System Modeling and Trust Evaluation of Distributed Systems

International audienceNowadays, digital systems are connected through complex architectures. These systems involve persons, physical and digital resources such that we can consider that a system consists of elements from two worlds, the social world and the digital world, and their relations. Users perform activities like chatting, buying, sharing data, etc. Evaluating and choosing appropriate systems involve aspects like functionality, performance, QoS, ease of use, or price. Recently, trust appeared as another key factor for such an evaluation. In this context, we raise two issues, (i) how to formalize the entities that compose a system and their relations for a particular activity? and (ii) how to evaluate trust in a system for this activity? This work proposes answers to both questions. On the one hand, we propose SOCIOPATH, a metamodel based on first order logic, that allows to model a system considering entities of the social and digital worlds and their relations. On the other hand, we propose two approaches to evaluate trust in systems, namely, SOCIOTRUST and SUBJECTIVETRUST. The former is based on probability the- ory to evaluate users’ trust in systems for a given activity. The latter is based on subjective logic to take into account uncertainty in trust values

Trust Evaluation of a System for an Activity

International audienceWhen users need to perform a digital activity, they evaluate available systems according to their functionality, ease of use, QoS, and/or economical as- pects. Recently, trust has become another key factor for such evaluation. Two main issues arise in the trust management research community. First, how to de- fine the trust in an entity, knowing that this can be a person, a digital or a physical resource. Second, how to evaluate such value of trust in a system as a whole for a particular activity. Defining and evaluating trust in systems is an open problem because there is no consensus on the used approach. In this work we propose an approach applicable to any kind of system. The distinctive feature of our pro- posal is that, besides taking into account the trust in the different entities the user depends on to perform an activity, it takes into consideration the architecture of the system to determine its trust level. Our goal is to enable users to have a per- sonal comparison between different systems for the same application needs and to choose the one satisfying their expectations. This paper introduces our approach, which is based on probability theory, and presents ongoing results

Graph-Based Trust Model for Evaluating Trust Using Subjective Logic

50 pagesBefore using a digital system, it is necessary to evaluate it according to different parameters. Lately trust emerged as a momentous aspect of evaluation. Evaluating trust in a system is a complex issue that becomes more challenging when systems use distributed architectures. In a previous work, we proposed SocioTrust, a trust model that is based on probability theory to evaluate trust in a system for an activity. In SocioTrust, trust values are considered as the probability, by which a trustor believes that a trustee behaves as expected. A limita- tion of using traditional probability is that users cannot express their uncertainties about some actors of their activity. In real situations, not everyone is in possession of all the necessary information to provide a dogmatic opinion about something or someone. Subjective logic thus emerged to facilitate the expression of trust as a subjective opinion with degrees of uncertainty. In this paper, we propose SubjectiveTrust, a graph-based trust model to evaluate trust in a system for an activity using subjective logic. The distinctive features of our proposal are (i) user's un- certainties are taken into account in trust evaluation and (ii) besides taking into account the trust in the different entities the user depends on to perform an activity, it takes into consideration the architecture of the system to determine its trust level

Trust Approach Based on User's Activities

National audienceThe complexity of distributed systems continuously increases and their usage is widened into a variety of contexts. Users do several activities through these systems like sharing data, chatting, buying online, etc. Persons, hardware and software are involved in activities so we consider a system as the representation of two worlds, the social and the digital worlds. Trust plays an important role in helping users to analyze the danger or risk they incur when doing an activity. Research on trust notions has focused on the social entities where a trustee is a person or an organization of persons. Recent research analyzes trust toward the digital world i.e., technologies. We consider that having these two building blocks is not enough for a user to decide if she can confidently do an activity in a particular system. Such decision requires to consider the system organization as a whole because it determines whom and what would be involved in a user activity and how. This article focuses on this problem and provides first ideas for solution

