Abstract
We describe the application of our collaboration-oriented software engineering approach to the design of trust-aware systems. In this model-based technique, a specification does not describe a physical system component but the collaboration between various components which achieve system functions by cooperation. A system model is composed from these collaboration specifications. By a set of transformations, executable code can be automatically generated. As a modeling language, we use UML 2.0 collaborations and activities, for which we defined a semantics based on temporal logic. Thus, formal refinement and property proofs can be provided by applying model checkers as well. We consider our approach to be well-suited for the development of trust-based systems since the trust relations between different parties can be nicely modeled by the collaborations. This ability facilitates also a tight cooperation between trust management and software engineering experts which are both needed to create scalable trust-aware applications. The engineering approach is introduced by means of an electronic auction system executing different policies which are guided by the mutual trust of its principals. While the approach can be used for various trust models, we apply Jøsang’s Subjective Logic in the example.
Please use the following format when citing this chapter: Herrmann, P. and Kraemer, F. A., 2007, in IFIP International Federation for information Processing, Volume 238, Trust Management, eds. Etalle, S., Marsh, S., (Boston: Springer), pp. 317–332.
An erratum to this chapter is available at http://dx.doi.org/10.1007/978-0-387-73655-6_30
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Cheskin Research and Studio Archetype/Sapient, eCommerce Trust Study (1999).
A. Jøsang, A Logic for Uncertain Probabilities, International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 9, 279–311 (2001).
A.J.I. Jones and B.S. Firozabadi, On the Characterisation of a Trusting Agent —Aspects of a Formal Approach, in: Trust and Deception in Virtual Societies, edited by C. Castelfranchi and Y.H. Tan (Kluwer Academic Publishers, 2001), pp. 157–168.
R. Falcone and C. Castelfranchi, Social Trust: A Cognitive Approach, in: Trust and Deception in Virtual Societies, edited by C. Castelfranchi and Y.H. Tan (Kluwer Academic Publishers, 2001), pp. 55–90.
N. Mezzetti, A Socially Inspired Reputation Model, in: 1st European Workshop on Public Key Infrastructure (EuroPKI 2004), Samos, edited by S.K. Katsikas, S. Gritzalis and J. Lopez, LNCS 3093 (Springer-Verlag, 2004), pp. 191–204.
M. Blaze, J. Feigenbaum, and J. Lacy, Decentralized Trust Management, in: Proc. 17th Symposium on Security and Privacy, Oakland (IEEE Computer, 1996), pp. 164–173.
T. Grandison and M. Sloman, Specifying and Analysing Trust for Internet Applications, in: Proc. 2nd IFIP Conference on E-Commerce, E-Business & E-Government (I3E), Lisbon (Kluwer Academic, 2002), pp. 145–157.
A. Abdul-Rahman and S. Hailes, Supporting Trust in Virtual Communities, in: Proc. 33rd Hawaii International Conference, Volume 6., Maui, Hawaii (IEEE Computer, 2000).
K. Aberer and Z. Despotovic, Managing Trust in a Peer-2-Peer Information System. in: Proc. 10th International Conference on Information and Knowledge Management (CIKM’01), New York, edited by H. Paques et al. (ACM Press, 2001), pp. 310–317.
F. Azzedin and M. Maheswaran, A TrustBrokering System and Its Application to Resource Management in Public-Resource Grids, in: Proc. 18th International Parallel and Distributed Processing Symposium (IPDPS’04), Santa Fe (IEEE Computer, 2004).
L. Xiong and L. Liu, Building Trust in Decentralized Peer-to-Peer Electronic Communities, in: Proc. 5th International Conference on Electronic Commerce Research (ICECR-5), Dallas (ATSMA, 2002).
S.D. Kamvar, M.T., Schlosser, and H. Garcia-Molina, The EigenTrust Algorithm for Reputation Management in P2P Networks, in: Proc. 12th International World Wide Web Conference, Budapest (ACM Press, 2003).
D. Ingram, An Evidence Based Architecture for Efficient, Attack-Resistant Computational Trust Dissemination in Peer-to-Peer Networks, in: Proc. 3rd International Conference on Trust Management, Paris, edited by P. Herrmann et al., LNCS 3477 (Springer-Verlag, 2005), pp. 273–288.
P. Bonatti and P. Samarati, A Unified Framework for Regulating Access and Information Release on the Web, Journal of Computer Security 10 241–272 (2002).
T. Yu, M. Winslett, and K.E. Seamons, Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies for Automated Trust Negotiation, ACM Transactions on Information and System Security 6 1–42 (2003).
H. Koshutanski and F. Massacci, Interactive Access Control for Web Services, in: Proc. 19th IFIP Information Security Conference (SEC 2004), Toulouse (Kluwer Academic, 2004), pp. 151–166.
A.J. Lee, M. Winslett, J. Basney, and V. Welch, Traust: A Trust Negotiation Based Authorization Service, in: Proc. 4th International Conference on Trust Management, Pisa, edited by K. Stølen et al., LNCS 3986 (Springer-Verlag, 2006), pp. 458–462.
S. Pearson and M.C. Mont, Provision of Trusted Identity Management Using Trust Credentials, in: Proc. 4th International Conference on Trust Management, Pisa, edited by K. Stølen et al., LNCS 3986 (Springer-Verlag, 2006), pp. 267–282.
S. Pearson, Trusted Computing: Strengths, Weaknesses and Further Opportunities for Enhancing Privacy, in: Proc. 3rd International Conference on Trust Management, Paris, edited by P. Herrmann et al., LNCS 3477 (Springer-Verlag, 2005), pp. 305–320.
