Enhancing digital business ecosystem trust and reputation with centrality measures

Digital Business Ecosystem (DBE) is a decentralised environment where very small enterprises (VSEs) and small to medium sized enterprises (SMEs) interoperate by establishing collaborations with each other. Collaborations play a major role in the development of DBEs where it is often difficult to select partners, as they are most likely strangers. Even though trust forms the basis for collaboration decisions, trust and reputation information may not be available for each participant. Recommendations from other participants are therefore necessary to help with the selection process. Given the nature of DBEs, social network centrality measures that can influence power and control in the network need to be considered for DBE trust and reputation. A number of social network centralities, which influence reputation in social graphs have been studied in the past. This paper investigates an unexploited centrality measure, betweenness centrality, as a metric to be considered for trust and reputation

Towards reputation-as-a-service

Reputation is used to regulate relationships of trust in online communities. When deploying a reputation system, it needs to accommodate the requirements and constrains of the specific community in order to assist the community to reach their goals. This paper identifies that there is a need for a framework to define a configurable reputation system with the ability to accommodate the requirements of a variety of online communities. Such a reputation system can be defined as a service on the Cloud, to be composed with the application environment of the online community. This paper introduces the concept of RaaS (Reputation-as-a-Service) and discusses a potential framework for creating a RaaS. In order to achieve such a framework, research is conducted into features of SaaS (Software-as-a-Service) components, user requirements for trust and reputation, and features of current reputation frameworks that can be configured in order to support a reputation service on the Cloud

Engineering Secure Adaptable Web Services Compositions

Service-oriented architecture defines a paradigm for building applications by assembling autonomous components such as web services to create web service compositions. Web services are executed in complex contexts where unforeseen events may compromise the security of the web services composition. If such compositions perform critical functions, prompt action may be required as new security threats may arise at runtime. Manual interventions may not be ideal or feasible. To automatically decide on valid security changes to make at runtime, the composition needs to make use of current security context information. Such security changes are referred to as dynamic adaptation. This research proposes a framework to develop web services compositions that can dynamically adapt to maintain the same level of security when unforeseen security events occur at runtime. The framework is supported by mechanisms that map revised security requirements arising at runtime to a new security configuration plan that is used to adapt the web services composition

Collaboration Circles: empowering job seekers to find work using ad-hoc collaboration networks

Recent trends combine smart phones with social networking platforms to bring new opportunities that can enable people to collaborate anywhere and at any time. For example, organisations can be given the opportunity to recruit part-time job seekers such as software developers using social media tools. Previously, collaboration was static in nature, but today loosely enabled collaboration needs to support flexible schedules, ad hoc processes and members that may not be known in advance. Furthermore, current crowdsourcing platforms that enable software developers to contribute their skills to projects do not meet the social needs of participants as they collaborate. This paper presents a cost-effective approach to collaboration that aims to assist users to find suitable collaborators to team up with. The proposed Collaboration Circles application is able to find the best time to collaborate using Google+, Google calendar and a weighted assignment algorithm. The Collaboration Circles application includes features such as the administration of collaborative task activities and communication channels. The Collaboration Circles application is implemented as an Android social network application supported by Google tools. The application is experimentally evaluated to demonstrate that the Collaboration Circles application successfully supports collaboration in the virtual world

