This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Autonomic Trust Management for a Component-Based Software System
November/December 2011 (vol. 8 no. 6)
pp. 810-823
ASCII Text
x 
 
Zheng Yan, Christian Prehofer, "Autonomic Trust Management for a Component-Based Software System," IEEE Transactions on Dependable and Secure Computing, vol. 8, no. 6, pp. 810-823, November/December, 2011.
 
 
BibTex
x
 
@article{ 10.1109/TDSC.2010.47,
author = {Zheng Yan and Christian Prehofer},
title = {Autonomic Trust Management for a Component-Based Software System},
journal ={IEEE Transactions on Dependable and Secure Computing},
volume = {8},
number = {6},
issn = {1545-5971},
year = {2011},
pages = {810-823},
doi = {http://doi.ieeecomputersociety.org/10.1109/TDSC.2010.47},
publisher = {IEEE Computer Society},
address = {Los Alamitos, CA, USA},
}
 
 
RefWorks Procite/RefMan/Endnote
x 
 
TY - JOUR
JO - IEEE Transactions on Dependable and Secure Computing
TI - Autonomic Trust Management for a Component-Based Software System
IS - 6
SN - 1545-5971
SP810
EP823
EPD - 810-823
A1 - Zheng Yan,
A1 - Christian Prehofer,
PY - 2011
KW - Component software
KW - performance measures
KW - quality assurance
KW - trust modeling and evaluation.
VL - 8
JA - IEEE Transactions on Dependable and Secure Computing
ER -
 
Zheng Yan, Nokia Research Center, Helsinki
Christian Prehofer, Fraunhofer ESK, Munich
Trust plays an important role in software systems, especially component-based systems in which components or their environments vary. This paper introduces an autonomic trust management solution for a component-based software system. We propose an adaptive trust control model to specify, evaluate, establish, and ensure the trust relationships among system entities. This model concerns the quality attributes of the entity and a number of trust control modes supported by the system. In particular, its parameters can be adaptively adjusted based on runtime trust assessment in order to reflect real system context and situation. Based on this model, we further develop a number of algorithms that can be adopted by a trust management framework for autonomic management of trust during component execution. We verify the algorithms' feasibility through simulations and demonstrate the effectiveness and benefits of our solution. We also discuss the issues for successful deployment of our solution in a component software platform.

