Trust and Risk Relationship Analysis on a Workflow Basis: A Use Case

Trust and risk are often seen in proportion to each other; as such, high trust may induce low risk and vice versa. However, recent research argues that trust and risk relationship is implicit rather than proportional. Considering that trust and risk are implicit, this paper proposes for the first time a novel approach to view trust and risk on a basis of a W3C PROV provenance data model applied in a healthcare domain. We argue that high trust in healthcare domain can be placed in data despite of its high risk, and low trust data can have low risk depending on data quality attributes and its provenance. This is demonstrated by our trust and risk models applied to the BII case study data. The proposed theoretical approach first calculates risk values at each workflow step considering PROV concepts and second, aggregates the final risk score for the whole provenance chain. Different from risk model, trust of a workflow is derived by applying DS/AHP method. The results prove our assumption that trust and risk relationship is implicit

To Trust or Not to Trust? Developing Trusted Digital Spaces through Timely Reliable and Personalized Provenance

Organizations are increasingly dependent on data stored and processed by distributed, heterogeneous services to make critical, high-value decisions. However, these service-oriented computing environments are dynamic in nature and are becoming ever more complex systems of systems. In such evolving and dynamic eco-system infrastructures, knowing how data was derived is of significant importance in determining its validity and reliability. To address this, a number of advocates and theorists postulate that provenance is critical to building trust in data and the services that generated it as it provides evidence for data consumers to judge the integrity of the results. This paper presents a summary of the STRAPP (trusted digital Spaces through Timely Reliable And Personalised Provenance) project, which is designing and engineering mechanisms to achieve a holistic solution to a number of real-world service-based decision-support systems

Personalised Provenance Reasoning Models and Risk Assessment in Business Systems: A Case Study

As modern information systems become increasingly business- and safety-critical, it is extremely important to improve both the trust that a user places in a system and their understanding of the risks associated with making a decision. This paper presents the STRAPP framework, a generic framework that supports both of these goals through the use of personalised provenance reasoning engines and state-of-art risk assessment techniques. We present the high-level architecture of the framework, and describe the process of systematically modelling system provenance with the W3C PROV provenance data model. We discuss the business drivers behind the concept of personalizing provenance information, and describe an approach to enabling this through a user-adaptive system style. We discuss using data provenance for risk management and treatment in order to evaluate risk levels, and discuss the use of CORAS to develop a risk reasoning engine representing core classes and relationships. Finally, we demonstrate the initial implementation of our personalised provenance system in the context of the Rolls-Royce Equipment Health Management, and discuss its operation, the lessons we have learnt through our research and implementation (both technical and in business), and our future plans for this project