Trust Management

This article considers some of the problems raised by data for law enforcement agencies investigating network-based crime. It examines recent legislative measures that have been adopted in the UK and other jurisdictions to address some of these problems of criminal procedure and the extent to which such measures achieve an appropriate balance between inevitably conflicting interests.

In this article we introduce KAoS, a policy and domain services framework based on W3C’s OWL ontology language. KAoS was developed in response to the challenges presented by emerging semantic application requirements for infrastructure, especially in the area of security and trust management. The KAoS architecture, ontologies, policy representation, management and disclosure mechanisms are described. KAoS enables the specification and enforcement of both authorization and obligation policies. The use of ontologies as a source of policy vocabulary enables its extensibility. KAoS has been adapted for use in several applications and deployment platforms. We briefly describe its integration with the Globus Grid Computing environment.

The World Wide Web is a Web of information. Information can be more or less qualified, more or less usable, more or less usable by automatic processors. Information of the most different kinds, that can be reused for a lot of purposes. So how do we treat this information, how do we give some order, and possibly help its intelligent reuse?

Reputation systems support trust formation in artificial societies by keeping track of the behavior of autonomous entities. In the absence of any commonly trusted entity, the reputation system has to be distributed to the autonomous entities themselves. They may cooperate by issuing recommendations of other entities’ trustworthiness. At the time being, distributed reputation systems rely on plausibility for assessing the truthfulness and consistency of such recommendations. In this paper, we point out the limitations of such plausibility considerations and present an alternative concept that is based on evidences. The concept combines the strengths of non-repudiability and distributed reputation systems. We analyze the issues that are related to the issuance and gathering of evidences. In this regard, we identify four patterns of how evidence-awareness overcomes the limitations of plausibility considerations.

Interactions between entities unknown to each other are inevitable in the ambient intelligence vision of service access anytime, anywhere. Trust management through a reputation mechanism to facilitate such interactions is recognized as a vital part of mobile ad hoc networks, which features lack of infrastructure, autonomy, mobility and resource scarcity of composing light-weight terminals. However, the design of a reputation mechanism is faced by challenges of how to enforce reputation information sharing and honest recommendation elicitation. In this paper, we present a reputation model, which incorporates two essential dimensions, time and context, along with mechanisms supporting reputation formation, evolution and propagation. By introducing the notion of recommendation reputation, our reputation mechanism shows effectiveness in distinguishing truth-telling and lying agents, obtaining true reputation of an agent, and ensuring reliability against attacks of defame and collusion.

In this paper, we introduce a framework for providing incentives for honest participation in global-scale distributed trust management infrastructures. Our system can improve the quality of information supplied by these systems by reducing free-riding and encouraging honesty. Our approach is twofold: (1) we provide rewards for participants that advertise their experiences to others, and (2) impose the credible threat of halting the rewards, for a substantial amount of time, for participants who consistently provide suspicious feedback. For this purpose we develop an honesty metric which can indicate the accuracy of feedback.

Both privacy and trust relate to knowledge about an entity. However, there is an inherent conflict between trust and privacy: the more knowledge a first entity knows about a second entity, the more accurate should be the trustworthiness assessment; the more knowledge is known about this second entity, the less privacy is left to this entity. This conflict needs to be addressed because both trust and privacy are essential elements for a smart working world. The solution should allow the benefit of adjunct trust when entities interact without too much privacy loss. We propose to achieve the right trade-off between trust and privacy by ensuring minimal trade of privacy for the required trust. We demonstrate how transactions made under different pseudonyms can be linked and careful disclosure of such links fulfils this right trade-off.

Previous studies have been suggestive of the fact that reputation ratings may be provided in a strategic manner for reasons of reciprocation and retaliation, and therefore may not properly reflect the trustworthiness of rated parties. It thus appears that supporting privacy of feedback providers could improve the quality of their ratings. We argue that supporting perfect privacy in decentralized reputation systems is impossible, but as an alternative present three probabilistic schemes that support partial privacy. On the basis of these schemes, we offer three protocols that allow ratings to be privately provided with high probability in decentralized additive reputation systems.

Trust management seems a promising approach for dealing with security concerns in collaborative applications in a global computing environment. However, the characteristics of this environment require a move from reliable identification to mechanisms for the recognition of entities. Furthermore, they require explicit reasoning about the risks of interactions, and a notion of uncertainty in the underlying trust model. From our experience of engineering collaborative applications in such an environment, we found that the relationship between trust and risk is a fundamental issue. In this paper, as an initial step towards an engineering approach for the development of trust based collaborative applications, we focus on the relationship between trust and risk, and explore alternative views of this relationship. We also exemplify how particular views can be exploited in two particular application scenarios. This paper builds upon our previous work in developing a general model for trust based collaborations.

Among the various human factors impinging upon making a decision in an uncertain environment, risk and trust are surely crucial ones. Several models for trust have been proposed in the literature but few explicitly take risk into account. This paper analyses the relationship between the two concepts by first looking at how a decision is made to enter into a transaction based on the risk information. We then draw a model of the invested fraction of the capital function of a decision surface. We finally define a model of trust composed of a reliability trust as the probability of transaction success and a decision trust derived from the decision surface.

