to the cluster head. The aggregator collects information from other nodes. This information is given in forms of reputation. The aggregator node classifies the nodes into different groups based on their reputations. After calculating reputations (by using the formulation in the paper) for nodes the aggregator determines whether there are compromised nodes. The best way to do that is by predefining a threshold. D. Advantage and Disadvantage of Trust Management Framework for WSN In general, the solutions designed for Ad-Hoc and P2P networks are not suitable for sensor networks environments. The main reason is essentially the differences among these network architectures in terms of infrastructure and functionality. Among these features power constraint which is much more restricted in WSN than on P2P or Ad-Hoc networks. Scalability and

9 lifetime of the network are other issues to be taken into account. In Ad-Hoc networks, the number of members is usually not high, while in sensor networks it is likely to have a community of thousands of nodes. In P2P networks cab be even higher than in WSN. Regarding the lifetime of the network, a sensor network could offer its services for much longer periods of time than Ad-Hoc and P2P networks, where nodes enter and exit the network periodically offering their functionality for a short period of time. This may affect the way trust evolves on the network and how trust values should be updated. A final difference between Ad-Hoc, P2P and sensor networks is the behaviour of the nodes. Any deviation in the behaviour of a single node should be reason enough to start suspecting of the integrity of that node. As a result, the mechanisms and rules that dictate the evolution of trust for a single sensor node have to be calibrated for these kind of situations. It is possible to identify the previously presented issues in the trust management solutions developed for Ad-Hoc and P2P networks. For example, the approach presented in [21] considers reputation in order to build trust for Ad-hoc networks. This is done through a reputation manager. This method might not be very applicable to sensor networks due to several reasons. Using an entity such as a reputation manager that controls all the traffic information and distribute it might be very high energy consuming for sensor networks. Scalability might also be a problem. Other approaches for Ad-hoc networks might not be suitable for sensor networks. These methods consider that an initial trust value is given to each node according to their identity. This could be considered a bit contradictory with the nature of sensor networks, as initially all nodes in the WSN are preloaded with identification information created by the user. Assigning initial trust values to each node might not be very accurate in order to compute the final trust value. However, Yao et.al follow this approach for WSN. E. Analysis and features of Trust Management framework for WSN In previous section we gave an outline of the existing approaches to trust management for wireless sensor networks. To the best of our knowledge only these few works have been done so far in this area. In all of these approaches the observations or data used in order to derive trust or reputation values only take into account one or two specific aspects, the nature of the data collected is essential for the development of a trust management system. Thus, in [24] the observations are based on forwarding and routing Process. Ganeriwal et al [4] do realize that not all the events should be given the same importance for their reputation system, however they only consider forwarding and data consistency when calculating reputation. A watchdog mechanism is used in [4] and [3]. The detection of node misbehaviour in aggregation processes or in the election of cluster heads are analyzed in [25]. An interesting approach is followed by Tanachaiwiwat [24] where the base station (or sink, as they called it) is in charge of storing the trust values obtained by it or other nodes and distributing the blacklisting. In the other approaches the nodes are in charge of using their observations. For the development of a behavioral-based trust management system, it is necessary to collect information regarding to the behaviour of the nodes of the network. In a wireless sensor network, this information gathering process can be done in several ways. The way information is gathered could be either distributed or centralized. If the system is centralized it is the base station (BS) which is in charge of maintaining and distributing the information. In distributed systems each node keeps its own measurements on first and second hand information. Only Shaikh et. al [22] consider a hybrid approach in order to gather information distributed within the cluster and centralized in between each group or cluster and the base station. VII. CONCLUSION Trust is an important factor in any kind of social or computing network environment. In particular, we are interested in developing trust management systems for WSN. In this paper we have tried to give an overview of the state of the art of trust management systems for Wireless Sensor Networks as well as an analysis of the main features that these trust management systems possess. We investigated the existing approaches for Adhoc and P2P networks. We have also identified the main problems and the possible solutions in order to develop trust management systems for WSN. Thus, we consider that data gathering is a very important factor in the process of designing a trust management system. Not all the data is equally relevant and their relevance may evolve with time. We also outline the importance of trust for these kind of networks, as for any networks where uncertainty is a fact. Thus, trust management systems