C.D. Jensen and P.O. Connell, Trust-Based Route Selection in Dynamic Source Routing, in: Proc. 4th International Conference on Trust Management, Pisa, edited by K. Stølen et al., LNCS 3986 (Springer-Verlag, 2006), pp. 150–163.
F. Kerschbaum, J. Haller, Y. Karabulut, and P. Robinson, PathTrust: A TrustBased Reputation Service for Virtual Organization Formation, in: Proc. 4th International Conference on Trust Management, Pisa, edited by K. Stølen et al., LNCS 3986 (Springer-Verlag, 2006), pp. 193–205.
P. Herrmann, Trust-Based Protection of Software Component Users and Designers, in: Proc. 1st International Conference on Trust Management, Heraklion, edited by P. Nixon and S. Terzis, S., LNCS 2692 (Springer-Verlag, 2003), pp. 75–90.
G. Lenzini, A. Tokmakoff, and J. Muskens, Managing Trustworthiness in Component-Based Embedded Systems, in: Proc. 2nd International Workshop on Security and Trust Management, Hamburg (2006).
D. Quercia, S. Hailes, and L. Capra, B-Trust: Bayesian Trust Framework for Pervasive Computing, in: Proc. 4th International Conference on Trust Management, Pisa, edited by K. Stølen et al., LNCS 3986 (Springer-Verlag, 2006), pp. 298–312.
F.A. Kraemer and P. Herrmann, Service Specification by Composition of Collaborations —An Example, in: 2nd International Workshop on Service Composition (Sercomp), Hong Kong (IEEE Computer, 2006).
G. Booch, J. Rumbaugh, and I. Jacobson, The Unified Modeling Language User Guide (Addison-Wesley, 1999).
Object Management Group, Unified Modeling Language: Superstructure (2006).
R.T. Sanders, H.N. Castejón, F.A. Kraemer, and R. Braek, Using UML 2.0 Collaborations for Compositional Service Specification, in: ACM / IEEE 8th International Conference on Model Driven Engineering Languages and Systems (2005).
J.E.Y. Rossebø and R. Bræk, Towards a Framework of Authentication and Authorization Patterns for Ensuring Availability in Service Composition, in: Proc. 1st International Conference on Availability, Reliability and Security (ARES’06) (IEEE Computer, 2006), pp. 206–215.
H.N. Castejón and R. Braek, A Collaboration-based Approach to Service Specification and Detection of Implied Scenarios, in: ICSE’s 5th Workshop on Scenarios and State Machines: Models, Algorithms and Tools (SCESM’06) (2006).
F.A. Kraemer and P. Herrmann, Transforming Collaborative Service Specifications into Efficiently Executable State Machines, to appear in:Electronic Communications of the EASST (2007).
F.A. Kraemer, P. Herrmann, and R. Bræk, Aligning UML 2.0 State Machines and Temporal Logic for the Efficient Execution of Services, in: Proc. 8th International Symposium on Distributed Objects and Applications (DOA), Montpellier, edited by R. Meersmann and Z. Tari, LNCS 4276 (Springer-Verlag, 2006), pp. 1613–1632.
L. Lamport, Specifying Systems (Addison-Wesley, 2002).
Y. Yu, P. Manolios, and L. Lamport, Model Checking TLA+ Specifications, in: Correct Hardware Design and Verification Methods (CHARME’ 99), edited by L. Pierre and T. Kropf, LNCS 1703, (Springer-Verlag, 1999), pp. 54–66.
A. Jøsang, The right type of trust for distributed systems, in: Proc. UCLA conference on New security paradigms workshops, Lake Arrowhead (ACM Press, 1996), pp. 119–131.
A. Jøsang, An Algebra for Assessing Trust in Certification Chains, in: Proc. Network and Distributed Systems Security Symposium (NDSS’99), edited by J. Kochmar (The Internet Society, 1999).
A. Jøsang and S.J. Knapskog, A Metric for Trusted Systems, in: Proc. 21st National Security Conference (NSA, 1998).
P. Herrmann and H. Krumm, A Framework for Modeling Transfer Protocols, Computer Networks 34, 317–337 (2000).
R. Bræk, Unified System Modelling and Implementation, in: International Switching Symposium, Paris (1979), pp. 1180–1187.
R. Bræk, J. Gorman, Ø. Haugen, G. Melby, B. Møller-Pedersen, and R.T. Sanders, Quality by Construction Exemplified by TIMe —The Integrated Methodology, Telektronikk 95, 73–82 (1997).
Ø. Haugen and B. Møller-Pedersen, JavaFrame —Framework for Java Enabled Modelling, in: Proc. Ericsson Conference on Software Engineering, Stockholm, (Ericsson, 2000).
P. Herrmann, Temporal Logic-Based Specification and Verification of Trust Models, in: Proc. 4th International Conference on Trust Management, Pisa, edited by K. Stølen et al., LNCS 3986 (Springer-Verlag, 2006), pp. 105–119.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 International Federation for Information Processing
About this paper
Cite this paper
Herrmann, P., Kraemer, P.A. (2007). Design of Trusted Systems with Reusable Collaboration Models. In: Etalle, S., Marsh, S. (eds) Trust Management. IFIPTM 2007. IFIP International Federation for Information Processing, vol 238. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-73655-6_21
Download citation
DOI: https://doi.org/10.1007/978-0-387-73655-6_21
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-73654-9
Online ISBN: 978-0-387-73655-6
eBook Packages: Computer ScienceComputer Science (R0)