A human-centric runtime framework for mixed service-oriented systems

A wide range of Web-based tools and socially-enhanced collaboration services have changed models of work. In today??s collaboration systems, interactions typically span a number of people and services to work on joint tasks or to solve emerging problems. Finding the right collaboration partner in Web-based interactions remains challenging due to scale and the temporary nature of collaborations. We argue that humans need different ways to indicate their availability and desire to join collaborations. In this work, we discuss collaboration scenarios where people define services based on their dynamically changing skills and expertise by using Human-Provided Services. This approach is motivated by the need to support novel service-oriented applications in emerging crowdsourcing environments. In such open and dynamic environments, user participation is often driven by intrinsic incentives and actors properties such as reputation. We present a framework enabling users to define personal services to cope with complex interactions. We focus on the discovery and provisioning of human expertise in service-oriented environments.     

Unifying Human and Software Services in Web-Scale Collaborations

As collaborative Web-based platforms evolve into service-oriented architectures, they promote composite and user-enriched services. In such platforms, the collaborations typically involve both humans and software services, thus creating highly dynamic and complex interactions. However, today's collaboration tools don't let humans specify different interaction interfaces (services), which can be reused in various collaborations. Furthermore, humans need more ways to indicate their availability and desire to participate in collaborations. The human-provided services (HPS) framework lets people manage their interactions and seamlessly integrate their capabilities into Web-scale workflows as services. It unifies humans and software services and supports ad hoc and process-centric collaborations.     

Derivation of trust federation for collaborative business processes

Service Oriented Architecture (SOA) is considered to be an important enabler of Internet of Services. By adopting SOA in development, business services can be offered, mediated, and traded as web services, so as to support agile and dynamic business collaborations on the Internet. Business collaboration is often implemented as cross-enterprise processes and involves more than one business entity which agrees to join the collaboration. To enable trustworthy and secure provision of services and service composition across enterprise boundaries, trust between business participants must be established, that is, user identities and access rights must be federated, to support business functions defined in the business processes. This paper proposes an approach which derives trust federation from formally described business process models, such as BPMN and WS-CDL processes, to automate security configuration of business collaborations. The result of the derivation is trust policies which identify trust relationships between business participants and can be enforced in enterprises’ service runtimes with support of a policy deployment infrastructure.     

Extracting trust information from security system of a service

The issue of trust is a research problem in emerging open environments, such as ubiquitous networks. Such environments are highly dynamic and they contain diverse number of services and autonomous entities. Entities in open environments have different security needs from services. Trust computations related to the security systems of services necessitate information that meets needs of each entity. Obtaining such information is a challenging issue for entities. In this paper, we propose a model for extracting trust information from the security system of a service based on the needs of an entity. We formally represent security policies and security systems to extract trust information according to needs of an entity. The formal representation ensures an entity to extract trust information about a security property of a service and trust information about whole security system of the service. The proposed model is applied to Dental Clinic Patient Service as a case study with two scenarios. The scenarios are analyzed experimentally with simulations. The experimental evaluation shows that the proposed model provides trust information related to the security system of a service based on the needs of an entity and it is applicable in emerging open environments.     

Collaboration through computation: incorporating trust model into service-based software systems

The open and dynamic nature of service-based software systems necessitates spontaneous and trustworthy interactions between collaborating entities. Service providers are exposed to users spanned across multiple organizational domains, so can be exploited by potentially untrustworthy service requestors. Given that, service providers need to trust requestors before granting them with services. Trust encompasses a number of quality attributes (e.g., security, competence, honesty) and helps in dynamic decision making. In this paper, we present a trust-based service collaboration approach, facilitated by the analysis of service-based interactions between service providers and requestors, and recommendations between service providers. Service providers exchange recommendations to convey their trust on requestors. This collaboration is quantified using our proposed trust model, called CAT, a Context-Aware Trust model based on service-based interactions by considering services as contexts. We identify a number of collaboration-based trust properties including risk and context-awareness and incorporate them in CAT. A context-similarity parameter is introduced to decide on similar services. A time-based ageing parameter is proposed to decrease trust values over time without any further interactions. Direct and indirect recommendations from other service providers are included in total trust calculation, with a path-based ageing parameter applying over indirect recommendations. A mechanism to calculate the accuracy of recommendations is proposed to differentiate between reliable and unreliable recommendations. These calculation schemes are employed in a trust-based service collaboration algorithm to automatically decide on granting services to requestors. The approach is elaborated using examples from file sharing applications, and successfully evaluated by implementing a prototype service-based file sharing grid. This research is partially funded by the Natural Sciences and Engineering Research Council of Canada (NSERC).     

