Trust Modeling and Management in Digital Environments: From Social Concept to System Development

Trust Modeling and Management in Digital Environments: From Social Concept to System Development

Zheng Yan (Nokia Research Center, Finland)
Indexed In: PsycINFO®, SCOPUS
Release Date: January, 2010|Copyright: © 2010 |Pages: 598|DOI: 10.4018/978-1-61520-682-7
ISBN13: 9781615206827|ISBN10: 1615206825|EISBN13: 9781615206834|ISBN13 Softcover: 9781616922399
Hardcover:
Available
$144.00
List Price: $180.00
20% Discount:-$36.00
TOTAL SAVINGS: $36.00
E-Book:
Available
$144.00
List Price: $180.00
20% Discount:-$36.00
TOTAL SAVINGS: $36.00
Hardcover +
E-Book:
Available
$172.00
List Price: $215.00
20% Discount:-$43.00
TOTAL SAVINGS: $43.00
OnDemand:
(Individual Chapters)
Available
$37.50
No Current Special Offers
TOTAL SAVINGS: $37.50

Description

With the rapid development of digital and networking technologies, trust has become an important factor that influences the success of digital life in control and management.

Trust Modeling and Management in Digital Environments: From Social Concept to System Development examines how reliance is transferred from a social to a digital concept, enabling digital system users to build up confidence in their system. A defining body of sought after research, this innovative publication provides an understanding of the current challenges, solutions, and their limitations to those interested in this advancing field.

Topics Covered

The many academic areas covered in this publication include, but are not limited to:

  • Certificate-based trust establishment
  • Facilitating secure ad hoc collaborations
  • Heterogeneous multimedia networks
  • Mobile trusted computing
  • Multimedia content distribution
  • Observation-based trust management
  • Remote platform attestation
  • Reputation management systems
  • Role of trust in social life
  • Software integrity trust
  • Trust development in peer-to-peer environments
  • Trust management for grid systems

Reviews and Testimonials

From a social concept to system development, the book covers the entire scope of research for developing a trustworthy digital system: from traditional security enhanced technologies to computational trust based approaches; from social trust studies to digital trust researches; from hardware based designs to software development; from system framework and architecture to user interface and human-machine interaction.

– Zheng Yan, Nokia Research Center, Finland

Table of Contents and List of Contributors

Search this Book:
Reset

Preface

Trust plays a crucial role in our social life. With the rapid development of digital technology and networking technology, trust has become an important factor that influences the success of our digital life. Trust modeling and trust management play as a useful means to control and manage trust in digital systems. Transforming from a social concept of trust to a digital concept, trust modeling and management help in designing and implementing a trustworthy digital system, especially in distributed systems and for digital computing. Nowadays, trust management is emerging as a promising technology to facilitate collaboration among entities in an environment where traditional security paradigms cannot be enforced due to lack of centralized control and incomplete knowledge of the environment.

Trust is first a social phenomenon. It is a multidimensional, multidisciplinary and multifaceted concept. The concept of trust has been studied in disciplines ranging from economics to psychology, from sociology to medicine, and to information and computer science. We can find various definitions of trust in the literature although researchers in different disciplines have agreed the importance of trust in the conduct of human affairs. Overall, the different trust definitions often reflect the paradigms of the particular academic discipline of the researchers. Common to these definitions are the notions of confidence, belief, faith, hope, expectation, dependence, and reliance on the goodness, strength, reliability, integrity, ability, or characters of a person or thing. Generally, a trust relationship involves at least two parties: a trustor and a trustee. The trustor is the trusting subject who holds confidence, belief, etc. on the reliability, integrity, ability, etc. of another person or thing, which is the object of trust - the trustee. The discussion of different trust concepts and constructs does not aim at reaching consensus on a single definition of trust. Generally, researchers derived their understanding of trust that has its roots crossing multiple disciplines, as you will find in this book.

Various trust management systems have been described in the literature. Basically, there are two categories of trust management systems. One is security enhanced trust management solutions (e.g., trusted computing technology based solutions). This kind of solutions applies sound security technologies in order to ensure a computer system’s trustworthiness. It deals with root trust module, security policies, credentials, integrity, privacy and trust relationships. The other is trust evaluation based solutions (e.g., reputation systems). Trust evaluation is a technical approach of representing trustworthiness for digital processing, in which the factors influencing trust will be evaluated by a continuous or discrete real number, referred to as a trust value. Generally, a trust model is applied in order to specify, evaluate and set up trust relationships amongst entities for calculating trust. The trust model could be linguistic, graphic and mathematic, corresponding to different researches conducted in different disciplines for different purposes. Embedding a trust evaluation mechanism is a necessity in order to provide trust intelligence in future computing devices or systems. In particular, reputation is a measure that is derived from direct or indirect knowledge or experiences on entities and is used to assess the level of trust an entity puts into another entity. Thus, reputation based trust management (or simply reputation system) is a specific approach to evaluate and control trust. Trust and reputation mechanisms have been proposed in various fields of distributed systems, such as ad hoc networks, peer-to-peer systems, Grid computing, pervasive computing and e-commerce. However, each kind of above solution has its own shortcomings. Generally, the first kind of solution lacks intelligence to provide autonomic trust management, while the second one needs a root trust module in order to ensure the trustworthiness of trust evaluation mechanism. From the system development point of view, both solutions should be concerned or somehow integrated with each other.

