Towards a Formal Framework for Computational Trust

We define a mathematical measure for the quantitative comparison of probabilistic computational trust systems, and use it to compare a well-known class of algorithms based on the so-called beta model. The main novelty is that our approach is formal, rather than based on experimental simulation

Trust models in ubiquitous computing

We recapture some of the arguments for trust-based technologies in ubiquitous computing, followed by a brief survey of some of the models of trust that have been introduced in this respect. Based on this, we argue for the need of more formal and foundational trust models

Trust Establishment Mechanisms for Distributed Service Environments

The aim and motivation of this dissertation can be best described in one of the most important application fields, the cloud computing. It has changed entire business model of service-oriented computing environments in the last decade. Cloud computing enables information technology related services in a more dynamic and scalable way than before – more cost-effective than before due to the economy of scale and of sharing resources. These opportunities are too attractive for consumers to ignore in today’s highly competitive service environments. The way to realise these opportunities, however, is not free of obstacles. Services offered in cloud computing environments are often composed of multiple service components, which are hosted in distributed systems across the globe and managed by multiple parties. Potential consumers often feel that they lose the control over their data, due to the lack of transparent service specification and unclear security assurances in such environments. These issues encountered by the consumers boiled down to an unwillingness to depend on the service providers regarding the services they offer in the marketplaces. Therefore, consumers have to be put in a position where they can reliably assess the dependability of a service provider. At the same time, service providers have to be able to truthfully present the service-specific security capabilities. If both of these objectives can be achieved, consumers have a basis to make well-founded decisions about whether or not to depend on a particular service provider out of many alternatives. In this thesis, computational trust mechanisms are leveraged to assess the capabilities and evaluate the dependability of service providers. These mechanisms, in the end, potentially support consumers to establish trust on service providers in distributed service environments, e.g., cloud computing. In such environments, acceptable quality of the services can be maintained if the providers possess required capabilities regarding different service-specific attributes, e.g., security, performance, compliance. As services in these environments are often composed of multiple services, subsystems and components, evaluating trustworthiness of the service providers based on the service-specific attributes is non-trivial. In this vein, novel mechanisms are proposed for assessing and evaluating the trustworthiness of service providers considering the trustworthiness of composite services. The scientific contributions towards those novel mechanisms are summarised as follows: • Firstly, we introduce a list of service-specific attributes, QoS+ [HRM10, HHRM12], based on a systematic and comprehensive analysis of existing literatures in the field of cloud computing security and trust. • Secondly, a formal framework [SVRH11, RHMV11a, RHMV11b] is proposed to analyse the composite services along with their required service-specific attributes considering consumer requirements and represent them in simplified meaningful terms, i.e., Propositional Logic Terms (PLTs). • Thirdly, a novel trust evaluation framework CertainLogic [RHMV11a, RHMV11b, HRHM12a, HRHM12b] is proposed to evaluate the PLTs, i.e., capabilities of service providers. The framework provides computational operators to evaluate the PLTs, considering that uncertain and conflicting information are associated with each of the PLTs and those information can be derived from multiple sources. • Finally, harnessing these technical building blocks we present a novel trust management architecture [HRM11] for cloud computing marketplaces. The architecture is designed to support consumers in assessing and evaluating the trustworthiness of service providers based on the published information about their services. The novel contributions of this thesis are evaluated using proof-of-concept-system, prototype implementations and formal proofs. The proof-of-concept-system [HRMV13, HVM13a, HVM13b] is a realisation of the proposed architecture for trust management in cloud marketplaces. The realisation of the system is implemented based on a self-assessment framework, proposed by the Cloud Security Alliance, where the formal framework and computational operators of CertainLogic are applied. The realisation of the system enables consumers to evaluate the trustworthiness of service providers based on their published datasets in the CSA STAR. A number of experiments are conducted in different cloud computing scenarios leveraging the datasets in order to demonstrate the technical feasibility of the contributions made in this thesis. Additionally, the prototype implementations of CertainLogic framework provide means to demonstrate the characteristics of the computational operators by means of various examples. The formal framework as well as computational operators of CertainLogic are validated against desirable mathematical properties, which are supported by formal algebraic proofs

Proceedings of International Workshop "Global Computing: Programming Environments, Languages, Security and Analysis of Systems"