动态Web服务行为适配方法初探

面向服务的计算是当前软件工程领域和软件产业界的研究热点之一。随着Web服务组合技术的广泛应用,服务间的行为交互日趋复杂,已存在的静态Web服务行为适配方法难以支持复杂Web服务间的行为适配。以此为背景,首先介绍Web服务适配的相关概念,然后分析现有的静态Web服务行为适配方法的研究现状和存在的主要问题,最后探讨动态Web服务行为适配的基本原理、一般方法和技术优势。     

Design,development and evaluation of a human-computer trust scale

ABSTRACT

New technologies, data, and algorithms impact nearly every aspect of daily life. Unfortunately, many of these algorithms operate like black boxes and cannot explain their results even to their programmers, let alone to end-users. As more and more tasks get delegated to such intelligent systems and the nature of user interactions with them becomes increasingly complex, it is important to understand the amount of trust that a user is willing to place on such systems. However, attempts at quantifying trust have either been limited in their scope or not empirically thorough. To address this, we build on prior work which empirically modelled trust in user-technology interactions and describe the development and evolution of a human computer trust scale. We present results of two studies (N=118 & N=183) which were undertaken to assess the reliability and validity of the proposed scale. Our study contributes to the literature by (a) developing a multi-dimensional scale to assess user trust in HCI and (b) being the first study to use the concept of design fiction and future scenarios to study trust.     

Taxonomy of trust relationships in authorization domains for cloud computing

Cloud computing is revealing a new scenario where different cloud customers need to collaborate to meet client demands. The cloud stack must be able to support this situation by enabling collaborative agreements between cloud customers. However, these collaborations entail new security risks since participating entities should trust each other to share a set of resources. The management of trust relationships in the cloud is gaining importance as a key element to establish a secure environment where entities are given full control in the definition of which particular services or resources they are willing to share. Entities can cooperate at different levels of trust, according to their willingness of sharing information. This paper analyses these collaboration agreements defining a taxonomy of different levels of trust relationships among customers for the cloud. Privacy concerns, assumed risk, as well as easiness in the definition of the trust relationships have been taken into account. A set of different trust relationships have been identified and modeled, enabling entities to control the information they share with others in the cloud. The proposed model has been validated with a prototypical implementation. Likewise, some examples to illustrate the application of these trust models to common cloud collaboration scenarios are provided.     

On the realizability of collaborative services

This paper considers compositional specifications of services using UML 2 collaborations, activity and interaction diagrams, and addresses the realizability problem for such specifications: given a global specification, can we construct a set of communicating system components whose joint behavior is precisely the specified global behavior? We approach the problem by looking at how the sequencing of collaborations and local actions may be described using UML activity diagrams. We identify the realizability problems for each of the sequencing operators, such as strong and weak sequence, choice of alternatives, loops, and concurrency. The nature of these realizability problems and possible solutions are discussed. This brings a new look at already known problems: we show that given some conditions, certain problems can already be detected at an abstract level, without looking at the detailed interactions of the collaborations, provided that we know the components that initiate and terminate the different collaborations.     

Engineering trust alignment: Theory,method and experimentation

In open multi-agent systems trust models are an important tool for agents to achieve effective interactions. However, in these kinds of open systems, the agents do not necessarily use the same, or even similar, trust models, leading to semantic differences between trust evaluations in the different agents. Hence, to successfully use communicated trust evaluations, the agents need to align their trust models. We explicate that currently proposed solutions, such as common ontologies or ontology alignment methods, lead to additional problems and propose a novel approach. We show how the trust alignment can be formed by considering the interactions that agents share and describe a mathematical framework to formulate precisely how the interactions support trust evaluations for both agents. We show how this framework can be used in the alignment process and explain how an alignment should be learned. Finally, we demonstrate this alignment process in practice, using a first-order regression algorithm, to learn an alignment and test it in an example scenario.     

Productive Interrelationships between Collaborative Groups Ease the Challenges of Dynamic and Multi-Teaming

Work organization and team membership is highly complex for modern workers. Teams are often dynamic as personnel change during a project. Dynamic team members have to be actively recruited and personnel changes make it harder for participants to retain group focus. Workers are often members of multiple groups. Though prior work has identified the prevalence of multi-teaming and dynamic teams, it has been unable to explain how workers cope with the challenges the new style of work should cause. This paper systematically characterizes the modern organizational landscape from an individual perspective, by studying how people typically organize work across their multiple collaborative groups. A unique contribution of our work is to examine the interrelationships between the collaborative groups individuals typically participate in. We introduce the notion of a collaboration profile to characterize these interrelations. We expected workers to be overburdened by contributing to multiple teams often with shifting personnel. However, we found that multi-teaming involves productive interrelationships between collaborative groups that ease some of the documented challenges of dynamic teams, such as goal setting, recruiting, and group maintenance. We define a typology that describes the various types of collaborative groups workers participate in, and provide examples of productive interrelations between collaborations. In characterizing interrelations between collaborations, we provide detailed examples of how people exploit resources across their different collaborations to address the problems of working in multiple dynamic teams.     

