HoliTrust-A Holistic Cross-Domain Trust Management Mechanism for Service-Centric Internet of Things

Internet of Things (IoT) is proposed and used in diverse application domains. In IoT, nodes commonly have a low capacity to maintain security on their own expenses, which increases the vulnerability for several attacks. Many approaches have been proposed that are based on privacy and trust management to reduce these vulnerabilities. Existing approaches neglect the aspects of cross-domain node communications and the significance of cross-domain trust management. In this paper, we propose a Holistic Cross-domain trust management model (HoliTrust) that is based on multilevel central authorities. To provide multilevel security, the HoliTrust divides domains into communities on the basis of similarities and interests. Every community has its dedicated server to calculate and manage the degree of trust. In addition, these domains also have their dedicated servers to manage their specific domains, to communicate with the trust server, and to sustain trust among other domain servers. The trust sever is introduced in the HoliTrust that controls the domains, calculates the domain trust, manages the trust values, and distributes standard trust certificates to domains based on a degree of trust. Trust computation is performed on the basis of direct and indirect trust parameters. Furthermore, if a trustor communicates through the community, then the community server includes community trust of the trustee during the trust evaluation. If the communication of the trustor is across the domain, then the community server includes the domain trust along with the community trust of the trustee comprising direct and indirect observations. The overall trust evaluation of communities and domains is time-driven and the responsible authority computes trust after a specific interval of time. We have also compared the HoliTrust with the existing trust mechanisms by focusing on several holistic trust objectives, such as trust relation and decision, data perception trust, and privacy preservation.