Trust Evaluation of a System for an Activity

International audienceWhen users need to perform a digital activity, they evaluate available systems according to their functionality, ease of use, QoS, and/or economical as- pects. Recently, trust has become another key factor for such evaluation. Two main issues arise in the trust management research community. First, how to de- fine the trust in an entity, knowing that this can be a person, a digital or a physical resource. Second, how to evaluate such value of trust in a system as a whole for a particular activity. Defining and evaluating trust in systems is an open problem because there is no consensus on the used approach. In this work we propose an approach applicable to any kind of system. The distinctive feature of our pro- posal is that, besides taking into account the trust in the different entities the user depends on to perform an activity, it takes into consideration the architecture of the system to determine its trust level. Our goal is to enable users to have a per- sonal comparison between different systems for the same application needs and to choose the one satisfying their expectations. This paper introduces our approach, which is based on probability theory, and presents ongoing results

Control Theoretical Modeling of Trust-Based Decision Making in Food-Energy-Water Management

We propose a hybrid Human-Machine decision making to manage Food-Energy-Water resources. In our system trust among human actors during decision making is measured and managed. Furthermore, such trust is used to pressure human actors to choose among the solutions generated by algorithms that satisfy the community’s preferred trade-offs among various objectives. We model the trust-based loops in decision making by using control theory. In this system, the feedback information is the trust pressure that actors receive from peers. Using control theory, we studied the dynamics of the trust of an actor. Then, we presented the modeling of the change of solution distances. In both scenarios, we also calculated the settling times and the stability using the transfer functions and their Z-transforms as the number of rounds to show whether and when the decision making is finalized

Trustworthy Acceptance: A New Metric for Trustworthy Artificial Intelligence Used in Decision Making in Food–Energy–Water Sectors

We propose, for the first time, a trustworthy acceptance metric and its measurement methodology to evaluate the trustworthiness of AI-based systems used in decision making in Food Energy Water (FEW) management. The proposed metric is a significant step forward in the standardization process of AI systems. It is essential to standardize the AI systems’ trustworthiness, but until now, the standardization efforts remain at the level of high-level principles. The measurement methodology of the proposed includes human experts in the loop, and it is based on our trust management system. Our metric captures and quantifies the system’s transparent evaluation by field experts on as many control points as desirable by the users. We illustrate the trustworthy acceptance metric and its measurement methodology using AI in decision-making scenarios of Food-Energy-Water sectors. However, the proposed metric and its methodology can be easily adapted to other fields of AI applications. We show that our metric successfully captures the aggregated acceptance of any number of experts, can be used to do multiple measurements on various points of the system, and provides confidence values for the measured acceptance

System Modeling and Trust Evaluation of Distributed Systems

International audienceNowadays, digital systems are connected through complex architectures. These systems involve persons, physical and digital resources such that we can consider that a system consists of elements from two worlds, the social world and the digital world, and their relations. Users perform activities like chatting, buying, sharing data, etc. Evaluating and choosing appropriate systems involve aspects like functionality, performance, QoS, ease of use, or price. Recently, trust appeared as another key factor for such an evaluation. In this context, we raise two issues, (i) how to formalize the entities that compose a system and their relations for a particular activity? and (ii) how to evaluate trust in a system for this activity? This work proposes answers to both questions. On the one hand, we propose SOCIOPATH, a metamodel based on first order logic, that allows to model a system considering entities of the social and digital worlds and their relations. On the other hand, we propose two approaches to evaluate trust in systems, namely, SOCIOTRUST and SUBJECTIVETRUST. The former is based on probability the- ory to evaluate users’ trust in systems for a given activity. The latter is based on subjective logic to take into account uncertainty in trust values

A Framework for University Admission in Saudi Arabia (UASA): Current and Potential Position

