A survey of trust in computer science and the Semantic Web

https://doi.org/10.1016/j.websem.2007.03.002Get rights and content

Abstract

Trust is an integral component in many kinds of human interaction, allowing people to act under uncertainty and with the risk of negative consequences. For example, exchanging money for a service, giving access to your property, and choosing between conflicting sources of information all may utilize some form of trust. In computer science, trust is a widely used term whose definition differs among researchers and application areas. Trust is an essential component of the vision for the Semantic Web, where both new problems and new applications of trust are being studied. This paper gives an overview of existing trust research in computer science and the Semantic Web.

Introduction

Trust is a central component of the Semantic Web vision [1], [2], [3]. The Semantic Web stack [3], [4] has included all along a trust layer to assimilate the ontology, rules, logic, and proof layers. Trust often refers to mechanisms to verify that the source of information is really who the source claims to be. Signatures and encryption mechanisms should allow any consumer of information to check the sources of that information. In addition, proofs should provide a tractable way to verify that a claim is valid. In this sense, any information provider should be able to supply upon request a proof that can be easily checked that certifies the origins of the information, rather than expect consumers to have to generate those proofs themselves through a computationally expensive process. The web motto “Anyone can say anything about anything” makes the web a unique source of information, but we need to be able to understand where we are placing our trust.

Trust has another important role in the Semantic Web, as agents and automated reasoners need to make trust judgements when alternative sources of information are available. Computers will have the challenge to make judgements in light of the varying quality and truth that these diverse “open” (unedited, uncensored) sources offer. Today, web users make judgments routinely about which sources to rely on since there are often numerous sources relevant to a given query, ranging from institutional to personal, from government to private citizen, from objective report to editorial opinion, etc. These trust judgements are made by humans based on their prior knowledge about a source's perceived reputation, or past personal experience about its quality relative to other alternative sources they may consider. Humans also bring to bear vast amounts of knowledge about the world they live in and the humans that populate the web with information about it. In more formal settings, such as e-commerce and e-science, similar judgments are also made with respect to publicly available data and services. All of these important trust judgments are currently in the hands of humans. This will not be possible in the Semantic Web, where humans will not be the only consumers of information. Agents will need to automatically make trust judgments to choose a service or information source while performing a task. Reasoners will need to judge which of the many information sources available, at times contradicting one another, are more adequate for answering a question. In a Semantic Web where content will be reflected in ontologies and axioms, how will a computer decide what sources to trust when they offer contradictory information? What mechanisms will enable agents and reasoners to make trust judgments in the Semantic Web?

Trust is not a new research topic in computer science, spanning areas as diverse as security and access control in computer networks, reliability in distributed systems, game theory and agent systems, and policies for decision making under uncertainty. The concept of trust in these different communities varies in how it is represented, computed, and used. While trust in the Semantic Web presents unique challenges, prior work in these areas is relevant and should be the basis for future research.

This paper provides an overview of trust research in computer science relevant to the Semantic Web. We focus on relating how different areas define and use trust in a variety of contexts. The paper begins with a general discussion and definitions of trust from the literature. It describes reputation and policies as two broad categories of research to model trust. It then discusses a third category of trust research in designing general computational models of trust. The fourth and final category of research surveyed is trust in information sources. Along the way, we discuss the relevance of the work presented to ongoing and future Semantic Web research.

Section snippets

Modeling and reasoning about trust

Many have recognized the value of modeling and reasoning about trust computationally. A wide of variety of literature now exists on trust, ranging from specific applications to general models. However, as many authors in the field have noted, the meaning of trust as used by each researcher differs across the span of existing work. In order to give the reader a reference point for understanding trust, we offer three general definitions from existing research. The first definition, from Mui et

Policy-based trust

This section summarizes work using policies to establish trust. Policies allow the expression of when, for what, and even how to determine trust in an entity.

Reputation-based trust

Reputation-based trust uses personal experience or the experiences of others, possibly combined, to make a trust decision about an entity. This section explores work in reputation-based trust, a well-defined area of trust research in computer science.

General models of trust

This section summarizes work that presents a broader view on models of trust and the properties of trust. Work in multiple, differing fields is presented, as it is relevant to and frequently cited by computer scientists.

Trust in information resources

This section summarizes relevant work in web and document retrieval, information filtering, representing the sources of information as its provenance trail, and other factors in trusting content of information resources.

Discussion

Trust has been studied in social sciences, business and management, and psychology, before it became central to computer science research. Considering the research we have reviewed, there are several dimensions to describe trust:

  • (1)

    Target. The entity, which is being evaluated or given trust varies with the perspective of the problem. Users are the target of trust in access control systems. Networks are trusted by agents or users when using communication channels. When seeking a reliable service,

Conclusions

Trust research in the Semantic Web poses new challenges that can be better met by building on the diverse but significant body of work in modeling trust in computer science. In this paper, we have identified four broad categories of existing work in trust and given a brief overview of literature in each category. We have discussed the relevance of each of these areas to important aspects of ongoing and future Semantic Web research.

