Trust realisation in multi-domain collaborative environments

In the Internet-age, the geographical boundaries that have previously impinged upon inter-organisational collaborations have become decreasingly important. Of more importance for such collaborations is the notion and subsequent nature of trust - this is especially so in Grid-like environments where resources are both made available and subsequently accessed and used by remote users from a multitude of institutions with a variety of different privileges spanning across the collaborating resources. In this context, the ability to dynamically negotiate and subsequently enforce security policies driven by various levels of inter-organisational trust is essential. In this paper we present a dynamic trust negotiation (DTN) model and associated prototype implementation showing the benefits and limitations DTN incurs in supporting n-tier delegation hops needed for trust realisation in multi-domain collaborative environments

Obligations of trust for privacy and confidentiality in distributed transactions

Purpose – This paper aims to describe a bilateral symmetric approach to authorization, privacy protection and obligation enforcement in distributed transactions. The authors introduce the concept of the obligation of trust (OoT) protocol as a privacy assurance and authorization mechanism that is built upon the XACML standard. The OoT allows two communicating parties to dynamically exchange their privacy and authorization requirements and capabilities, which the authors term a notification of obligation (NoB), as well as their commitments to fulfilling each other's requirements, which the authors term signed acceptance of obligations (SAO). The authors seek to describe some applicability of these concepts and to show how they can be integrated into distributed authorization systems for stricter privacy and confidentiality control. Design/methodology/approach – Existing access control and privacy protection systems are typically unilateral and provider-centric, in that the enterprise service provider assigns the access rights, makes the access control decisions, and determines the privacy policy. There is no negotiation between the client and the service provider about which access control or privacy policy to use. The authors adopt a symmetric, more user-centric approach to privacy protection and authorization, which treats the client and service provider as peers, in which both can stipulate their requirements and capabilities, and hence negotiate terms which are equally acceptable to both parties. Findings – The authors demonstrate how the obligation of trust protocol can be used in a number of different scenarios to improve upon the mechanisms that are currently available today. Practical implications – This approach will serve to increase trust in distributed transactions since each communicating party receives a difficult to repudiate digitally signed acceptance of obligations, in a standard language (XACML), which can be automatically enforced by their respective computing machinery. Originality/value – The paper adds to current research in trust negotiation, privacy protection and authorization by combining all three together into one set of standardized protocols. Furthermore, by providing hard to repudiate signed acceptance of obligations messages, this strengthens the legal case of the injured party should a dispute arise

HiTrust: building cross-organizational trust relationship based on a hybrid negotiation tree

Small-world phenomena have been observed in existing peer-to-peer (P2P) networks which has proved useful in the design of P2P file-sharing systems. Most studies of constructing small world behaviours on P2P are based on the concept of clustering peer nodes into groups, communities, or clusters. However, managing additional multilayer topology increases maintenance overhead, especially in highly dynamic environments. In this paper, we present Social-like P2P systems (Social-P2Ps) for object discovery by self-managing P2P topology with human tactics in social networks. In Social-P2Ps, queries are routed intelligently even with limited cached knowledge and node connections. Unlike community-based P2P file-sharing systems, we do not intend to create and maintain peer groups or communities consciously. In contrast, each node connects to other peer nodes with the same interests spontaneously by the result of daily searches

An agent-based framework for selection of partners in dynamic virtual enterprises

Advances in computer networking technology and open system standards have made practically feasible to create and manage virtual enterprises. A virtual enterprise, VE, is usually defined as a temporary alliance of enterprises that come together to share their skills, core competencies, and resources in order to better respond to business opportunities, and whose cooperation is supported by computer networks. The materialization of this paradigm, although enabled by recent advances in communication technologies, computer networks and logistics, requires an appropriate architectural framework and support tools. In this paper we propose an agent-based model of a dynamic VE to support the different selection processes that are used in selecting the partners for a dynamic VE, where the partners of a VE are represented by agents. Such a framework will form the basis for tools that provide automated support for creation, and operation, of dynamic virtual enterprises

The Semantic Grid: A future e-Science infrastructure

e-Science offers a promising vision of how computer and communication technology can support and enhance the scientific process. It does this by enabling scientists to generate, analyse, share and discuss their insights, experiments and results in an effective manner. The underlying computer infrastructure that provides these facilities is commonly referred to as the Grid. At this time, there are a number of grid applications being developed and there is a whole raft of computer technologies that provide fragments of the necessary functionality. However there is currently a major gap between these endeavours and the vision of e-Science in which there is a high degree of easy-to-use and seamless automation and in which there are flexible collaborations and computations on a global scale. To bridge this practice–aspiration divide, this paper presents a research agenda whose aim is to move from the current state of the art in e-Science infrastructure, to the future infrastructure that is needed to support the full richness of the e-Science vision. Here the future e-Science research infrastructure is termed the Semantic Grid (Semantic Grid to Grid is meant to connote a similar relationship to the one that exists between the Semantic Web and the Web). In particular, we present a conceptual architecture for the Semantic Grid. This architecture adopts a service-oriented perspective in which distinct stakeholders in the scientific process, represented as software agents, provide services to one another, under various service level agreements, in various forms of marketplace. We then focus predominantly on the issues concerned with the way that knowledge is acquired and used in such environments since we believe this is the key differentiator between current grid endeavours and those envisioned for the Semantic Grid

An Evolutionary Learning Approach for Adaptive Negotiation Agents

Developing effective and efficient negotiation mechanisms for real-world applications such as e-Business is challenging since negotiations in such a context are characterised by combinatorially complex negotiation spaces, tough deadlines, very limited information about the opponents, and volatile negotiator preferences. Accordingly, practical negotiation systems should be empowered by effective learning mechanisms to acquire dynamic domain knowledge from the possibly changing negotiation contexts. This paper illustrates our adaptive negotiation agents which are underpinned by robust evolutionary learning mechanisms to deal with complex and dynamic negotiation contexts. Our experimental results show that GA-based adaptive negotiation agents outperform a theoretically optimal negotiation mechanism which guarantees Pareto optimal. Our research work opens the door to the development of practical negotiation systems for real-world applications

Privacy, security, and trust issues in smart environments

Recent advances in networking, handheld computing and sensor technologies have driven forward research towards the realisation of Mark Weiser's dream of calm and ubiquitous computing (variously called pervasive computing, ambient computing, active spaces, the disappearing computer or context-aware computing). In turn, this has led to the emergence of smart environments as one significant facet of research in this domain. A smart environment, or space, is a region of the real world that is extensively equipped with sensors, actuators and computing components [1]. In effect the smart space becomes a part of a larger information system: with all actions within the space potentially affecting the underlying computer applications, which may themselves affect the space through the actuators. Such smart environments have tremendous potential within many application areas to improve the utility of a space. Consider the potential offered by a smart environment that prolongs the time an elderly or infirm person can live an independent life or the potential offered by a smart environment that supports vicarious learning