Guest editorial: Trusted computing and communications


With rapid development and increasing complexity of computer and communication systems and networks, traditional security technologies and measures cannot meet the demand for integrated and dynamic security solutions. Therefore, trusted computing and communications, as a significant challenging and innovative research field, is expected to resolve the security problems for traditional distributed services. During the past decades, a large amount of achievements have been published and applied extensively in various environments such as web documents, medical systems, telecommunications, and electronic commerce. The subject of trusted computing and communications has also attracted intensive research interests in academia, industry, military, and government.

Trusted computing and communications aims to ensure the availability, security, reliability, controllability, and dependability for the distributed systems and networks. The research issues range from the traditional security (i.e., the identity trust) to the broader field of trusted computing (i.e., behavior trust) of systems and networks. In fact, trusted computing and communications has become one of the essential components of various distributed services, applications, and systems, which include ad hoc networks; peer-to-peer networks, social networks, semantic webs, e-commence, e-government; and pervasive, ubiquitous, and cyber-physical systems.

The purpose of this special issue is to present a collection of high quality research papers that report the latest research achievements in wireless network security, trusted computing, data encryption, and key management. In this special issue, we selected 9 papers out of 29 total submissions, which demonstrate some novel works in this field. A detailed overview of the selected works is given below.

The first paper, Enhanced Correlation Power Analysis Attack against Trusted Systems, presented a Hamming distance (HD) power analysis model which emulates HD based on probability distribution of Hamming weight. The proposed model reveals that the probability distribution of HD is well correlated with that of Hamming weight under certain rules, and thus the statistical correlation power analysis (CPA) between power and HD can be well mapped to the correlation between power and Hamming weight. Power analysis experiments demonstrated that the proposed models can jointly achieve better feasibility and accuracy.

The second paper, Better Security Enforcement in Trusted Computing Enabled Heterogeneous Wireless Sensor Networks, proposed a heterogeneous architecture for wireless sensor networks (WSNs) by applying the high-end cluster heads equipped with trusted platform modules into clusters of the network. The proposed architecture, which enables the cluster heads to act as the online trusted parties with respect to security enforcement, can resolve the scalability problem inherent in the homogeneous WSNs and help to enforce the security in WSNs in a more effective manner.

The third paper, A New Biometric Identity Based Encryption Scheme Secure against DoS Attacks, described a novel biometric identity based encryption (IBE) scheme and showed that the proposed scheme is immune from the DoS attacks by applying signature on the public value of the user. The proposed scheme enables the sender to detect whether the public value of the receiver is modified by an active adversary. Therefore, the proposed scheme is secure against DoS attacks and has better efficiency in terms of the key generation and decryption compared with the existing fuzzy IBE schemes.

The fourth paper, Hybrid Pattern Matching for Trusted Intrusion Detection, presented a hybrid pattern matching engine: Field-programmable gate array (FPGA)-based and multicore-based pattern matching engine, which is optimized by the multithreading and novel clustered state coding techniques. The hybrid pattern matching engine can increase the reliability and trustworthiness of the intrusion detection system by working in parallel to improve detection accuracy and cross-examine to self-check integrity of the engine.

In the fifth paper, TPM-Based Protection for Mobile Agents, the authors analyzed the problems in the agent protection and host protection, and presented a hardware-based mechanism for protecting the agents. The novel solution uses a trusted platform module (TPM) based protocol to realize its security. This paper provides a proof of concept by means of the “secure migration library for agents” to validate the proposed approach and demonstrates that the migration process of mobile agents is protected in the real attacks.

In the sixth paper, A Fine-Grained Trust Model for P2P Networks, the authors presented a fine-grained trust computation model for P2P networks. The new model defines the service as a fine-grained quality-of-service (QoS) (N-dimensional vector) in order to ensure the accuracy of the recommendation in trusted computing. The authors first introduced several concepts to reflect the recommenders' current status, history behavior, and the gap between the two kinds of information, and then introduced the Gauss-bar function to measure the service preference similarity between peers, finally proposed a flexible and efficient model, which represents trust in a manner more close to human intuitions and effectively satisfies the diverse QoS requirements of peers in P2P networks.

The seventh paper, A Challenge-Based Trust Establishment Protocol for Peer-to-Peer Networks, proposed a concrete challenge-based trust protocol for P2P networks, which uses challenge-response operations in each trust evaluation phase and validates every contacted peer while recording their corresponding trust value. The proposed scheme utilizes random selection of challenges without revealing any additional information, so the malicious peers have little opportunity to tamper with the P2P system.

The eighth paper, Enhancing Identity Trust in Cryptographic Key Management Systems for Dynamic Environments, showed that both the key update and collusion avoidance problems are NP-complete, which needs to use the heuristic algorithms to prevent performance degradations encountered in the standard cryptographic key management system (CKM) schemes. Based on the analysis results, the authors presented a collusion detection and resolution algorithm. The time complexity of the algorithm is polynomial in the number of keys. The new algorithm operates by mapping the generated key set onto a key graph whose independent set is computed in polynomial time. The performance evaluation of the proposed algorithm indicates that the collusion prevention can be done dynamically without affecting the performance.

The ninth paper, Secure Reputation Monitoring System – A Novel Connected Dominating Set-Based Framework for WSNs, proposed a connected dominating set (CDS) based reputation monitoring system, which is the first to employ a CDS-based monitoring backbone to securely aggregate the reputation of sensors. The proposed system enhances effectively the mobility and robustness for the certificate-less nodes without subjecting them to energy depletion or reputation pollution attacks encountered in the existing reputation monitoring systems.

In conclusion, this special issue on trusted computing and communications gives insight into the recent research results in the broader security community. This special issue also provides certain guidelines for academic and industry advances, and these accomplishments are regarded as a basis toward future research directions, and vital commercial applications.

This special issue has obtained help and instructions from all participants, so we would like to express our great appreciation to Prof. Hsiao-Hwa Chen, the Editor-in-Chief of this journal, for his suggestions and encouragements all through the stages, and to all anonymous reviewers who spent their precious time in reviewing the papers, and offering good advice or recommendations, which greatly helped us to select the best papers into this special issue. We also thank all authors who submitted their papers to this special issue.

Finally, we hope you will find that the papers in this issue are useful.