[1] A. Avizienis, J.C. Laprie, B. Randell, and C. Landwehr, “Basic Concepts and Taxonomy of Dependable and Secure Computing,” IEEE Trans. Dependable and Secure Computing, vol. 1, no. 1, pp. 11-33, Jan. 2004.
[2] S. Banerjee, C.A. Mattmann, N. Medvidovic, and L. Golubchik, “Leveraging Architectural Models to Inject Trust into Software Systems,” Proc. Workshop Software Eng. for Secure Systems—Building Trustworthy Applications, vol. 30, no. 4, 2005.
[3] D.E. Denning, “A New Paradigm for Trusted Systems,” Proc. Workshop New Security Paradigms, pp. 36-41, 1993.
[4] A.K. Dey, “Understanding and Using Context,” Personal and Ubiquitous Computing J., vol. 5, pp. 4-7, 2001.
[5] D. Garlan, J. Kramer, and A. Wolf, eds., Proc. First ACM SIGSOFT Workshop Self-Healing Systems, 2002.
[6] D. Garlan, J. Kramer, and A. Wolf, eds., Proc. First ACM SIGSOFT Workshop Self-Managing Systems, 2004.
[7] T. Grandison and M. Sloman, “A Survey of Trust in Internet Applications,” IEEE Comm. Surveys and Tutorials, vol. 3, no. 4, pp. 2-16, Sept. 2000.
[8] R. Guha, R. Kumar, P. Raghavan, and A. Tomkins, “Propagation of Trust and Distrust,” Proc. 13th Int'l Conf. World Wide Web (WWW), pp. 403-412, 2004.
[9] R.S. Hall, D. Heimbigner, A. Van Der Hoek, and A.L. Wolf, “An Architecture for Post-Development Configuration Management in a Wide-Area Network,” Proc. 17th Int'l Conf. Distributed Computing Systems, pp. 269-278, 1997.
[10] W. Hasselbring and R. Reussner, “Toward Trustworthy Software Systems,” Computer, vol. 39, no. 4, pp. 91-92, Apr. 2006.
[11] P. Herrmann, “Trust-Based Procurement Support for Software Components,” Proc. Fourth Int'l Conf. Electronic Commerce Research, pp. 505-514, 2001.
[12] P. Herrmann, “Trust-Based Protection of Software Component Users and Designers,” Proc. First Int'l Conf. Trust Management, pp. 75-90, 2003.
[13] J.Y. Jian, A.M. Bisantz, and C.G. Drury, “Foundations for an Empirically Determined Scale of Trust in Automated Systems,” Int'l J. Cognitive Ergonomics, vol. 4, no. 1, pp. 53-71, 2000.
[14] K. Joshi, M. Hiltunen, R. Schlichting, W. Sanders, and A. Agbaria, “Online Model-Based Adaptation for Optimizing Performance and Dependability,” Proc. First ACM SIGSOFT Workshop Self-Managed Systems, pp. 85-89, 2004.
[15] A. Jøsang and S.J. Knapskog, “A Metric for Trusted Systems,” Proc. 21st Nat'l Security Conf., 1998.
[16] A. Jøsang, “A Logic for Uncertain Probabilities,” Int'l J. of Uncertainty, Fuzziness and Knowledge-Based Systems, vol. 9, no. 3, pp. 279-311, 2001.
[17] S. Kamvar, M. Scholsser, and H. Garcia-Molina, “The EigenTrust Algorithm for Reputation Management in P2P Networks,” Proc. 12th Int'l Conf. World Wide Web (WWW), 2003.
[18] B. Kosko, “Fuzzy Cognitive Maps,” Int'l J. Man-Machine Studies, vol. 24, pp. 65-75, 1986.
[19] S. Lee, R. Sherwood, and B. Bhattacharjee, “Cooperative Peer Groups in NICE,” Proc. IEEE INFOCOM, pp. 1272-1282, 2003.
[20] Z. Liang and W. Shi, “PET: A Personalized Trust Model with Reputation and Risk Evaluation for P2P Resource Sharing,” Proc. 38th Ann. Hawaii Int'l Conf. System Sciences, pp. 201-202, Jan. 2005.
[21] C. Lin, V. Varadharajan, Y. Wang, and V. Pruthi, “Enhancing Grid Security with Trust Management,” Proc. IEEE Int'l Conf. Services Computing, pp. 303-310, 2004.
[22] S. Malek, N. Esfahani, D. Menasce, J. Sousa, and H. Gomaa, “Self-Architecting Software Systems (SASSY) from QoS-Annotated Activity Models,” Proc. Int'l Conf. Software Eng. (ICSE) Workshop Principles of Eng. Service-Oriented Systems, pp. 62-69, 2009.
[23] M. Mikic-Rakic, S. Malek, and N. Medvidovic, “Architecture-Driven Software Mobility in Support of QoS Requirements,” Proc. First Int'l Workshop Software Architectures and Mobility, pp. 3-8, 2008.
[24] P. Resnick and R. Zeckhauser, “Trust among Strangers in Internet Transactions: Empirical Analysis of eBay's Reputation System,” Advances in Applied Microeconomics: The Economics of the Internet and E-Commerce, M. Baye, ed., vol. 11, pp. 127-157, Elsevier, Nov. 2002.
