Engineering Trust-Awareness and Self-adaptability in Services and Systems

  title={Engineering Trust-Awareness and Self-adaptability in Services and Systems},
  author={Francisco Moyano and M. Carmen Fern{\'a}ndez Gago and Beno{\^i}t Baudry and Javier L{\'o}pez},
  booktitle={Engineering Secure Future Internet Services and Systems},
The Future Internet (FI) comprises scenarios where many heterogeneous and dynamic entities must interact to provide services (e.g., sensors, mobile devices and information systems in smart city scenarios). The dynamic conditions under which FI applications must execute call for self-adaptive software to cope with unforeseeable changes in the application environment. Models@run.time is a promising model-driven approach that supports the runtime adaptation of distributed, heterogeneous systems… 


Autonomic Trust Management for a Component-Based Software System
An adaptive trust control model to specify, evaluate, establish, and ensure the trust relationships among system entities and a number of trust control modes supported by the system are proposed.
A trust management framework for service-oriented environments
This paper presents a reputation-based trust management framework that supports the synthesis of trust-related feedback from many different entities while also providing each entity with the flexibility to apply different scoring functions over the same feedback data for customized trust evaluations.
UMLtrust: towards developing trust-aware software
A framework is presented for specifying trust scenarios using an extension of Unified Modeling Language (U ML) called UMLtrust (UML for trust scenarios) to avoid conflicting, ambiguous, and redundant trust requirements in a software development life cycle (SDLC).
Towards Engineering Trust-Aware Future Internet Systems
This paper proposes a UML extension for specifying trust and reputation requirements, and applies it to an eHealth case study and argues that these soft security requirements can leverage security in open, distributed, heterogeneous systems and applications.
Reputation Management for Distributed Service-Oriented Architectures
This work proposes a new methodology for discouraging antisocial behaviors of malicious service providers that declare QoS higher than the real one, which is fully distributed over the network and emulates a decentralized hierarchical trusting authority capable of managing reputation values and of providing correct QoS assessments.
Trust-adapted enforcement of security policies in distributed component-structured applications
  • P. Herrmann, H. Krumm
  • Computer Science
    Proceedings. Sixth IEEE Symposium on Computers and Communications
  • 2001
This work introduces trust-adapted control functions where the intensity of monitoring and behavior checks depends on the level of trust, the component, its hosting environment, and its vendor have currently in the eyes of the application administration.
TrustBAC: integrating trust relationships into the RBAC model for access control in open systems
The TrustBAC model is proposed, which extends the conventional role based access control model with the notion of trust levels and incorporates the advantages of both the role basedAccess control model and credential basedaccess control models.
Trust-Based Protection of Software Component Users and Designers
Trust management is used to reduce the significant performance overhead of the security wrappers by application of Josang's subjective logic to prevent that a component user sends wrong reports resulting in a bad trust value of the component, which therefore would be wrongly incriminated.
Decentralized trust management
This paper presents a comprehensive approach to trust management, based on a simple language for specifying trusted actions and trust relationships, and describes a prototype implementation of a new trust management system, called PolicyMaker, that will facilitate the development of security features in a wide range of network services.
A survey of trust and reputation systems for online service provision