The paper advocates asset-oriented risk analysis as a means to help defend user trust. The paper focuses on a net-bank scenario, and addresses the issue of analysing trust from the perspective of the bank. The proposed approach defines user trust as an asset and makes use of asset-oriented risk analysis to identify treats, vulnerabilities and unwanted incidents that may reduce user trust.

This paper presents the design of a new middleware which provides support for trust and accountability in distributed data sharing communities. One application is in the context of scientific collaborations. Multiple researchers share individually collected data, who in turn create new data sets by performing transformations on existing shared data sets. In data sharing communities building trust for the data obtained from others is crucial. However, the field of data provenance does not consider malicious or untrustworthy users. By adding accountability to the provenance of each data set, this middlware ensures data integrity insofar as any errors can be identified and corrected. The user is further protected from faulty data by a trust view created from past experiences and second-hand recommendations. A trust view is based on real world social interactions and reflects each user’s own experiences within the community. By identifying the providers of faulty data and removing them from a trust view, the integrity of all data is enhanced

The last years have seen a number of proposals to incorporate Security Engineering into mainstream Software Requirements Engineering. However, capturing trust and security requirements at an organizational level (as opposed to a design level) is still an open problem.This paper presents a formal framework for modeling and analyzing security and trust requirements. It extends the Tropos methodology, an agent-oriented software engineering methodology. The key intuition is that in modeling security and trust, we need to distinguish between the actors that manipulate resources, accomplish goals or execute tasks, and actors that own the resources or the goals. To analyze an organization and its information systems, we proceed in two steps. First, we built a trust model, determining the trust relationships among actors, and then we give a functional model, where we analyze the actual delegations against the trust model, checking whether an actor that offers a service is authorized to have it.

The formal framework allows for the automatic verification of security and trust requirements by using a suitable delegation logic that can be mechanized within Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.

Rapid technological advancements capitalising on the convergence of information (middleware) and communication (network) technologies now enable open application-to-application communication and bring about the prospect of ad hoc integration of systems across organisational boundaries to support collaborations that may last for a single transaction or evolve dynamically over a longer period. Architectures for managing networks of collaborating peers in such environments face new security and trust management challenges. In this paper we will introduce the basic elements of such an architecture emphasising trust establishment, secure collaboration, distributed monitoring and performance assessment issues.

In the literature, the validity of theories or models for trust is usually based on intuition and common sense. Theories and models are not often verified experimentally. The research reported here contributes results of experiments on the dynamics of trust over time depending on positive or negative experiences. In previous research a number of dynamic properties for such trust dynamics were identified, but not verified empirically. As a continuation of this work, now these properties have been verified in an experimental setting. The outcomes of the experiment (involving a substantial number of 238 subjects) are discussed and related to the previously formulated dynamic properties.

Recommender systems (RS) have been used for suggesting items (movies, books, songs, etc.) that users might like. RSs compute a user similarity between users and use it as a weight for the users’ ratings. However they have many weaknesses, such as sparseness, cold start and vulnerability to attacks. We assert that these weaknesses can be alleviated using a Trust-aware system that takes into account the “web of trust” provided by every user.

We show that any two users have usually few items rated in common. For this reason, the classic RS technique is often ineffective and is not able to compute a user similarity weight for many of the users. Instead exploiting the webs of trust, it is possible to propagate trust and infer an additional weight for other users. We show how this quantity can be computed against a larger number of users.

The e ³ -value modeling tool was developed for the design of a value proposition for virtual organizations. However, it is less suitable for designing the control structure of the virtual organization. We show how e ³ -value can be extended using legal concepts such as ownership, possession, usufruct and license. We also introduce value object transfer diagrams that show the transfers of value objects graphically and that can be used for elicitation of the required control mechanisms in order for the virtual organization to function properly and with a level of risk that is acceptable to all parties in the virtual organization.

Past evidence has shown that generic approaches to recommender systems based upon collaborative filtering tend to poorly scale. Moreover, their fitness for scenarios supposing distributed data storage and decentralized control, like the Semantic Web, becomes largely limited for various reasons. We believe that computational trust models bear several favorable properties for social filtering, opening new opportunities by either replacing or supplementing current techniques. However, in order to provide meaningful results for recommender system applications, we expect notions of trust to clearly reflect user similarity. In this work, we therefore provide empirical results obtained from one real, operational community and verify latter hypothesis for the domain of book recommendations.

The web is increasingly used as a platform and an enabler for the existence of virtual communities. However, there is evidence that the growth and adoption of these communities is being held back by many barriers- including that of trust development and management. This paper discusses the potential benefits and barriers to the introduction of trust development and management in virtual communities. Based on the analysis of the barriers and benefits of trust development and management, mechanisms for supporting its development and management is proposed and presented. Ideas for further research are presented and discussed. The paper is based on ongoing research and is part of a research bid towards the introduction of a trust development and management framework to support the creation of trusted virtual communities.

