A Distributed Context-Aware Trust Management Architecture 1 Ricardo Neisse 2 , Maarten Wegdam and Marten van Sinderen Centre for Telematics and Information Technology, University of Twente, P.O. Box 217 7500 AE Enschede, The Netherlands {R.Neisse, M.Wegdam, M.J.vanSinderen}@utwente.nl Abstract. The realization of a pervasive context-aware service platform imposes new challenges for the security and privacy aspects of the system in relation to traditional service platforms. One important aspect is related with the management of trust relationships, which is especially hard in a pervasive environment because users are supposed to interact with entities unknown before hand in an ad-hoc and dynamic manner. Current trust management solutions do not adapt nor scale well in this dynamic service provisioning scenario because they require previously defined trust relationships in order to operate. The objective of this thesis is to design, prototype and validate a context-aware distributed trust management architecture in order to address: (a) the lack of integration between available trust solutions and security and privacy management languages, and (b) the dynamic characteristics of a context-aware service platform. Problem Statement One challenging problem in the realization of context-aware services [1] is the enforcement of the privacy of the users. This problem arises mainly due to the highly privacy sensitive nature of user context information, and the implicit gathering and combining of this information in a pervasive service provisioning environment. Obtained context information enables serious misuse like unauthorized user tracking, unauthorized sophisticated user profiling and subsequent identity theft. In this way it is important for users to know about the trustworthiness of the entities they are interacting with. Based on this trustworthiness, users can decide in the amount of context information they want to provide, for instance, providing less or anonymous context information to services they think may misuse the information. On the other hand, context-aware systems can also be considered an opportunity to enhance the available security techniques. These enhancements include less intrusive access control methods where user roles are assigned to context-situations instead of 1 This work is part of the Freeband AWARENESS project (http://awareness.freeband.nl). Freeband is sponsored by the Dutch government under contract BSIK 03025. 2 Second year Ph.D. student supported by CNPq scholarship – Brazil.