Acknowledgements

We would like to thank the anonymous reviewers for their valuable comments and feedback on this work. We gratefully acknowledge support from the US Air Force Office of Scientific Research (AFOSR) with grant number FA9550-06-1-0031.

References (114)

  • S. Brin et al.

    The anatomy of a large-scale hypertextual Web search engine

    Comput. Networks ISDN Syst.

    (1998)
  • V. Buskens

    The social structure of trust

    Social Networks

    (1998)
  • T. Berners-Lee

    Weaving the Web

    (1999)
  • T. Berners-Lee et al.

    The semantic web

    Sci. Am.

    (2001)
  • T. Berners-Lee et al.

    A framework for web science

    Found. Trends Web Sci.

    (2006)
  • T. Berners-Lee, Semantic web on XML, Presentation at XML, 2000, available from...
  • L. Mui et al.

    A computational model of trust and reputation

  • T. Grandison et al.

    A survey of trust in internet applications

    IEEE Commun. Surv. Tutorials

    (2000)
  • D. Olmedilla et al.

    Security and trust issues in semantic grids

  • P. Bonatti et al.

    An integration of reputation-based and policy-based trust management

  • J. Kohl, B.C. Neuman, The Kerberos network authentication service, IETF RFC 1510,...
  • T. Yu et al.

    Interoperable strategies in automated trust negotiation

  • T. Yu et al.

    Policy migration for sensitive credentials in trust negotiation

  • W.H. Winsborough et al.

    Automated trust negotiation

  • M. Winslett et al.

    Negotiating trust on the web

    IEEE Internet Comput.

    (2002)
  • N. Li et al.

    Distributed credential chain discovery in trust management

    J. Comput. Secur.

    (2003)
  • W. Nejdl et al.

    Peertrust: automated trust negotiation for peers on the semantic web

  • P. Bonatti et al.

    Driving and monitoring provisional trust negotiation with metapolicies

  • F.L. Gandon et al.

    Semantic web technologies to reconcile privacy and context awareness

  • J.-M. Seigneur et al.

    Trust enhanced ubiquitous payment without too much privacy loss

  • G. Tonti et al.

    Semantic web languages for policy representation and reasoning: a comparison of kaos, rei, and ponder

  • A. Uszok, J. Bradshaw, R. Jeffers, N. Suri, P. Hayes, M. Breedy, L. Bunch, M. Johnson, S. Kulkarni, J. Lott, Kaos...
  • L. Kagal et al.

    A policy-based approach to security for the semantic web

  • M. Nielsen et al.

    Towards a formal notion of trust

  • M. Carbone et al.

    A formal model for trust in dynamic networks

  • EHR Policy, Electronic health records policy, 2001,...
  • M.Y. Becker et al.

    Cassandra: distributed access control policies with tunable expressiveness

  • XACML, 2005,...
  • SAML, 2005,...
  • WS-Trust, 2005,...
  • T. Leithead et al.

    How to exploit ontologies for trust negotiation

  • D. Olmedilla

    Security and privacy on the semantic web

  • M. Blaze et al.

    Decentralized trust management

  • M. Blaze et al.

    The role of trust management in distributed system security

    Lect. Notes Comput. Sci.

    (1999)
  • Y.-H. Chu et al.

    Referee: trust management for web applications

    World Wide Web J.

    (1997)
  • L. Kagal et al.

    Developing secure agent systems using delegation based trust management

  • S. Ruohomaa et al.

    Trust management survey

  • J. Zheng et al.

    Trust without touch: jumpstarting long-distance trust with initial social activities

  • A. Abdul-Rahman et al.

    A distributed trust model

  • A. Abdul-Rahman et al.

    Using recommendations for managing trust in distributed systems

  • B. Yu et al.

    A social mechanism of reputation management in electronic communities

  • B. Yu et al.

    An evidential model of distributed reputation management

  • B. Yu et al.

    Detecting deception in reputation management

  • J. Sabater et al.

    Reputation and social network analysis in multi-agent systems

  • T. Beth et al.

    Valuation of trust in open networks

  • S. Xiao et al.

    The formation of trust and distrust in recommendation agents in repeated interactions: a process-tracing analysis

  • J. O’Donovan et al.

    Trust in recommender systems

  • S.D. Kamvar et al.

    The eigentrust algorithm for reputation management in P2P networks

  • F. Cornelli et al.

    Choosing reputable servents in a P2P network

  • K. Aberer et al.

    Managing trust in a peer-2-peer information system

  • Cited by (552)

    • Vistrust: A Multidimensional Framework and Empirical Study of Trust in Data Visualizations

      2024, IEEE Transactions on Visualization and Computer Graphics
    • Trust management in online computing environment: a complete review

      2024, Journal of Ambient Intelligence and Humanized Computing
    View all citing articles on Scopus
    View full text