A Conceptual Framework for Adaptive and Configurable Activity-Aware Trust in Collaborative Environments

Abstract

Trust is an abstraction of individual beliefs that an entity has for specific situations and interactions and it must evolve in a consistent manner so that it still abstracts the entity’s beliefs accurately. This paper presents and discusses a conceptual trust framework that models an entity’s trust as a relation whose state gets updated as relevant conditions that affect trust change. The proposed model allows entities to reason about the specification and adaptation of trust that is placed in an entity. An intuitive and practical approach is presented to manage end-to-end trust assessment for a particular activity, where multiple trust relationships are examined in a bottom-up evaluation manner to derive the overall trust for the activity. Finally, Hestia, a novel trust management system that conforms to the formal model’s principles, is described. DOI: 10.4018/jdtis.2010010102 26 International Journal of Dependable and Trustworthy Information Systems, 1(1), 25-44, January-March 2010 Copyright © 2010, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited. inherent due to their open nature could greatly benefit from using trust as an integral part of decision-making. For example, a Grid user could choose the trustworthiest site from a pool of available sites to submit a job. A Grid user could specify its trust requirements in a parameterized job description and these requirements will be taken into consideration during job-site matching. Sites, offering computational resources, could be rated based on their reputation among Grid users. This paper discusses a conceptual trust model that captures an entity’s trust as a relation whose state gets updated as relevant conditions that affect trust change. The model allows entities to reason about the specification and adaptation of trust that is placed in an entity and the trust assessment of data that comes through nontrivial chains of processing, spanning multiple entities residing in different administrative domains. The paper also presents the model’s adaptation by a trust management system. To be more specific the discussion evolves around the following topics: • A trust model that allows the establishment and management of trust relationships that correspond to a particular interaction, including a notation for specifying trust relationships that are tied not only to a narrow context but to a broader activity and an intuitive and practical approach that manages end-to-end trust assessment for a particular activity, where multiple trust relationships are systematically synthesized in a bottom-up evaluation manner • A trust management system that implements the trust model’s basic principles. The remainder of the paper is organized as follows. The first section motivates the need for trust expressiveness in collaborative applications and discusses related work on trust modeling and trust management. The next section presents the concept of trust among collaborators for a specific activity and a set of requirements to manage these trust relationships. A conceptual trust model that addresses those requirements, with an emphasis on the trust ontology involved in deriving end-to-end trust assessments, is also discussed. The trust model principles’ integration in a trust management system is then demonstrated. 2. TrusT IssuEs And ChAllEngEs In CollAborATIvE EnvIronmEnTs In this section, existing research efforts on general trust management are briefly discussed. The discussion is complemented with a presentation on trust in the Grid infrastructure that serves as the exemplary collaborative setting. 2.1 Trust management In recent years, researchers have investigated various definitions of trust, modeling trust and its management (Vacca, 2004; Herzberg et al., 2000; TCG, 2004; Blaze et al., 1996; Chu et al., 1997; Blaze et al., 1998; Yan & Holtmanns, 2007; Grandison, 2007). Perhaps, one of the most popular and widely known trust models is the Pretty Good Privacy (PGP) trust model that focuses solely on authentication (Zimmermann, 1995). PGP creates an informal web of trust that is used for authentication purposes. The intention was to be a cryptographic tool for the masses, which bypasses the traditional hierarchical trust architecture by adopting the web of trust approach. There is a plethora of other trust models that describe more general trust factors. For example, the Marsh logicbased framework (Marsh, 1994) uses formal representation to capture the semantics of the social paradigms of trust. Josang’s subjective logic (Josang, 1997; Josang et al., 2006) is another formal model that uses beliefs as the basis for trust. Agent-based models, such as Rahman and Hailes distributed trust model (Abdul-Rahman & Hailes, 2000) have recommendations as their central trust factor. Contemporary trust management solutions also exist. PolicyMaker (Blaze et al., 1996), a trust management system developed at AT&T 18 more pages are available in the full version of this document, which may be purchased using the "Add to Cart" button on the product's webpage: www.igi-global.com/article/conceptual-framework-adaptiveconfigurable-activity/43580?camid=4v1 This title is available in InfoSci-Journals, InfoSci-Journal Disciplines Computer Science, Security, and Information Technology. Recommend this product to your librarian: www.igi-global.com/e-resources/libraryrecommendation/?id=2