This paper advances a framework for analysing and managing community trust relations. The framework is based upon an analysis of the evidence for different forms of trust in community relations and of the experiential dimensions of community relations that promote trust levels. It features a community trust cycle, a trust compact and an experience management matrix which collectively support managers in addressing the relational dynamics of community trust relations. We show that this framework can be used to analyse relations that are mediated by ICT and that the framework supports the identification of opportunities to better promote ICT-mediated trust development and promulgation.

There is no consensus about the definition of the concept of trust. In this paper formal definitions of different kinds of trust are given in the framework of modal logic. This framework also allows to define a logic for deriving consequences from a set of assumptions about trust.Trust is defined as a mental attitude of an agent with respect to some property held by another agent. These properties are systematically analysed and we propose 6 epistemic properties, 4 deontic properties and 1 dynamic property.

In the second part of the paper more flexible notions of trust are introduced: qualitative graded trust, trust defined in terms of topics and conditional trust.

The aim of this paper is to provide a theory of the role trust plays in knowledge sharing processes, by exploiting a cognitive model of the goals and beliefs of an agent involved in the decision of passing and/or accepting knowledge, and a related model of the symmetrical or asymmetrical trust relationships within a group (Trust-Nets). This theory is based on the claim that trust is a fundamental mediator in knowledge sharing, so as most authors studying Knowledge Management assert. Anyway they do not analyse the relationship between trust and knowledge circulation theoretically, what is the objective of our work. Considering knowledge sharing as a decisional act founded on two different socio-cognitive actions: to pass knowledge and to accept knowledge, we build a cognitive model of agent’s mind when passing or accepting it, that is a list of his/her goals and beliefs in accordance with which s/he decides if sharing knowledge or not; several of them are trust ingredients. Thus, trust – as mental attitude (a specific set of beliefs and expectations) – comes into play in knowledge sharing process. However, in our analysis trust is not only a subjective disposition (towards others) but it is also an act (the act of trusting somebody) and a social (more or less stable) relationship. This is why we also analyse trust relations not in mental terms but in structural-relational terms, as a net of “channels” for knowledge circulation.

This paper proposes that accountability in electronic processes is enhanced by sharing certified event data between the participants. Enhancing transparency of processes allows those with the contextual information to understand the process and interactions to spot mistakes or fraud that others may miss. Enabling the sharing of this information makes accountability more interactive and allows for both a more intelligent and faster response to problems. This paper describes an evidence store that supports this level of interactivity thereby enabling interactive and intelligent accountability.

Security and trust are two properties of modern computing systems that are the focus of much recent interest. They play an increasingly significant role in the requirements for modern computing systems. Security has been studied thoroughly for many years, particularly the sub-domain of cryptography. The use of computing science formal methods has facilitated cryptanalysis of security protocols. At the moment, trust is intensively studied, but not well understood. Here we present our approach based on formal methods for modelling and validating the notion of trust in computing science.

In a technology-intensive world humans are facing new problems stemming from the introduction of machine-intensive communication. The natural human ability to asses, accumulate and evaluate trust in other humans through direct interpersonal communications is significantly impaired when humans interact with systems alone. The development of applications that rely on trust, like electronic commerce, can be significantly affected by this fact unless humans can be better advised on trust.

This paper proposes a simple trust model used by the Intimate Trust Advisor (ITA), the conceptual device, to evaluate the recommendation to trust in the immediate technical environment. The model of trust discussed in this paper explores relationship between trust and complexity.

Virtual Organizations (VO) continue to inspire marketing specialists, technologists and researchers. However, with automation of security and trust necessary, this adds to the complexity of the dynamically networked relationships. This paper identifies Trust Relationship Planning as an advanced feature missing from Trust Management in the context of VO’s. We define and motivate this claim, by aligning Trust Management with other relationship management systems, and derive core concepts for the planning component.

The GRASP project aims to provide an OGSA compliant infrastructure to allow Application Service Providers to exploit Grid concepts and infrastructure. Orchestration of grid service instances running “somewhere on the Grid” to deliver a service raises a number of trust, security and contract management challenges, especially in a business context. This paper describes the issues relating to SLA negotiation and management and to the trust and security of dynamically created, distributed virtual organizations, based on the experiences of developing the GRASP architecture and implementing an initial prototype infrastructure.

Automated services over open distributed systems have been advocated as the future for conducting business. However, in order for such services to be successfully deployed, confidence in the system and its participants needs to established. The use of trust policies and trust management has been proposed to raise the level of trust whilst still maintaining a practical level of automation. To define, deploy and enforce trust policies a level of common vocabulary and understanding between participants needs to be established. The Semantic Web initiative of the W3C has been developing common languages and tools to allow the exchange and processing of common vocabularies, in the form of a graph-based description format, and an ontology language. In this paper we discuss the steps required to establish a policy-based service architecture, discuss the role of the Semantic Web initiative in enabling the practical deployment of this architecture, and highlight the work required to enable this.