A trust based methodology for web service selection

In this paper, we propose a methodology for addressing trust in Semantic Web Services (SWS) - based applications. The aim is to enhance the capability-driven selection provided by current SWS frameworks with the introduction of trust-based selection criteria. We present an ontology - Web Services Trust Ontology (WSTO) - that models the context of a trust-based interaction and enables the participants to describe semantically their trust requirements and guarantees. WSTO makes use of WSMO as reference ontology for representing Web Services and embodies the problem of finding the most "trusted" Web service as a classification problem. To test our methodology, we implemented a specific module within IRS-III - a WSMO-based SWS broker - and deployed a prototype application based on a use case scenario

A formal model for classifying trusted Semantic Web Services

Semantic Web Services (SWS) aim to alleviate Web service limitations, by combining Web service technologies with the potential of Semantic Web. Several open issues have to be tackled yet, in order to enable a safe and efficient Web services selection. One of them is represented by trust. In this paper, we introduce a trust definition and formalize a model for managing trust in SWS. The model approaches the selection of trusted Web services as a classification problem, and it is realized by an ontology, which extends WSMO. A prototype is deployed, in order to give a proof of concept of our approach

A Client-Aware Reputation System for e-Services

In the Internet age, people are becoming more an more familiar in experiencing online services. Given the intrinsic distributed nature of the electronic transactions involved, there is the need to prove somehow the trustworthiness of such services for supporting a user in her choice. To this aim, different techniques have been presented. For example, a simple but useful solution is to rely on feedback of past users testifying if they have been satisfied by a service. In this paper, we consider a scenario for business transactions where a reputation management system helps clients in choosing services that best satisfy their attitudes and preferences. Specifically, a reputation value is associated to each service at stake. This value is updated according to past and new clients interactions. In fact, at the end of each interaction with a service, clients provide feedback regarding that service. The main feature of our proposal is the client awareness. This derives from designing and implementing a probabilistic client model based on real behaviours of users when they choose a service and give feedback. This client model has been obtained by collecting and processing real data from ones of the most popular websites for travel advice. We present an evaluation aimed at validating our proposal. In the simulations, we also deal with the issue of false feedback, reported by clients that intentionally aim at subverting the reputation value of a service. The simulations results show that our system is robust up to a certain number of malicious feedback

Web Rule Languages to Carry Policies

Recent efforts in the area of Web policy languages show concerns on how to better represent both context and rules of a domain to deal with large number of resources and users. Interaction between domains with different business rules is also another questionable issue in this same area. Web rule languages have been recently introduced as a means to facilitate interaction between parties with dissimilar policies and business rules. Efforts have been placed to further review the possibility of the proposed solutions and extend them to work with other Web technologies. In this paper, we introduce REWERSE Rule Markup Language (R2ML) as a Web rule language that can be employed to make concepts, policies, and elements of a domain digestible by another domain through the use of vocabularies, rules, and annotations. We also show how R2ML elements can model the concepts and elements of different policy languages and assist systems with diverse policies with their interactions. 1

Deploying Semantic Web Services-Based Applications in the e-Government Domain

Joining up services in e-Government usually implies governmental agencies acting in concert without a central control regime. This requires to the sharing scattered and heterogeneous data. Semantic Web Service (SWS) technology can help to integrate, mediate and reason between these datasets. However, since a few real-world applications have been developed, it is still unclear which are the actual benefits and issues of adopting such a technology in the e-Government domain. In this paper, we contribute to raising awareness of the potential benefits in the e-Government communityby analyzing motivations, requirements and expected results, before proposing a reusable SWS-based framework. We demonstrate the application of this framework by showing how integration and interoperability emerge from this model through a cooperative and multi-viewpoint methodology. Finally, we illustrate added values and lessons learned by two compelling case studies: a change of circumstances notification system and a GIS-based emergency planning system, and describe key challenges which remain to be addressed

An investigation of interoperability issues between authorisation systems within web services

The existing authorisation systems within the context of Web Services mainly apply two access control approaches – Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). The RBAC approach links an authenticated Web Service Requester to its specific access control permission through roles, but RBAC is not flexible enough to cater for some cases where extra attribute information is needed in addition to the identity. By contrast, the ABAC approach has more flexibility, as it allows a Web Service Requester to submit necessary credentials containing extra attribute information that can fulfil the policies declared by a Web Service Provider, which aims to protect the sensitive resources/services.RBAC and ABAC can only help to establish a unilateral trust relationship between two Web Services to enable a Web Service Provider to make an access control decision. Unfortunately, the nature of Web Services presents a high probability that two Web Services may not know each other. Therefore, successful authorisation may fail, if the Web Service Requester does not trust the Web Service Provider.Trust Negotiation (TN) is also an access control approach, which can provide a bilateral trust relationship between two unknown entities, so it sometimes can enable authorisation success in situations where success is not possible through RBAC or ABAC approaches. However, interoperability issues will arise between authorisation systems within Web Services, where a bilateral trust-based authorisation solution is applied. In addition, a lack of a unified approach that can address the interoperability issues remains as a research problem. This research aims to explore possible factors causing the lack of interoperability first, and then to explore an approach that can address the interoperability issues. The main contributions of this research are an improved interoperability model illustrating interoperability issues at different layers of abstraction, and a novel interoperability-solution design along with an improved TN protocol as an example of utilising this design to provide interoperability between authorisation systems within Web Services

Methods for Efficient and Accurate Discovery of Services

With an increasing number of services developed and offered in an enterprise setting or the Web, users can hardly verify their requirements manually in order to find appropriate services. In this thesis, we develop a method to discover semantically described services. We exploit comprehensive service and request descriptions such that a wide variety of use cases can be supported. In our discovery method, we compute the matchmaking decision by employing an efficient model checking technique

Trust Negotiation for Semantic Web Services

Semantic Web Services enable the dynamic discovery of services based on a formal, explicit specification of the requester needs. The actual Web Services that will be used to satisfy the requester's goal are selected at run-time and, therefore, they are not known beforehand. As a consequence, determining whether the selected services can be trusted becomes an essential issue. In this paper, we propose the use of the Peertrust language to decide if trust can be established between the requester and the service provider. We add modelling elements to the Web Service Modeling Ontology (WSMO) in order to include trust information in the description of Semantic Web Services. In this scenario, we discuss different registry architectures and their implications for the matchmaking process. In addition, we present a matching algorithm for the trust policies introduced