Abstract: A hop-by-hop trust evaluation scheme (H-TEA) is disclosed that can be used to route a data packet between a set of network nodes in an identity anonymous wireless sensor network. The H-TEA scheme is a complete localized approach for each network node to determine a trustworthiness reputation of the data packet for routing without requiring a recommendation from another node or any historical information about the other node. In the H-TEA scheme, the trustworthiness reputation of the packet is evaluated based on one or more of four verification processes: a data quality verification process, a location verification process, a time verification process, and a travel direction verification process. The H-TEA scheme can be implemented to preform network data management and network data security in a wireless sensor network with a resource constraint and requires anonymity.

Abstract: A hop-by-hop trust evaluation scheme (H-TEA) is disclosed that can be used to route a data packet between a set of network nodes in an identity anonymous wireless sensor network. The H-TEA scheme is a complete localized approach for each network node to determine a trustworthiness reputation of the data packet for routing without requiring a recommendation from another node or any historical information about the other node. In the H-TEA scheme, the trustworthiness reputation of the packet is evaluated based on one or more of four verification processes: a data quality verification process, a location verification process, a time verification process, and a travel direction verification process. The H-TEA scheme can be implemented to preform network data management and network data security in a wireless sensor network with a resource constraint and requires anonymity.

Abstract: Consistency and/or completeness of access control policy sets may be validated and/or verified. An access control policy set may be received. The access control policy set may include access control policies that allow or disallow access to computing resources. Individual ones of the access control policies may include one or more attributes. The one or more attributes of a given access control policy may be ordered into a predetermined order responsive to the one or more attributes of the given access control policy lacking the predetermined order. A decision tree may be generated based on the access control policies. The decision tree may be analyzed to determine one or more of (1) whether one or more of the access control policies are incomplete, or (2) whether one or more of the access control policies are inconsistent with one or more other ones of the access control policies.

Abstract: Consistency and/or completeness of access control policy sets may be validated and/or verified. An access control policy set may be received. The access control policy set may include access control policies that allow or disallow access to computing resources. Individual ones of the access control policies may include one or more attributes. The one or more attributes of a given access control policy may be ordered into a predetermined order responsive to the one or more attributes of the given access control policy lacking the predetermined order. A decision tree may be generated based on the access control policies. The decision tree may be analyzed to determine one or more of (1) whether one or more of the access control policies are incomplete, or (2) whether one or more of the access control policies are inconsistent with one or more other ones of the access control policies.

Abstract: The present invention relates to Group-based trust management scheme (GTMS) of wireless sensor networks. GTMS evaluates the trust of a group of sensor nodes in contrast to traditional trust management schemes that always focused on trust values of individual nodes. This approach gives us the benefit of requiring less memory to store trust records at each sensor node in the network. It uses the clustering attributes of wireless sensor networks that drastically reduce the cost associated with trust evaluation of distant nodes. Uniquely it provides not only a mechanism to detect malicious or faulty nodes, but also provides some degree of a prevention mechanism.