Trust Building and Managing in Service-oriented Environment

Services are ubiquitous. In daily life, we can find service provisioning everywhere such as online shopping, online storage, doctor, hotel, lawyer, restaurant, etc. With the development of Web 2.0 technology, a huge amount of information about services has become available on the Internet. For instance, on a review website people can discuss which restaurant serves the best Chinese food; in a blog, an author posts an article about the experience of visiting a doctor. The abundance of services and the overload of service information online, result in two main problems. The first problem is service selection; the second one is the overload of consumer-driven information which refers to information such as reviews, articles, assessments, and discussions generated by service consumers. The concept of trust is proposed to solve the two problems. The computational concept of trust is defined as a subjective probability, which makes a prediction of the occurrence of an event such as a good service provisioning. Software used for building and managing trust data related to service offerings, is called Trust Management System (TMS). The first topic is trust model. A trust model is the computing kernel of a TMS that calculates the trust value of a service. Another significant topic regarding trust management for services is the robustness of a TMS. Robustness of a TMS refers to the ability of a TMS to cope with inaccuracy (deliberate or accidental) in the consumer-provided information used for computing trust. There are many trust models that have been proposed. I do not know of any survey analyzing and comparing different trust models with respect to trust in services. In this thesis, 40 trust models are compared from both a theoretical and a practical perspective, using criteria such as application context, information representation, properties of trust evaluation, and robustness of system. In addition, a trust model framework for service provisioning is proposed. This framework is considered a meta-model covering all existing trust models. A concrete trust model can be derived by instantiating the meta-model. In the thesis, four concrete services which cover both quantitative and qualitative services are studied. A quantitative service refers to a service the quality of which can be measured objectively. For a qualitative service there is no general agreed-upon objective measure for service quality. The first case study is about Online File Storage Service (OFSS) which is categorized as a quantitative service. The trust model, R-Rep, for a OFSS is proposed. In order to mitigate manipulation, a statistics based detection mechanism, named Baseline Sampling (BS), is introduced. In addition, when social network information among users is available, Clique Identification (CI) is used to detect manipulative groups. One e-commerce website, Taobao.com, and two review websites, TripAdvisor.com and Dianping.com, are chosen as case studies for trust building and managing in the context of qualitative service. For each case, specific trust models which consider intrinsic robustness enhancement by designing special weight functions are proposed. Meanwhile, machine learning-based extrinsic robustness enhancement is applied. Three types of machine learning approaches, clustering, classification and Annotation-Auxiliary Clustering (AAClust), are applied to identify manipulative behavior

Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems

Managing the outsourcing of information security processes: the 'cloud' solution

Information security processes and systems are relevant for any organization and involve medium-to-high investment; however, the current economic downturn is causing a dramatic reduction in spending on Information Technology (IT). Cloud computing (i.e., externalization of one or more IT services) might be a solution for organizations keen to maintain a good level of security. In this paper we discuss whether cloud computing is a valid alternative to in-house security processes and systems drawing on four mini-case studies of higher education institutions in New England, US. Our findings show that the organization’s IT spending capacity affects the choice to move to the cloud; however, the perceived security of the cloud and the perceived in-house capacity to provide high quality IT (and security) services moderate this relationship. Moreover, other variables such as (low) quality of technical support, relatively incomplete contracts, poor defined Service License Agreements (SLA), and ambiguities over data ownership affect the choice to outsource IT (and security) using the cloud. We suggest that, while cloud computing could be a useful means of IT outsourcing, there needs to be a number of changes and improvements to how the service is currently delivered

Illinois Digital Scholarship: Preserving and Accessing the Digital Past, Present, and Future

Since the University's establishment in 1867, its scholarly output has been issued primarily in print, and the University Library and Archives have been readily able to collect, preserve, and to provide access to that output. Today, technological, economic, political and social forces are buffeting all means of scholarly communication. Scholars, academic institutions and publishers are engaged in debate about the impact of digital scholarship and open access publishing on the promotion and tenure process. The upsurge in digital scholarship affects many aspects of the academic enterprise, including how we record, evaluate, preserve, organize and disseminate scholarly work. The result has left the Library with no ready means by which to archive digitally produced publications, reports, presentations, and learning objects, much of which cannot be adequately represented in print form. In this incredibly fluid environment of digital scholarship, the critical question of how we will collect, preserve, and manage access to this important part of the University scholarly record demands a rational and forward-looking plan - one that includes perspectives from diverse scholarly disciplines, incorporates significant research breakthroughs in information science and computer science, and makes effective projections for future integration within the Library and computing services as a part of the campus infrastructure.Prepared jointly by the University of Illinois Library and CITES at the University of Illinois at Urbana-Champaig

Aiming for ultra-scalable ePortfolio distribution using peer-to-peer networks

In this paper the authors discuss how peer-to-peer technology offers a practical solution to building highly scalable Europe-wide and worldwide ePortfolio networks over existing network infrastructures.This solution also offers the effect of empowering individuals through moving the management and storage responsibilities onto the portfolio owners, decoupling users from any single institutional ePortfolio service provider The authors do not present this solution as the single way forward, but as an alternative to what is seen as a mainly client-server and Web-based approach to ePortfolio development, and to encourage developers to explore the possibilities for ePortfolio integration with emerging and relatively immature technologies. A prototype implementation is reported and future developments described