[25] Robocop, Space4U and Trust4All, https:/nlsvr2.ehv.campus. philips.com/, 2008.
[26] A. Singh and L. Liu, “TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems,” Proc. IEEE Int'l Conf. Peer-to-Peer Computing, pp. 142-149, 2003.
[27] S. Song, K. Hwang, R. Zhou, and Y.-K. Kwok, “Trusted P2P Transactions with Fuzzy Reputation Aggregation,” IEEE Internet Computing, vol. 9, no. 6, pp. 24-34, Nov.-Dec. 2005.
[28] C.D. Stylios, V.C. Georgopoulos, and P.P. Groumpos, “The Use of Fuzzy Cognitive Maps in Modeling Systems,” Proc. Fifth IEEE Mediterranean Conf. Control and Systems, http://med.ee.nd.edu/MED5/PAPERS/067067.PDF , 1997.
[29] Y. Sun, W. Yu, Z. Han, and K.J.R. Liu, “Information Theoretic Framework of Trust Modeling and Evaluation for Ad Hoc Networks,” IEEE J. Selected Areas in Comm., vol. 24, no. 2, pp. 305-317, Feb. 2006.
[30] G. Suryanarayana, M.H. Diallo, J.R. Erenkrantz, and R.N. Taylor, “Architectural Support for Trust Models in Decentralized Applications,” Proc. 28th Int'l Conf. Software Eng., pp. 52-61, 2006.
[31] TCG TPM Specification v1.2, https://www. trustedcomputinggroup.org/ specsTPM/, 2003.
[32] G. Theodorakopoulos and J.S. Baras, “On Trust Models and Trust Evaluation Metrics for Ad Hoc Networks,” IEEE J. Selected Areas in Comm., vol. 24, no. 2, pp. 318-328, Feb. 2006.
[33] M. Uddin, M. Zulkernine, and S.I. Ahamed, “CAT: A Context-Aware Trust Model for Open and Dynamic Systems,” Proc. ACM Symp. Applied Computing (SAC '08), 2008.
[34] Y. Wang and V. Varadharajan, “${\rm Trust}^2$ : Developing Trust in Peer-to-Peer Environments,” Proc. IEEE Int'l Conf. Services Computing, vol. 1, pp. 24-31, 2005.
[35] K. Walsh and E.G. Sirer, “Fighting Peer-To-Peer SPAM and Decoys with Object Reputation,” Proc. Third Workshop Economics of Peer-to-Peer Systems, pp. 138-143, 2005.
[36] L. Xiong and L. Liu, “PeerTrust: Supporting Reputation-Based Trust for Peer-to-Peer Electronic Communities,” IEEE Trans. Knowledge and Data Eng., vol. 16, no. 7, pp. 843-857, July 2004.
[37] Z. Yan, “Predicting Trustworthiness for Component Software,” Proc. Third Int'l Workshop Security, Privacy and Trust in Pervasive and Ubiquitous Computing, pp. 1-6, 2007.
[38] Z. Yan, “Trust Management for Mobile Computing Platforms,” PhD dissertation, Dept. of Electrical and Comm. Eng., Helsinki Univ. of Tech nology, 2007.
[39] Z. Yan, “Autonomic Trust Management for a Pervasive System,” Proc. Int'l Conf. Security and Cryptography (Secrypt '08), pp. 491-500, July 2008.
[40] Z. Yan and S. Holtmanns, “Trust Modeling and Management: From Social Trust to Digital Trust,” Computer Security, Privacy and Politics: Current Issues, Challenges and Solutions, R. Subramanian, ed., IGI Global, 2008.
[41] Z. Yan and C. Prehofer, “An Adaptive Trust Control Model for a Trustworthy Component Software Platform,” Proc. Int'l Conf. Autonomic and Trusted Computing, pp. 226-238, 2007.
[42] Z. Zhang, X. Wang, and Y. Wang, “A P2P Global Trust Model Based on Recommendation,” Proc. Int'l Conf. Machine Learning and Cybernetics, vol. 7, pp. 3975-3980, 2005.
[43] M. Zhou, W. Jiao, and H. Mei, “Customizable Framework for Managing Trusted Components Deployed on Middleware,” Proc. 10th IEEE Int'l Conf. Eng. of Complex Computer Systems, pp. 283-291, 2005.
[44] M. Zhou, H. Mei, and L. Zhang, “A Multi-Property Trust Model for Reconfiguring Component Software,” Proc. Fifth Int'l Conf. Quality Software, pp. 142-149, 2005.

Index Terms:
Component software, performance measures, quality assurance, trust modeling and evaluation.
Citation:
Zheng Yan, Christian Prehofer, "Autonomic Trust Management for a Component-Based Software System," IEEE Transactions on Dependable and Secure Computing, vol. 8, no. 6, pp. 810-823, Nov.-Dec. 2011, doi:10.1109/TDSC.2010.47
Usage of this product signifies your acceptance of the Terms of Use.