Trust Management for Web Services
24
Citation
4
Reference
10
Related Paper
Citation Trend
Abstract:
In this paper, we propose a comprehensive trust management approach for Web services that covers the analysis/modelling of trust relationships and the development of trust management layer in a consistent manner. The specific characteristics of trust relationships in Web services are discussed. We introduce a separated trust management layer for Web services that can hold computing components for trust management tasks. A trust management architecture for Web services is proposed for building up the trust management layer. The proposed trust management architecture for Web services deals with trust requirements, trust evaluation, and trust consumption in Web services under a unified umbrella and it provides a solid foundation upon which may evolve the trust management layer for Web services.Keywords:
Services computing
Web of trust
WS-Policy
SUMMARY The service‐oriented distributed network requires more stable and persistent services, but the services from dishonest or unstable nodes would damage the correctness and availability of services. To efficiently obtain the services from high dependable nodes, many trust management systems have been developed. However, the previous trust models in distributed networks ignore a fact that the entity itself could provide trust information for services also. In this paper, we present a novel trust management model based on the subjective logic trust for service‐oriented distributed networks. The proposed algorithm involves passive trust of entity and combines the direct trust and recommendation trust. We also propose a novel scheme called passive trust feedback to avoid the deceit of malicious nodes and unstable nodes, and to encourage honest nodes. Our proposed model expands the trust range of service resource via passive trust of entity, which generates a flexible access path to the service resources. Simulations show that the proposed trust management model can significantly improve the feasibility of trust management as well as effectively detect malicious entities. Copyright © 2012 John Wiley & Sons, Ltd.
Trust anchor
Web of trust
Cite
Citations (3)
With emerging Internet-scale open content and resource sharing, social networks, and complex cyber-physical systems, trust issues become prominent. Despite their rigorous foundations, conventional network security theories and mechanisms are inadequate at addressing such loosely-defined security issues in decentralized open environments. In this dissertation, we propose a trust and reputation management system architecture and protocols (TrustNet), aimed to define and promote trust as a first-class system parameter on par with communication, computation, and storage performance metrics. To achieve such a breakthrough, we need a fundamentally new design paradigm to seamlessly integrate trust into system design. Our TrustNet initiative represents a bold effort to approach this ultimate goal.
TrustNet is built on the top of underlying P2P and mobile ad hoc network layer and provides trust services to higher level applications and middleware. Following the TrustNet architecture, we design, implement, and analyze trust rating, trust aggregation, and trust management strategies. Especially, we propose three trust dissemination protocols and algorithms to meet the urgent needs and explicitly define and formulate end-to-end trust. We formulate trust management problems and propose the H-Trust, VectorTrust, and cTrust scheme to handle trust establishment and aggregation issues. We model trust relations as a trust graph in distributed environment to enhance accuracy and efficiency of trust establishment among peers. Leveraging the distributed Bellman-Ford algorithm, stochastic Markov chain process and H-Index algorithm for fast and lightweight aggregation of trust scores, our scheme are decentralized and self-configurable trust aggregation schemes.
To evaluate TrustNet management strategies, we simulated our proposed protocols in both unstructured P2P network and mobile ad hoc network to analyze and simulate trust relationships. We use software generated data as well as real world datasets. Particularly, the student contact patterns on the NUS campus is used as our trust communication model. The simulation results demonstrate the features of trust relationship dissemination in real environments and the efficiency, accuracy, scalability and robustness of the TrustNet system.
Trust anchor
Web of trust
Reputation system
Cite
Citations (0)
Trust is essential in the e-business world: to allow the cooperation needed in this setting, independent service providers have to trust each other and, also, end-users have to trust service providers. Trust Management, i.e. the process of establishing trust amongst the parties involved in a transaction, can be carried out using different approaches, methods and technologies. The end-user is an important party involved in this process. Trust Perception models attempt to understand the end-user’s point of view and the pattern he adopts to trust a service over the Internet. In this chapter the authors provide a state of the art for Trust Management in e-business. They review the most important Trust Management technologies and concepts including credentials and PKI, reputation, authorization and access control, trust policies, and trust languages. A conceptual map is presented clarifying the meaning and the links between different elements of a Trust Management system. Moreover, the authors discuss the end-user’s Trust Perception. The chapter presents a literature study on Trust Perception models and introduces the new model, able to list the trust signals the end-user considers to make trust decision. Examples of such signals can be the reputation of a website, the use of security protocols, the privacy policies adopted, and the look and feel of its user interface. Finally, the directions of future work are presented, and conclusions are drawn.