Dynamic and scalable multi-level trust management model for Social Internet of Things

The Internet of Things (IoT) is a paradigm that has made everyday objects intelligent by offering them the ability to connect to the Internet and communicate. Integrating the social component into IoT gave rise to the Social Internet of Things (SIoT), which has helped overcome various issues such as heterogeneity and navigability. In this kind of environment, participants compete to offer a variety of attractive services. Nevertheless, some of them resort to malicious behaviour to spread poor-quality services. They perform so-called Trust-Attacks and break the basic functionality of the system. Trust management mechanisms aim to counter these attacks and provide the user with an estimate of the trust degree they can place in other users, thus ensuring reliable and qualified exchanges and interactions. Several works in literature have interfered with this problem and have proposed different Trust-Models. The majority tried to adapt and reapply Trust-Models designed for common social networks or peer-to-peer ones. That is, despite the similarities between these types of networks, SIoT ones present specific peculiarities. In SIoT, users, devices and services are collaborating. Devices entities can present constrained computing and storage capabilities, and their number can reach some millions. The resulting network is complex, constrained and highly dynamic, and the attacks-implications can be more significant. In this paper, we propose DSL-STM a new dynamic and scalable multi-level Trust-Model, specifically designed for SIoT environments. We propose multidimensional metrics to describe and SIoT entities behaviours. The latter are aggregated via a Machine Learning-based method, allowing classifying users, detecting attack types and countering them. Finally, a hybrid propagation method is suggested to spread trust values in the network, while minimizing resource consumption and preserving scalability and dynamism. Experimentation made on various simulated scenarios allows us to prove the resilience and performance of DSL-STM.

     

Trust Evolution Policies for Security in Collaborative Ad Hoc Applications

The vision of pervasive computing has introduced the notion of a vast, networked infrastructure of heterogeneous entities interact through collaborative applications, e.g., playing a multi-player online game on the way to work. This will require interactions between users who may be marginally known or completely unknown to each other, or in situations where complete information is unavailable. This introduces the problem of assigning access rights to such marginally known or unknown entities.Explicit trust management has emerged as a solution to the problem of dealing with partial information about other users and the context in which the interaction takes place. We have implemented an access control mechanism based on the human notion of trust, where recommendations or initial participation in low risk interactions will allow entities to slowly build trust in each other. As the trust between two entities grows, interactions that entail a higher degree of risk may be allowed to proceed. We have used this mechanism in a simple role-based access control mechanism that uses trust to assign roles to users in a distributed blackjack card game application. This application allows us to experiment with different policies for trust-based admission control and trust evolution. In this paper we present an evaluation of policies specifying trust dynamics, which shows that our prototype reacts appropriately to the behaviour of other users and that the system updates trust values and implements admission policies in a manner similar to what would be expected from human trust assessment. This indicates that trust evolution policies can replace explicit human intervention in application scenarios that are similar to the evaluated prototype.     

Adaptive interaction support in ambient-aware environments based on quality of context information

Ambient-aware environments are technologically augmented with myriad sensors, devices and other emerging services in order to support users. However, users find it complex in interacting with such environments due to the presence of numerous devices and services. In this situation, providing context-aware implicit or automatic interaction support may help reducing the cognitive load of the users and facilitate easy access of the available devices and services. However, due to the imprecision in context information, implicit interactions performed by the environment often leads to mis-automation. The result of such impaired implicitness causes distrust and dissatisfaction to the user. In order to address this issue, we propose a system that considers quality of information to dynamically adjust the level of implicit interaction and allows a system to operate in different modes such as full-automation, action suggestion, simple notification, or null action. We conduct experiment in a smart home scenario in order to elicit users’ acceptance and trust regarding the proposed system. Our experiment shows that dynamic and alternative mode of interaction not only increases the satisfaction of users but also helps to avoid distrust in automated actions carried out by the environment under varying contexts.     

