Trust challenges for business-to-business networks

Peer reviewe

EDOC2011 PhD Student Symposium Proceedings

Post-proceedings of the EDOC2011 PhD Student Symposium held in Helsinki 26.8.2011.Peer reviewe

Making multi-dimensional trust decisions on inter-enterprise collaborations

VertaisarvioitupeerReviewe

User interface for trust decision making in inter-enterprise collaborations

Best paper award.Peer reviewe

Luottamuksenhallinta web-palveluympäristössä

Tutkielmassa käsitellään luottamuksenhallintaa web-palveluympäristössä. Dynaaminen toimintaympäristö asettaa vaatimuksia luottamuksenhallintajärjestelmälle, jota käytetään paitsi paikallisten pääsynhallintapäätösten tekemiseen, myös laajemman mittakaavan päätöksenteon tukena, useiden autonomisten toimijoiden muodostamien yhteisöjen hallinnassa. Tutkielma esittelee Trust Based on Evidence -projektissa kehitetyn luottamuksenhallintajärjestelmän tiedollisen ja toiminnallisen mallin, paikallisesta ja yhteisön näkökulmasta. Mallia selkeytetään web-palveluympäristöön sijoittuvan esimerkin avulla. Luottamuksen käsitteen rakentamiseksi esitellään myös eri osa-alueille sijoittuvia luottamuksen malleja ja luottamusta käyttäviä järjestelmiä. Avoimessa verkkoympäristössä palveluntarjoaja joutuu tasapainottelemaan kahden osin vastakkaisen tavoitteen välillä: toisaalta järjestelmän tulisi olla mahdollisimman avoin, jotta se houkuttelisi käyttäjiä, toisaalta liiallinen avoimuus kasvattaa tietomurron riskiä. Kompromissin löytäminen on hankaloitunut edelleen saavutettavien käyttäjien määrän kasvaessa ja tarjottavien palvelujen monimutkaistuessa. Tehtävä vaatii toisaalta erikoistapauksien käsittelyä, toisaalta yleistettävyyttä laajan käyttäjistön suhteen. Tietoturvan ylläpidon automatisointia ovat edistäneet muun muassa politiikkapäätösten erottaminen toteutuksesta ja mahdollisten tietomurron merkkien tarkkailun delegointi siihen erikoistuneille ohjelmille (IDS). Palvelujen käyttäjistön kasvaessa ja siirtyessä nimettömämmiksi kurinpito ja tarkkailu kuitenkin vaikeutuvat entisestään, eikä ylläpitäjiä riitä sidottavaksi jatkuvaan käyttäjien vahtimiseen. Monesti valvoja voikin vain poistaa käyttöoikeuden häiriköltä, jolloin esimerkiksi hieman lievemmälle sääntöjen 'venyttämiselle'' ei juuri voi tehdä mitään. Luottamuksenhallinta helpottaa rikkomuksiin ja toisaalta hyvään käytökseen reagoimista asteittain. Sen pohjalta käyttäjien valvontaan, pääsynhallintaan ja resurssien rajoitukseen liittyvä hienosäätö voidaan tuoda ymmärrettäväksi osaksi ylläpitoa ja pitkälti myös automatisoida

From trading to eCommunity management : responding to social and contractual challenges

"The increasing pressure for enterprises to join into agile business networks is changing the requirements on the enterprise computing systems. The supporting infrastructure is increasingly required to provide common facilities and societal infrastructure services to support the lifecycle of loosely-coupled, eContract-governed business networks. The required facilities include selection of those autonomously administered business services that the enterprises are prepared to provide and use, contract negotiations, and furthermore, monitoring of the contracted behaviour with potential for breach management. The essential change is in the requirement of a clear mapping between business-level concepts and the automation support for them. Our work has focused on developing B2B middleware to address the above challenges; however, the architecture is not feasible without management facilities for trust-aware decisions for entering business networks and interacting within them. This paper discusses how trust-based decisions are supported and positioned in the B2B middleware.""The increasing pressure for enterprises to join into agile business networks is changing the requirements on the enterprise computing systems. The supporting infrastructure is increasingly required to provide common facilities and societal infrastructure services to support the lifecycle of loosely-coupled, eContract-governed business networks. The required facilities include selection of those autonomously administered business services that the enterprises are prepared to provide and use, contract negotiations, and furthermore, monitoring of the contracted behaviour with potential for breach management. The essential change is in the requirement of a clear mapping between business-level concepts and the automation support for them. Our work has focused on developing B2B middleware to address the above challenges; however, the architecture is not feasible without management facilities for trust-aware decisions for entering business networks and interacting within them. This paper discusses how trust-based decisions are supported and positioned in the B2B middleware.""The increasing pressure for enterprises to join into agile business networks is changing the requirements on the enterprise computing systems. The supporting infrastructure is increasingly required to provide common facilities and societal infrastructure services to support the lifecycle of loosely-coupled, eContract-governed business networks. The required facilities include selection of those autonomously administered business services that the enterprises are prepared to provide and use, contract negotiations, and furthermore, monitoring of the contracted behaviour with potential for breach management. The essential change is in the requirement of a clear mapping between business-level concepts and the automation support for them. Our work has focused on developing B2B middleware to address the above challenges; however, the architecture is not feasible without management facilities for trust-aware decisions for entering business networks and interacting within them. This paper discusses how trust-based decisions are supported and positioned in the B2B middleware."Peer reviewe

Reputation management survey

Peer reviewe

Automating decisions for inter-enterprise collaboration management

Proceeding volume: 283/2008The current trend towards networked business forces enterprises to enter federated, loosely-coupled business networks, since much of the competition takes place between networks and value nets. The Pilarcos E2B interoperability middleware supports trend by providing services such as business service discovery and selection, interoperability management, eContracting and reputation-based trust management. Although these services automate the interoperability knowledge management and interoperability. testing, and may help in routine decisions, an essential element of the architecture involves oil expert system that automates or supports decisions oil joining collaborations, acting in them, or leaving them. The expert system focuses oil a single enterprise needs. This paper focuses on the ways of governing the automation level in the expert system in a way suitable for autonomous enterprises to control their participation in agile collaborations.Peer reviewe

From subjective reputation to verifiable experiences - augmenting peer-control mechanisms for open service ecosystems

Peer reviewe

Service-oriented middleware for managing inter-enterprise collaborations

Peer reviewe