WSACT : a model for Web Services access control incorporating trust

Today, organisations that seek a competitive advantage are adopting virtual infrastructures that share and manage computing resources. The trend is towards implementing collaborating applications that are supported by web services technology. Even though web services technology is rapidly becoming a fundamental development paradigm, adequate security constitutes the main concern and obstacle to its adoption as an industry solution. An important issue to address is the development of suitable access control models that are able to not only restrict access to unauthorised users, but also to discriminate between users that originate from different collaborating parties. In web services environments, access control is required to cross the borders of security domains, in order to be implemented between heterogeneous systems. Traditional access control systems that are identity-based do not provide a solution, as web services providers have to deal with unknown users, manage a large user population, collaborate with others and at the same time be autonomous of nature. Previous research has pointed towards the adoption of attribute-based access control as a means to address some of these problems. This approach is still not adequate, as the trustworthiness of web services requestors cannot be determined. Trust in web services requestors is thus an important requirement to address. For this reason, the thesis investigated trust, as to promote the inclusion of trust in the web services access control model. A cognitive approach to trust computation was followed that addressed uncertain and imprecise information by means of fuzzy logic techniques. A web services trust formation framework was defined that aims to populate trust concepts by means of automated, machine-based trust assessments. The structure between trust concepts was made explicit by means of a trust taxonomy. This thesis presents the WSACT – or the Web Services Access Control incorporating Trust –model. The model incorporates traditional role-based access control, the trust levels of web services requestors and the attributes of users into one model. This allows web services providers to grant advanced access to the users of trusted web services requestors, in contrast to the limited access that is given to users who make requests through web services requestors with whom a minimal level of trust has been established. Such flexibility gives a web services provider the ability to foster meaningful business relationships with others, which portrays humanistic forms of trust. The WSACT architecture describes the interacting roles of an authorisation interface, authorisation manager and trust manager. A prototype finally illustrates that the incorporation of trust is a viable solution to the problem of web services access control when decisions of an autonomous nature are to be made.Thesis (PhD (Computer Science))--University of Pretoria, 2008.Computer Scienceunrestricte

Information security with special reference to database interconnectivity.

Information can be considered a company’s most valued asset and should be protected as such. In the past, companies allowed very limited access to corporate information. Today, the rapid growth of the Internet increases the importance of connecting to existing databases. Access to such web-enabled databases, containing sensitive information such as credit card numbers must be made available only to those who need it. The security of web-enabled databases is challenged, as huge user populations access corporate information, past traditional perimeters. Providing a secure web-enabled database environment is not as simple as creating a few dynamic pages linked to a secured database. As a web-enabled database is very sophisticated, consisting of various applications in front of the database, it is vulnerable to attack. Furthermore, since most malicious intrusions occur from inside, defences such as firewalls, intrusion detection and virus scanning provide limited protection. The principle aim of this study was to consider security services and mechanisms that would provide protection to web-enabled databases. As database security has been a well-researched topic ever since the first databases were used, it was decided to investigate whether traditional database security could possibly provide a basic framework to be used when approaching the security of web-enabled databases. An investigation was made into nine current state database security services and their associated mechanisms. Additional services and mechanisms were identified, that could provide protection in the new environment. The integrated service provided by web-enabled databases was contrasted to the service provided by current state database security. A model was developed that illustrated how these services and mechanisms could be applied to create a secure web-enabled database. The study was brought to an end with a conclusion on the security that can be attained by web-enabled databases. Further problem areas, which could be researched in the future, were touched upon briefly.Prof. J.H.P. Elof

Argumentation-Based Group Decision Support for Collectivist Communities

Part 1: Cross-Domain Conference and Workshop on Multidisciplinary Research and Practice for Information Systems (CD-ARES 2014): Knowledge ManagementInternational audienceIn collectivist communities, decisions are taken by groups of people who prefer to consider the opinions of their in-group. For them it is important to reach group consensus by focusing on the group’s preferences and goals. Such decision processes can be supported by multi-criteria decision analysis that identifies sets of objectives, representing subjective values used in decision making, to better generate recommendations. Recently, several attempts have been made to explain and suggest alternatives in decision-making problems by using arguments. Argumentation theory is the process of bringing together arguments so that conclusions can be justified and explained. Each potential decision usually has arguments for or against it, of various strengths. For collectivist communities, the non-monotonicity of argumentation theory is useful as it supports an adaptive decision-making style. The fact that the opinions of group members can be evaluated and replaced, if they are found lacking via a group opinion strategy, fits well with collectivist decision-making. This paper proposes a framework that allows a group of users, belonging to a collectivist and mostly rural community, to share their opinions when making decisions such as buying goods in bulk in order by incorporating their cultural beliefs in the system design