Trust Management Systems: Reference Architecture and Personalization

Rashad, Hisham S. M.

20 September 2017

Trust is the cornerstone of success in any relationship between two or more parties. Generally, we do not socialize, seek advice, consult, cooperate, buy or sell goods and services from/to others unless we establish some level of mutual trust between interacting parties. When e-commerce was merging infancy, the concept of trusting an entity in a virtual world was a huge obstacle. Gradually, increasingly-sophisticated, largely generic reputation scoring and management systems were embedded into the evolving marketplaces. Current technologies to include cloud computing, social networking, and mobile applications, coupled with the explosion in storage capacity and processing power, are evolving large-scale global marketplaces for a wide variety of resources and services, such as Amazon.com, BitTorrent, WebEx and Skype. In such marketplaces, user entities, or users for short; namely, consumers, providers and brokers, are largely autonomous with vastly diverse requirements, capabilities and trust profiles. Users' requirements may include service quality levels, cost, ease of use, etc. Users' capabilities may include assets owned or outsourced. Trustors' profiles may include what is promised and commitments to keep these promises. In such a large-scale heterogeneous marketplace, the trustworthy interactions and transactions in services and resources constitute a challenging endeavor. Currently, solving such issues generally adopts a "one-size fits all" trust models and systems. Such approach is limiting due to variations in technology, conflicts between users' requirements and/or conflicts between user requirements and service outcomes. Additionally, this approach may result in service providers being overwhelmed by adding new resources to satisfy all possible requirements, while having no information or guarantees about the level of trust they gain in the network. Accordingly, we hypothesize the need for personalizable customizable Trust Management Systems (TMSs) for the robustness and wide-scale adoption of large-scale marketplaces for resources and services. Most contemporary TMSs suffer from the following drawbacks: • Oblivious to diversities in trustors' requirements, • Primarily utilize feedback and direct or indirect experience as the only form of credentials and trust computations, • Trust computation methodologies are generally hardcoded and not reconfigurable, • Trust management operations, which we identify as monitoring, data management, analysis, expectation management, and decision making, are tightly coupled. Such coupling impedes customizability and personalization, and • Do not consider context in trust computations, where trust perspectives may vary from a context to another. Given these drawbacks and the large scale of the global marketplace of resources and services, a reference architecture for trust management systems is needed, which can incorporate current systems and may be used in guidance and development of a wide spectrum of trust management systems ranging from un-personalized to fully personalized systems. Up to our knowledge, no TMS reference architecture exists in the literature. In this dissertation, we propose a new Reference Architecture for Trust Management (RATM). The proposed reference architecture applies separation of concern among trust management operations; namely, decision expectation, analytics, data management and monitoring. RATM defines trust management operations through five reconfigurable components which collectively can be used to implement a wide spectrum of trust management systems ranging from generic to highly personalized systems. We used RATM for trust personalization, where we propose a Personalized Trust Management System (PTMS) based on RATM. We evaluated PTMS's scalability and demonstrated its effectiveness, efficiency and resilience by contrasting against a Generic Trust Management System (GTMS). We used two case studies for our evaluations; namely, BitTorrent and a video conferencing application. Intellectual Merit In this work, we propose RATM, a reference architecture for trust management systems that can be used to implement a wide variety of trust management systems ranging from generic systems (un-personalized) to highly personalized systems. We assume service-based environment where consumers, brokers and service providers are interacting and transacting in services and resources to satisfying their own trust requirements. We used RATM to implement a personalized trust management system (TMS). The main contributions of this work are as follows: • Proposing RATM for the guidance and development of a wide spectrum of TMSs ranging from un-personalized to fully personalized systems, and • Utilizing our RATM to propose and implement a personalized, scalable TMS with varying trust computation models. Broader Impact RATM provides reference architecture for trust management which can be used to develop and evaluate a wide spectrum of TMSs. Personalization, in general, paves the road for reaching high levels of satisfaction, where interacting parties' requirements are individually considered and thus consumers are served the best suited service(s). Hence, we claim that PTMS would largely enhance large-scale heterogeneous systems offering services and resources. This could lead to more cooperation, more transactions, more satisfaction, less malicious behavior and lower costs. / PHD

Trust Management

Reputation Management

Trust Personalization

Trust Management Reference Architecture

Trust-driven Services

Human Inspired Trust Management