Trust anchor
Web of trust
Express trust
Cite
Citations (2)
Web of trust
Trust anchor
Reputation system
Cite
Citations (0)
Trust is essential in the e-business world: to allow the cooperation needed in this setting, independent service providers have to trust each other and, also, end-users have to trust service providers. Trust Management, i.e. the process of establishing trust amongst the parties involved in a transaction, can be carried out using different approaches, methods and technologies. The end-user is an important party involved in this process. Trust Perception models attempt to understand the end-user’s point of view and the pattern he adopts to trust a service over the Internet. In this chapter the authors provide a state of the art for Trust Management in e-business. They review the most important Trust Management technologies and concepts including credentials and PKI, reputation, authorization and access control, trust policies, and trust languages. A conceptual map is presented clarifying the meaning and the links between different elements of a Trust Management system. Moreover, the authors discuss the end-user’s Trust Perception. The chapter presents a literature study on Trust Perception models and introduces the new model, able to list the trust signals the end-user considers to make trust decision. Examples of such signals can be the reputation of a website, the use of security protocols, the privacy policies adopted, and the look and feel of its user interface. Finally, the directions of future work are presented, and conclusions are drawn.
Trust anchor
Web of trust
Express trust
Cite
Citations (0)
Due to the widespread trust threat under the open and dynamic Internet environment, the computer community has endeavored to engage in the studies of technologies for protecting and evaluating trustworthiness. This paper firstly defines trust from three aspects: trust relationship, trust property and trust entity, and build a uniform view for multiple trust properties. Secondly, according to abstract the common characteristics over varied trust properties, a model of trust management is elaborated, in which the trust entities, measurement model and trust policy are described. Thirdly, the trust management is implemented as a kind of public service on a J2EE-compliant middleware platform, i.e., the PKUAS.
Trustworthiness
Web of trust
Trust anchor
Cite
Citations (5)
The growing interconnectedness of computer systems has led to the need for a flexible approach to trust management. Many countries operate trust schemes to enable the automated assessment of the trustworthiness of information. But this assessment remains a challenge if the information was issued in a foreign trust scheme. An issue is the lack of a root of trust shared between the trust schemes. Other challenges are the heterogeneity of trust models used by entities operating in different legal and cultural environments.
Trust anchor
Trustworthiness
Web of trust
Express trust
Subjective logic
Cite
Citations (1)
Web of trust
Trust anchor
Cite
Citations (40)
Internet of Things (IoT) is proposed and used in diverse application domains. In IoT, nodes commonly have a low capacity to maintain security on their own expenses, which increases the vulnerability for several attacks. Many approaches have been proposed that are based on privacy and trust management to reduce these vulnerabilities. Existing approaches neglect the aspects of cross-domain node communications and the significance of cross-domain trust management. In this paper, we propose a Holistic Cross-domain trust management model (HoliTrust) that is based on multilevel central authorities. To provide multilevel security, the HoliTrust divides domains into communities on the basis of similarities and interests. Every community has its dedicated server to calculate and manage the degree of trust. In addition, these domains also have their dedicated servers to manage their specific domains, to communicate with the trust server, and to sustain trust among other domain servers. The trust sever is introduced in the HoliTrust that controls the domains, calculates the domain trust, manages the trust values, and distributes standard trust certificates to domains based on a degree of trust. Trust computation is performed on the basis of direct and indirect trust parameters. Furthermore, if a trustor communicates through the community, then the community server includes community trust of the trustee during the trust evaluation. If the communication of the trustor is across the domain, then the community server includes the domain trust along with the community trust of the trustee comprising direct and indirect observations. The overall trust evaluation of communities and domains is time-driven and the responsible authority computes trust after a specific interval of time. We have also compared the HoliTrust with the existing trust mechanisms by focusing on several holistic trust objectives, such as trust relation and decision, data perception trust, and privacy preservation.
Trust anchor
Web of trust
Vulnerability
Cite
Citations (66)
Social trust
Web of trust
Reputation management
Trust anchor
Cite
Citations (118)