The motivation for this research is to improve the quality of university admission systems in Saudi Arabia under the rapid changes in information technology (IT), including decision support systems [DSS]. This is achieved by introducing elements of DSS and knowledge management techniques, rationalizing the decision-making process, and, consequently, attaining the optimum exploitation of the available resources to achieve agreed targets. This research aims to explain the role of DSS in improving the efficiency of university admission systems in Saudi Arabia. In addition, it is concerned with: a) describing the existing system for admission in Saudi universities; b) testing the existing system for admission to Saudi universities using a set of commonly agreed indicators for monitoring the admission of students enrolled in universities, with a view to improving the overall process of admission and consequently enhancing the existing educational national system in Saudi universities; and c) the development of a framework for designing a proposed admission system in the universities of Saudi Arabia. An empirical study was conducted based on a survey carried out with a sample of employees in the admissions departments in some selected Saudi Universities in order to evaluate the current admission systems. In addition, a survey carried out with a sample of students in some selected Saudi Universities in order to evaluate the proposed admission system. This research revealed that the current systems for admission in Saudi universities are flexible and easy to use and update, but not suitable because it is not comprehensive for admission in all universities and wastes time, effort and money. Therefore, it needs to be developed into one central system. For the purposes of the optimum exploitation of the available resources (such as: qualified people, modern equipment, money and so on) in Saudi universities it is necessary to improve the admission systems by applying DSS. Thus, applying the e-admission system will help to improve the current admission systems in Saudi universities to be one central admission system. In order to develop the effectiveness of the current systems for admission to Saudi universities it is necessary to apply DSS appropriately and this is dependent on modern IT. In addition, to improve the current University admission systems in Saudi Arabia it is necessary to make its database more comprehensive of all Saudi universities, more integrated with other related databases, and more relevant to all Saudi universities. Furthermore, to meet the necessary requirements to implement this requires an advanced database, a relevant feedback system, qualified people and a good models base. The researcher has proposed a framework for the admission system for all Saudi universities in order to develop the admission process within those universities. As the current systems of admission in all Saudi universities is not comprehensive and no longer relevant, it is necessary to apply the proposed system for admission as soon as possible. This will help in improving the efficiency of the admission system in Saudi universities. With the proposed system, students are only required to submit one application form which covers all universities instead of submitting several application forms to several universities. Through this process, they will be offered only one place at one university at any given time. This will save effort and time, and reduce cost

Continuous trust management frameworks : concept, design and characteristics

PhD ThesisA Trust Management Framework is a collection of technical components and governing rules and contracts to establish secure, confidential, and Trustworthy transactions among the Trust Stakeholders whether they are Users, Service Providers, or Legal Authorities. Despite the presence of many Trust Frameworks projects, they still fail at presenting a mature Framework that can be Trusted by all its Stakeholders. Particularly speaking, most of the current research focus on the Security aspects that may satisfy some Stakeholders but ignore other vital Trust Properties like Privacy, Legal Authority Enforcement, Practicality, and Customizability. This thesis is all about understanding and utilising the state of the art technologies of Trust Management to come up with a Trust Management Framework that could be Trusted by all its Stakeholders by providing a Continuous Data Control where the exchanged data would be handled in a Trustworthy manner before and after the data release from one party to another. For that we call it: Continuous Trust Management Framework. In this thesis, we present a literature survey where we illustrate the general picture of the current research main categorise as well as the main Trust Stakeholders, Trust Challenges, and Trust Requirements. We picked few samples representing each of the main categorise in the literature of Trust Management Frameworks for detailed comparison to understand the strengths and weaknesses of those categorise. Showing that the current Trust Management Frameworks are focusing on fulfilling most of the Trust Attributes needed by the Trust Stakeholders except for the Continuous Data Control Attribute, we argued for the vitality of our proposed generic design of the Continuous Trust Management Framework. To demonstrate our Design practicality, we present a prototype implementing its basic Stakeholders like the Users, Service Providers, Identity Provider, and Auditor on top of the OpenID Connect protocol. The sample use-case of our prototype is to protect the Users’ email addresses. That is, Users would ask for their emails not to be iii shared with third parties but some Providers would act maliciously and share these emails with third parties who would, in turn, send spam emails to the victim Users. While the prototype Auditor would be able to protect and track data before their release to the Service Providers, it would not be able to enforce the data access policy after release. We later generalise our sample use-case to cover various Mass Active Attacks on Users’ Credentials like, for example, using stolen credit cards or illegally impersonating third-party identity. To protect the Users’ Credentials after release, we introduce a set of theories and building blocks to aid our Continuous Trust Framework’s Auditor that would act as the Trust Enforcement point. These theories rely primarily on analysing the data logs recorded by our prototype prior to releasing the data. To test our theories, we present a Simulation Model of the Auditor to optimise its parameters. During some of our Simulation Stages, we assumed the availability of a Data Governance Unit, DGU, that would provide hardware roots of Trust. This DGU is to be installed in the Service Providers’ server-side to govern how they handle the Users’ data. The final simulation results include a set of different Defensive Strategies’ Flavours that could be utilized by the Auditor depending on the environment where it operates. This thesis concludes with the fact that utilising Hard Trust Measures such as DGU without effective Defensive Strategies may not provide the ultimate Trust solution. That is especially true at the bootstrapping phase where Service Providers would be reluctant to adopt a restrictive technology like our proposed DGU. Nevertheless, even in the absence of the DGU technology now, deploying the developed Defensive Strategies’ Flavours that do not rely on DGU would still provide significant improvements in terms of enforcing Trust even after data release compared to the currently widely deployed Strategy: doing nothing!Public Authority for Applied Education and Training in Kuwait, PAAET

