Trust Management in Collaborative Systems for Critical Infrastructure Protection

Due to the necessity of Critical Infrastructure (CI) Protection against different threats, several security policies must be applied among the organizations of CI. Based on our conducted study about the different constraints and requirements of the collaborative systems within CI, we reached a security solution: Tr-OrBAC. Its principle is to evaluate the trustworthiness of collaborating organizations based on relevant trust criteria aimed at enhancing collaboration decision-making. The taken decision presents the attribution of the access to the desired service based on calculated trust score which is the result of the combination of the trust criteria values. Generally, the desired services do not meet the same criticism, security requirements, sensitivity, etc. Also, the collaboration context varies from a set of collaborating organizations to another. In this sense, the importance of each trust criterion depends on the desired service and the collaboration context. In this paper, we focus on detailing the trust criteria used in our approach for collaborative system security. Then, we analyze the context variability with the trust evaluation process. In addition, we present a case study to demonstrate and illustrate the feasibility of our solution for CI protection, especially the electrical grid.