A Personalized Framework for Trust Assessment

The number of computational trust models has been increasing quickly in recent years yet their applications for automating trust evaluation are still limited. The main obstacle is the difficulties in selecting a suitable trust model and adapting it for particular trust modeling requirements, which varies greatly due to the subjectivity of human trust. The Personalized Trust Framework (PTF) presented in this paper aims to address this problem by providing a mechanism for human users to capture their trust evaluation process in order for it to be replicated by computers. In more details, a user can specify how he selects a trust model based on information about the subject whose trustworthiness he needs to evaluate and how that trust model is configured. This trust evaluation process is then automated by the PTF making use of the trust models flexibly plugged into the PTF by the user. By so doing, the PTF enable users reuse and personalize existing trust models to suit their requirements without having to reprogram those models

Trust models in ubiquitous computing

We recapture some of the arguments for trust-based technologies in ubiquitous computing, followed by a brief survey of some of the models of trust that have been introduced in this respect. Based on this, we argue for the need of more formal and foundational trust models

Rational Trust Modeling

Trust models are widely used in various computer science disciplines. The main purpose of a trust model is to continuously measure trustworthiness of a set of entities based on their behaviors. In this article, the novel notion of "rational trust modeling" is introduced by bridging trust management and game theory. Note that trust models/reputation systems have been used in game theory (e.g., repeated games) for a long time, however, game theory has not been utilized in the process of trust model construction; this is where the novelty of our approach comes from. In our proposed setting, the designer of a trust model assumes that the players who intend to utilize the model are rational/selfish, i.e., they decide to become trustworthy or untrustworthy based on the utility that they can gain. In other words, the players are incentivized (or penalized) by the model itself to act properly. The problem of trust management can be then approached by game theoretical analyses and solution concepts such as Nash equilibrium. Although rationality might be built-in in some existing trust models, we intend to formalize the notion of rational trust modeling from the designer's perspective. This approach will result in two fascinating outcomes. First of all, the designer of a trust model can incentivise trustworthiness in the first place by incorporating proper parameters into the trust function, which can be later utilized among selfish players in strategic trust-based interactions (e.g., e-commerce scenarios). Furthermore, using a rational trust model, we can prevent many well-known attacks on trust models. These two prominent properties also help us to predict behavior of the players in subsequent steps by game theoretical analyses

Architecture and Implementation of a Trust Model for Pervasive Applications

Collaborative effort to share resources is a significant feature of pervasive computing environments. To achieve secure service discovery and sharing, and to distinguish between malevolent and benevolent entities, trust models must be defined. It is critical to estimate a device\u27s initial trust value because of the transient nature of pervasive smart space; however, most of the prior research work on trust models for pervasive applications used the notion of constant initial trust assignment. In this paper, we design and implement a trust model called DIRT. We categorize services in different security levels and depending on the service requester\u27s context information, we calculate the initial trust value. Our trust value is assigned for each device and for each service. Our overall trust estimation for a service depends on the recommendations of the neighbouring devices, inference from other service-trust values for that device, and direct trust experience. We provide an extensive survey of related work, and we demonstrate the distinguishing features of our proposed model with respect to the existing models. We implement a healthcare-monitoring application and a location-based service prototype over DIRT. We also provide a performance analysis of the model with respect to some of its important characteristics tested in various scenarios

Evaluating e-commerce trust using fuzzy logic [article]

Trust is widely recognized as an essential factor for the continual development of business to customer electronic commerce (B2C EC). Many trust models have been developed, however, most are subjective and do not take into account the vagueness and ambiguity of EC trust and the customers’ intuitions and experience when conducting online transactions. In this article, we develop a fuzzy trust model using fuzzy reasoning to evaluate EC trust. This trust model is based on the information customers expect to find on an EC Website and is shown to increase customers trust towards online merchants. We argue that fuzzy logic is suitable for trust evaluation as it takes into account the uncertainties within e-commerce data and like human relationships; it is often expressed by linguistics terms rather then numerical values. The evaluation of the proposed model will be illustrated using two case studies and a comparison with two evaluation models was conducted to emphasise the importance of usin fuzzy logic

Stochastic Trust Region Methods with Trust Region Radius Depending on Probabilistic Models

We present a stochastic trust-region model-based framework in which its radius is related to the probabilistic models. Especially, we propose a specific algorithm, termed STRME, in which the trust-region radius depends linearly on the latest model gradient. The complexity of STRME method in non-convex, convex and strongly convex settings has all been analyzed, which matches the existing algorithms based on probabilistic properties. In addition, several numerical experiments are carried out to reveal the benefits of the proposed methods compared to the existing stochastic trust-region methods and other relevant stochastic gradient methods

Restoring Trust Relationships within Collaborative Digital Preservation Federations

4th International Conference on Open RepositoriesThis presentation was part of the session : Conference PresentationsDate: 2009-05-19 01:00 PM – 02:30 PMThe authors extend their process for creating and establishing trust relationships to include steps for restoring trust relationships after catastrophic events. Part of this model will include best practices for business continuity relationships and will integrate trust models from Holland and Lockett (1998) and Ring and Van de Ven (1994) and how they can be applied to a process for trust restoration after periods of disaster or critical data loss. These models provide key frameworks for understanding how trust can be utilized for collaborative start points as well as for collaborative recovery points from physical natural disaster or critical data loss

Dynamic trust models for ubiquitous computing environments

A significant characteristic of ubiquitous computing is the need for interactions of highly mobile entities to be secure: secure both for the entity and the environment in which the entity operates. Moreover, ubiquitous computing is also characterised by partial views over the state of the global environment, implying that we cannot guarantee that an environment can always verify the properties of the mobile entity that it has just received. Secure in this context encompasses both the need for cryptographic security and the need for trust, on the part of both parties, that the interaction is functioning as expected. In this paper we make a broad assumption that trust and cryptographic security can be considered as orthogonal concerns (i.e. an entity might encrypt a deliberately incorrect answer to a legitimate request). We assume the existence of reliable encryption techniques and focus on the characteristics of a model that supports the management of the trust relationships between two entities during an interaction in a ubiquitous environment

Merging and Extending the PGP and PEM Trust Models - the ICE-TEL Trust Model

The ICE-TEL project is a pan-European project that is building an Internet X.509 based certification infrastructure throughout Europe, plus several secure applications that will use it. This paper describes the trust model that is being implemented by the project. A trust model specifies the means by which a user may build trust in the assertion that a remote user is really who he purports to be (authentication) and that he does in fact have a right to access the service or information that he is requesting (authorization). The ICE-TEL trust model is based on a merging of and extensions to the existing Pretty Good Privacy (PGP) web of trust and Privacy Enhanced Mail (PEM) hierarchy of trust models, and is called a web of hierarchies trust model. The web of hierarchies model has significant advantages over both of the previous models, and these are highlighted here. The paper further describes the way that the trust model is enforced through some of the new extensions in the X.509 V3 certificates, and gives examples of its use in different scenarios