A methodology for maintaining trust in virtual environments

The increasing interest in carrying out business in virtual environments has resulted in much research and discussion of trust establishment between the entities involved. Researchers over the years have acknowledged that the success of any transaction or interaction via the virtual medium is determined by the trust level between trusting agent and trusted agent. Numerous publications have attempted to address the various challenges of assigning a trust level and building trust in an interacting party. However, the building and allocating a value of trust is neither easy nor quick. It involves high cost and effort. Hence, the ensuing research challenge is how to maintain the trust that has been established and assigned. Due to the dynamic nature of trust, the trust evolution, and the fragility of trust in virtual environments, one of the most pressing challenges facing the research community is how trust can be maintained over time. This thesis is an effort in that direction. Specifically, the objective of this thesis is to propose a methodology for trust maintenance in virtual environments which we term “Trust Maintenance Methodology” (TMM). The methodology comprises five frameworks that can be used to achieve the objective of trust maintenance.In order to achieve the aforesaid objective, this thesis proposes a: (a) Framework for third party agent selection, (b) Framework for Formalization and Negotiation of service requirements, (c) Framework for Proactive Continuous Performance Monitoring, (d) Framework for Incentive Mechanism, and (e) Framework for Trust Re-calibration.The framework for third party agent selection is used for choosing and selecting a neutral agent who will supervise the interaction between two parties. This is the first step of our methodology. The neutral agent is involved throughout the course of the interaction between two parties and takes a proactive-corrective role in continuous performance monitoring. Once both parties have chosen a neutral agent, they carry out a formalization and negotiation process of their service requirements using our proposed framework. This is in order to create an SLA which will guide the interaction between two parties. The framework for proactive continuous performance monitoring then can be used to evaluate the performance of both parties in delivering their service based on the SLA. If a performance gap occurs during the course of transaction, the third party agent will take action to help both parties close the performance gap in a timely manner. A key salient feature of our continuous performance monitoring is that it is proactive-corrective. Additionally, we design a framework for providing an incentive during the course of interaction to motivate both parties to perform as closely as possible to the terms of the mutual agreement or SLA. By the end of the interaction time space, both parties will be able to re-assess or re-calibrate their trust level using our proposed framework for trust re-calibration.Finally, in order to validate our proposed methodology, we engineered a multi-agent system to simulate the validity of the TMM. Numerous case studies are presented to elucidate the workings of our proposed methodology. Moreover, we run several experiments under various testing conditions including boundary conditions. The results of experiments show that our methodology is effective in assisting the parties to maintain their trust level in virtual environments