Emergent Semantics and Cooperation in Multi-knowledge Communities: the ESTEEM Approach

In the present global society, information has to be exchangeable in open and dynamic environments, where interacting users do not necessarily share a common understanding of the world at hand. This is particularly true in P2P scenarios, where millions of autonomous users (peers) need to cooperate by sharing their resources (such as data and services). We propose the Esteem approach (Emergent Semantics and cooperaTion in multi-knowledgE EnvironMents), where a comprehensive framework and a platform for data and service discovery in P2P systems are proposed, with advanced solutions for trust and quality-based data management, P2P infrastructure definition, query processing and dynamic service discovery in a context-aware scenario. In Esteem, semantic communities are built around declared interests in the form of manifesto ontologies and their autonomous nature is preserved by allowing a shared semantics to naturally emerge from the peer interactions. Inside the borders of semantic communities data and services are discovered, queried and invoked in a resource sharing scenario, where the context in which users interoperate and the trust of exchanged information are also relevant aspects to take into account.     

Qualitative trust model with a configurable method to aggregate ordinal data

Trust models are mechanisms that allow agents to build trust without relying on a trusted central authority. Our goal was to develop a trust model that would operate with values that humans easily understand and manipulate: qualitative and ordinal values. The result is a trust model that computes trust from experiences created in interactions and from opinions obtained from third-party agents. The trust model, termed qualitative trust model (QTM), uses qualitative and ordinal values for assessing experiences, expressing opinions and estimating trust. We treat such values appropriately; we never convert them to numbers, but merely use their relative order. To aggregate a collection of such values, we propose an aggregation method that is based on comparing distributions and show some of its properties; the method can be used in other domains and can be seen as an alternative to median and similar methods. To cope with lying agents, QTM estimates trustworthiness in opinion providers with a modified version of the weighted majority algorithm, and additionally combines trustworthiness with social links between agents; such links are obtained implicitly by observing how agents provide opinions about each other. Finally, we compare QTM against a set of well-known trust models and demonstrate that it consistently performs well and on par with other quantitative models, and in many cases even outperforms them, particularly when the number of direct experiences is low.     

基于区块链的物联网任务协作信任管理方案

在物联网智能设备任务协作场景中,为解决设备交互不受信以及存在恶意设备破坏协作的问题,提出一种基于区块链的信任管理方案。半分布式的架构克服了集中式和分布式架构的不足,任务协作过程中兼顾了双方的信任,并设计了审查机制确保任务评价的真实可靠。信任的衡量中使用狄利克雷分布模拟任务评价的多样性,构建信任为数个状态,并利用马尔可夫链评估信任状态和全局信任。仿真结果表明,提出的方案可以客观衡量设备的信任,同时在检测恶意设备、提高协作任务成功率及避免误判方面具有优势,因此可以有效确保任务交互的可信和协作环境的安全。     

Iterative multi-party agreement negotiation for establishing collaborations

Inter-domain collaborations suffer not only from technological obstacles that hinder interoperability, but also from diverting business objectives of the involved domains. Today, hand-crafted contracts define the terms and conditions for service interactions. Electronic negotiation can serve as the enabler of dynamic interdomain collaborations by providing a large degree of freedom for the automation of agreement formation and electronic contracting. Negotiation by electronic means has been an area of intensive research for many years now. However, most effort was put on the determination of prices and neglected that real-world agreements also consist of complex dependencies of interdependent obligations. In this paper we present agreement negotiation as a tool to establish ad hoc services collaborations. Our novel protocol allows for the discovery of complex agreement options and for the formation of multi-party agreements. The protocol works through an iterative exchange of requirements and offers. A major benefit over existing bilateral negotiation protocols is that our protocol is capable of discovering potential collaborations between different parties. It will leave each negotiating party with a complete agreement document after a successful negotiation. This comprehensive agreement document defines the interdependent obligations between all parties and is well suited for E-Contracting.     

The pudding of trust [intelligent systems]

Trust - "reliance on the integrity, ability, or character of a person or thing" - is pervasive in social systems. We constantly apply it in interactions between people, organizations, animals, and even artifacts. We use it instinctively and implicitly in closed and static systems, or consciously and explicitly in open or dynamic systems. An epitome for the former case is a small village, where everybody knows everybody, and the villagers instinctively use their knowledge or stereotypes to trust or distrust their neighbors. A big city exemplifies the latter case, where people use explicit rules of behavior in diverse trust relationships. We already use trust in computing systems extensively, although usually subconsciously. The challenge for exploiting trust in computing lies in extending the use of trust-based solutions, first to artificial entities such as software agents or subsystems, then to human users' subconscious choices.