SocioPath: Bridging the Gap between Digital and Social Worlds

International audienceIn everyday life, people use more and more digital resources (data, application systems, Internet, etc.) for all aspects of their life like administrative procedures, financial management, private exchanges, collaborative work, etc. This leads to non-negligible dependences on the digital distributed resources that reveal strong reliance at the social level, for instance on providers, physical or moral persons, of these resources. Users are often not aware of their real autonomy regarding the management of their digital resources. Thus, currently, people underestimate social dependences generated by the system architecture they use and the resulting potential risks. We argue that it is necessary to be aware of some key aspects of system's architectures to be able to know dependences. In this paper, we proposes SOCIOPATH, a generic meta-model to derive dependences generated by system's architecture. In particular, SOCIOPATH focuses on relations, like access, control, support, ownership, and so forth, among the different entities of the system (digital resources, hardware, persons, etc.). Enriched with deduction rules and definitions, SOCIOPATH allows to reveal the dependences of a person towards each entity in the system. SOCIOPATH could then be useful in the evaluation process of a system, as a modeling tool that bridges the gap between the digital and the social worlds

SOCIOPATH: In Whom You Trust?

Distributed systems are getting more and more numerous, complex and used in a wide variety of applications. New solutions and new architectures arise (e.g., clouds) that support new functionalities (e.g., social networks) and pile up several software layers. This evolution implies new non negligible dependences increasing in the number of actors involved in the system (e.g., providers and users). Some undesirable dependences could be hidden by this layer stacking, implying a reduced transparency for users and a misunderstanding of her actual autonomy. Given that any software is directly dependent of the underlying layers, if any of these layers misbehaves, the given software may be unable to provide promised services. We argue that users should be aware of the potential risks resulting from their dependences. To be able to deduce those dependences, one should know the way the system works (architecture, involved resources, providers, participants, etc.). This would help to deduce the potential trust a user could or should have toward the system. We consider this of utmost importance, as professional efficiency and personal privacy could be compromised if untrusted actors control the access to resources. This work proposes SOCIOPATH, a generic meta-model that allows to expose hidden or implied relationships among participants in the digital world, which also introduce dependences at the social level. The notions presented in this approach are basics of many fields, like security, privacy, trust, sociology, economy and so forth. SOCIOPATH can be used in the evaluation process of a system as well as in its upstream design

Combler le fossé entre les mondes sociaux et numériques : modéli- sation de systèmes et évaluation de la confiance.

Nowadays, digital systems are connected through complex architectures. Participants to these systems perform activities like chatting or sharing data. Persons, physical and digital resources are involved in these activities, such that a system can be considered as a representation of two worlds, the social world and the digital world and their relations. Evaluating these systems is generally limited to technical aspects. Today, trust becomes an important key in the evaluation process. In this context, we raise two questions: how to formalize the entities that compose a system and their relations for a particular activity? and how to evaluate trust in a system for this activity? Our contributions are divided into two parts. The first part proposes a formal metamodel named SocioPath, to model a system with all entities of social and digital worlds and their relations. The second part evaluates the users’ trust in the systems they use for a given activity. We propose an approach named, SocioTrust, to compute the user’s trust in a system using probability theory. Then we propose a second approach named, SubjectiveTrust that takes into account the uncertainty in the trust values. This approach is based on subjective logic.Aujourd’hui, les systèmes numériques sont interconnectés au travers d’architectures complexes. Les participants à ces systèmes réalisent activités telles que communiquer ou partager des données. Humains, matériels et logiciels sont impliqués dans ces activités, de sorte qu’un sys- tème peut être décrit comme la représentation de deux mondes, le monde social et le monde numérique et leurs relations. L’évaluation de ces sys- tèmes est limitée aux aspects techniques. Aujourd’hui, la confiance envers les est devenue un facteur important dans les procédures d’évaluation. Dans ce contexte, nous soulevons deux questions : comment formaliser les entités composant un système ainsi que leurs relations pour une ac- tivité particulière ? et comment évaluer la confiance envers un système pour cette activité ? Nos contributions sont divisées en deux parties. La première partie propose un métamodèle formel, nommé SocioPath, qui permet de modéliser un système avec les entités du monde social et numérique et leurs relations. La deuxième partie consiste à évaluer la con- fiance des utilisateurs envers les systèmes qu’ils utilisent pour une activité donnée. Nous proposons une approche, nommé SocioTrust permettant de calculer le niveau de confiance, qui utilise la théorie des probabilités. Puis nous proposons une seconde approche, sous le nom de SubjectiveTrust, pour prendre en compte l’incertitude dans les valeurs de confiance, cette approche se basant sur la logique subjective