10 will become an assistant for solving the decision-making problem. The success of the trust management system might depend on the adoption of the correct approach for Trust and Reputation Management Systems for Wireless Sensor Networks (WSN). REFERENCES [1] J. Frey. Wisa Wireless Control in Theory, Practice and Production. Technical report, ABB, September [2] T. Teixeira D. Jung and A. Savvide. Sensor Node Lifetime Analysis: Models and Tools. ACM Transactions on Sensor Networks, 5(1), 2009 [3] Haiguang Chen, Huafeng Wu, Xi Zhou, and Chuanshan Gao. Reputation-based Trust in Wireless Sensor Netwoks. In Proceedings of the 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07), [4] S. Ganeriwal and M. B. Srivastava. Reputation- Based Framework for High Integrity Sensor Networks. In 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks., pages 66{77, Washington, DC, USA, [5] Y. Rebahi, V. E. Mujica-V, and D. Sisalem. A Reputation-Based Trust Mechanism for Ad-hoc Networks. In 10th IEEE Symposium on Computers and Communications (ISCC 2005), 2005 [6] Z. Yan, P. Zhang, and T. Virtanen. Trust Evaluation Based Security Solutions in Ad-hoc Networks. In NordSec 2003, Proceedings of the Seventh Nordic Workshop on Security IT Systems, [7] W. Shi Z. Liang, and. PET: A Personalized Trust Model with Reputation and Risk Evaluation for P2P Resource Sharing. In 38th Hawaii International Conference on System Sciences, 2005 [8] K. Aberer and Z. Despotovic. Managing trust in a peer-2-peer information system. In Henrique Paques, Ling Liu, and David Grossman, editors, Proceedings of the Tenth International Conference on Information and Knowledge Management (CIKM01), pages 310{317. ACM Press, 2001 [9] Josang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst, Vol. 43, No. 2, (2007). [10] Gambetta, T.: Can we trust trust? In: D. Gambetta (Ed.), Trust: making and Breaking Cooperative Relations, Basil Blackwell, Oxford, (1990) [11] Better Busines Bureau. [Online]. Available: [12] Sun, Y. L., Yang, Y.: Trust establishment in distributed networks: Analysis and modeling. In Proc. of 2007 IEEE International Conference on Communications, ICC 07, United Kingdom, Glasgow, (2007) [13] M. Blaze, J. Feigenbaum, and A. D. Keromytis. KeyNote: Trust Management for Public-Key Infrastructures (position paper). Lecture Notes in Computer Science, 1550:59{63, [14] M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized Trust Management. In IEEE Symposium on Security and Privacy, 1996 [15] Y.-H. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss. REFEREE: Trust Management for Web Applications. Computer Networks and ISDN Systems, 29:953{964, 1997 [16] A. Josang, R. Ismail, and C. Boyd. A Survey of Trust and Reputation Systems for Online Service Provision. Decision Support Systems, 2006 [17] C. Chong and S. P. Kumar. Sensor Networks: Evolution, Opportunities, and Challenges. Proceedings of the IEEE, 91(8):1247{1256, [18] Y. Sankarasubramaniam I. Akyildiz, W. Su and E. Cayirci. Wireless Sensor Networks: A Survey. Computer Networks, 38(4):393{422, [19] I. Woungang S. Misra and S.C. Misra, editors. Guide to Wireless Sensor Networks. Springer- Verlag/Heidelberg, 2009 [20] Y. Sun, Z. Han, and K.J.R Liu. Defense of Trust Management Vulnerabilities in Distributed Networks. Communications Magazine, IEEE, 46(2):112{119, February [21] Y. Rebahi, V. E. Mujica-V, and D. Sisalem. A Reputation-Based Trust Mechanism for Ad-hoc Networks. In 10th IEEE Symposium on Computers and Communications (ISCC 2005), [22] Riaz Ahmed Shaik, Hassan Jameel, Sungyoung Lee, Saeed Rajput, and Young Jae Song. Trust Management Problem in Distributed Wireless Sensor Networks. In 12th International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA'06), IEEE Computer Society, [23] T Ryutov and C Neuman. Trust-based Approach for Improving Data Reliability in Industrial Sensor Networks. In Marsh-S. (Boston: Springer) Etalle, S., editor, In IFIP International Federation for Information Processing, Trust Management, volume 238, pages 349{365, 2007.

11 [24] S. Tanachaiwiwat, P. Dave, R. Bhindwale, and A. Helmy. Location-centric Isolation of Misbehavior and Trust Routing in Energy-Constrained Sensor Networks. In IEEE COnference on Performance, Computing and Communications, pages 463{ 469, 2003 [25] Wei Zhang, SajalK. Das, and Yonghe Liu. A Trust Based Framework for Secure Data Aggregation in Wireless Sensor Networks. In In Proceedings of the IEEE SECON 2006, Reston, VA, September ABOUT AUTHORS Sakshi Srivastava was born in Meerut in Uttar Pradesh on May 19, She graduated from IIMT Engg College, Meerut affiliated to Uttar Pradesh Technical University, Lucknow, India. She is Pursuing M.Tech from Ideal Institute of Technology, Ghaziabad affiliated to Mahamaya Technical University, Noida, India Kushal Johari was born in Bareilly in Uttar Pradesh on August 19, He completed MCA from Dr. K. N. Modi Institute of Engg. & Technology, Modi Nagar affiliated to Uttar Pradesh Technical University, Lucknow, India. He is working as Astt. Professor in Invertis University, Bareilly, india.