Due to the large scale of the typical deployments and the involvement of moving objects to the Internet of Things, participating nodes opportunistically establish data exchanging connections, spanning across multiple organizations and security domains. This opportunistic behavior causes the impossibility of defining valid security policies to rule node authorization, and the ineffectiveness of traditional static access control models based on roles or attributes. Trust management is a promising solution to complement these conventional rules and models by realizing a more dynamic security approach and regulating connection request acceptance or rejection based on monitored behaviors. As a centralized authority cannot be established within multi-tenant and large scale infrastructures, decentralized approaches have recently emerged, supported by the blockchain technology, and applied to the case of useful Internet of Things implementations. However, they are vulnerable to possible attacks aiming at discrediting honest nodes (by lowering their trust degree) and/or redeem malicious nodes (by increasing their trust degree). The widely-accepted protection consists of securing the communications by using SSL/TLS, and restricting the nodes allowed to update the trust degree. However, they are known to be ineffective against compromised nodes that, despite holding legitimate security claims and cryptographic material, they deviate from the correct behavior by sending false and mendacious scores.

This work proposes to exploit on game theory to realize robust decentralized trust management able to tolerate malicious nodes sending mendacious scores. Explicitly, a signaling node has been formalized to model the interactions between the IoT and the edge nodes by refusing potentially untrue scores. Moreover, the evolutionary Dempster-Shafer theory is used to combine the collected scores to update nodes’ trust degrees, by excluding diverging scores far from the majority. Such solutions have been implemented within the context of a blockchain-supported trust management solution for IoT, and an empirical assessment is provided to show the quality of the proposed approach.

由于典型部署的规模庞大，并且涉及将对象移动到物联网，因此参与节点适时地建立了跨多个组织和安全域的数据交换连接。这种机会主义行为导致不可能定义有效的安全策略来统治节点授权，并且使基于角色或属性的传统静态访问控制模型无效。信任管理是一种有前途的解决方案，可以通过实现更动态的安全性方法并根据监视的行为来调整连接请求的接受或拒绝，来补充这些常规规则和模型。由于无法在多租户和大型基础架构中建立集中管理机构，因此最近出现了分散化的方法，由区块链技术支持，并应用于有用的物联网实现的情况。但是，它们很容易受到可能的攻击，这些攻击旨在抹黑诚实的节点（通过降低其信任度）和/或赎回恶意的节点（通过提高其信任度）。广泛接受的保护包括使用SSL / TLS保护通信安全，并限制允许更新信任度的节点。但是，众所周知，它们对受感染的节点无效，尽管这些节点拥有合法的安全声明和加密材料，但它们通过发送虚假和恶意的分数而偏离了正确的行为。它们很容易受到可能的攻击，这些攻击旨在抹黑诚实节点（降低信任度）和/或赎回恶意节点（增加信任度）。广泛接受的保护包括使用SSL / TLS保护通信安全，并限制允许更新信任度的节点。但是，众所周知，它们对受到威胁的节点无效，尽管这些节点拥有合法的安全声明和加密材料，但它们却通过发送虚假和恶意的分数而偏离了正确的行为。它们很容易受到可能的攻击，这些攻击旨在抹黑诚实的节点（通过降低其信任度）和/或赎回恶意的节点（通过提高其信任度）。广泛接受的保护包括使用SSL / TLS保护通信，并限制允许更新信任度的节点。但是，众所周知，它们对受到威胁的节点无效，尽管这些节点拥有合法的安全声明和加密材料，但它们却通过发送虚假和恶意的分数而偏离了正确的行为。

这项工作建议利用博弈论来实现鲁棒的分散式信任管理，该管理能够容忍发送虚假分数的恶意节点。明确地说，已经通过拒绝潜在的不真实分数将信令节点形式化，以对IoT和边缘节点之间的交互进行建模。此外，通过使用进化的Dempster-Shafer理论将收集的分数组合起来，以通过排除远离多数的分数来更新节点的信任度。此类解决方案已在支持物联网的区块链支持的信任管理解决方案的背景下实施，并提供了经验评估以显示所提出方法的质量。