According to the IST/ FET proactive initiative on GLOBAL COMPUTING, the goal is to obtain techniques (models, frameworks, methods, algorithms) for constructing systems that are flexible, dependable, secure, robust and efficient. The dominant concerns are not those of representing and manipulating data efficiently but rather those of handling the co-ordination and interaction, security, reliability, robustness, failure modes, and control of risk of the entities in the system and the overall design, description and performance of the system itself. Completely different paradigms of computer science may have to be developed to tackle these issues effectively. The research should concentrate on systems having the following characteristics: • The systems are composed of autonomous computational entities where activity is not centrally controlled, either because global control is impossible or impractical, or because the entities are created or controlled by different owners. • The computational entities are mobile, due to the movement of the physical platforms or by movement of the entity from one platform to another. • The configuration varies over time. For instance, the system is open to the introduction of new computational entities and likewise their deletion. The behaviour of the entities may vary over time. • The systems operate with incomplete information about the environment. For instance, information becomes rapidly out of date and mobility requires information about the environment to be discovered. The ultimate goal of the research action is to provide a solid scientific foundation for the design of such systems, and to lay the groundwork for achieving effective principles for building and analysing such systems. This workshop covers the aspects related to languages and programming environments as well as analysis of systems and resources involving 9 projects (AGILE , DART, DEGAS , MIKADO, MRG, MYTHS, PEPITO, PROFUNDIS, SECURE) out of the 13 founded under the initiative. After an year from the start of the projects, the goal of the workshop is to fix the state of the art on the topics covered by the two clusters related to programming environments and analysis of systems as well as to devise strategies and new ideas to profitably continue the research effort towards the overall objective of the initiative. We acknowledge the Dipartimento di Informatica and Tlc of the University of Trento, the Comune di Rovereto, the project DEGAS for partially funding the event and the Events and Meetings Office of the University of Trento for the valuable collaboration

Banking the unbanked: the Mzansi intervention in South Africa:

Purpose This paper aims to understand household’s latent behaviour decision making in accessing financial services. In this analysis we look at the determinants of the choice of the pre-entry Mzansi account by consumers in South Africa. Design/methodology/approach We use 102 variables, grouped in the following categories: basic literacy, understanding financial terms, targets for financial advice, desired financial education and financial perception. Employing a computationally efficient variable selection algorithm we study which variables can satisfactorily explain the choice of a Mzansi account. Findings The Mzansi intervention is appealing to individuals with basic but insufficient financial education. Aspirations seem to be very influential in revealing the choice of financial services and to this end Mzansi is perceived as a pre-entry account not meeting the aspirations of individuals aiming to climb up the financial services ladder. We find that Mzansi holders view the account mainly as a vehicle for receiving payments, but on the other hand are debt-averse and inclined to save. Hence although there is at present no concrete evidence that the Mzansi intervention increases access to finance via diversification (i.e. by recruiting customers into higher level accounts and services) our analysis shows that this is very likely to be the case. Originality/value The issue of demand side constraints on access to finance have been largely ignored in the theoretical and empirical literature. This paper undertakes some preliminary steps in addressing this gap

On the emergent Semantic Web and overlooked issues

The emergent Semantic Web, despite being in its infancy, has already received a lotof attention from academia and industry. This resulted in an abundance of prototype systems and discussion most of which are centred around the underlying infrastructure. However, when we critically review the work done to date we realise that there is little discussion with respect to the vision of the Semantic Web. In particular, there is an observed dearth of discussion on how to deliver knowledge sharing in an environment such as the Semantic Web in effective and efficient manners. There are a lot of overlooked issues, associated with agents and trust to hidden assumptions made with respect to knowledge representation and robust reasoning in a distributed environment. These issues could potentially hinder further development if not considered at the early stages of designing Semantic Web systems. In this perspectives paper, we aim to help engineers and practitioners of the Semantic Web by raising awareness of these issues

Social Mental Shaping: Modelling the Impact of Sociality on Autonomous Agents' Mental States

This paper presents a framework that captures how the social nature of agents that are situated in a multi-agent environment impacts upon their individual mental states. Roles and relationships provide an abstraction upon which we develop the notion of social mental shaping. This allows us to extend the standard Belief-Desire-Intention model to account for how common social phenomena (e.g. cooperation, collaborative problem-solving and negotiation) can be integrated into a unified theoretical perspective that reflects a fully explicated model of the autonomous agent's mental state

A Formal Model for Trust in Dynamic Networks

We propose a formal model of trust informed by the Global Computing scenario and focusing on the aspects of trust formation, evolution, and propagation. The model is based on a novel notion of trust structures which, building on concepts from trust management and domain theory, feature at the same time a trust and an information partial order