Trust is a subjective concept: different people hold different opinions on it even in the same situation. In order to represent a user and behave as his/her agent, the user’s device should understand his/her trust criteria. Therefore, user-device interaction is needed in order to fulfill trust management purposes in some situations, such as e-commerce. But this could cause usability issues since it is not good to require users to make many trust related decisions, especially when they lack the information and knowledge needed to make them. Thus, usable trust management is expected with regard to useful information collection for trust evaluation, valuable trust information notification and dissemination for reputation generation. Once again, social trust study becomes essential, but with additional requirements and objectives in order to design and deploy a usable trust management solution that can be easily accepted by the users.

This book looks into how trust is transferred from a social concept to a digital one and thus helps users build up their trust in the digital system. Furthermore, we hope that understanding the current challenges, solutions and their limitations will not only inform researchers of a better design for establishing and maintaining a trustworthy digital system, but also assist in the understanding of the intricate concept of trust in a digital environment. Trust modeling and management is a subject area across multiple disciplines. From sociological and psychological study on trust, this book focuses more on studying trust in information and computer science. Our special attention will be paid to trustworthy distributed systems and trusted computing, as well as usable trust management. More importantly, we aim to reveal how to digitize trust based on social and technical understanding and how to apply digital trust to benefit social trust in reverse.

This book:

    - Investigates various definitions or understandings of trust and its characteristics;
    - Overviews the literature of trust modeling and management in distributed systems and digital computing;
    - Studies how to model and compute trust and implement the model for establishing and managing trust in a digital system;
    - Studies the psychological and sociological approaches for designing and developing a trustworthy digital system;
    - Provides expert views on special areas of trust modeling and management (e.g., trust model validation), and other related issues to trust, such as security, privacy, risk, stability, context-aware modeling, multimedia content distribution, mobile computing platform, and so forth.

The prospective audience would be anyone who is interested in trust and security; academics, technical managers, sociologists, psychologists, and information security officers. The book can be used as a reference to get a general overview of trust modeling and management. IT industrial designers and architects may also refer to this book when designing and developing a trust management system.

ORGANIZATION OF THE BOOK

This book is organized into three sections, with a total of 21 chapters. The first section investigates security enhanced trust management solutions, which includes six chapters.

Chapter 1: Remote Platform Attestation - The Testimony for Trust Management
By Xuhua Ding, Liang Gu, Robert H. Deng, Bing Xie, Hong Mei

This chapter presents a systematic study on an important trust establishment mechanism among computing platforms – remote attestation based on the root trust module specified in trusted computing technologies. A new conceptual model for remote attestation is proposed to examine and analyze existing remote attestation schemes by grouping them into two main types: integrity attestation and quality attestation. The authors further provide their discussions on the applicability of different solutions in distributed environments based on the strength and the limitations of each type of schemes.

Chapter 2: Scaling Concepts between Trust and Enforcement
By Andreas U. Schmidt, Andreas Leicher, Inhyok Cha

This chapter shifts the traditional concept about trust and security from access control and policy enforcement towards decentralized methods for trust establishment among loosely connected computing platforms. The synergetic cooperation of trust and enforcement technologies is expected due to a number of practical issues. The chapter describes the methods that allow scaling between trust and enforcement according to capabilities of devices and networks, requirements of use cases, and needs of stakeholders, where trusted computing platforms play as the technical basis for trust in systems.

Chapter 3: Mobile Trusted Computing based on MTM
By Jan-Erik Ekberg

This chapter introduces mobile trusted module (MTM) – a root trust module for mobile devices specified by the Trusted Computing Group. A brief security analysis of the MTM components is provided followed by a number of suggestions to further extend MTM and make it more versatile.

Chapter 4: Establishing Software Integrity Trust: A Survey and Lightweight Authentication System for Windows
By Yongzheng Wu, Sufatrio, Roland H.C. Yap, Rajiv Ramnath, Felix Halim

This chapter explores the problem of malware that could ruin software execution trust. The authors present a proof-of-concept implementation of BinAuth, a practical, lightweight in-kernel binary authentication system for Microsoft Windows, in order to establish trust on the integrity of binary executables.

Chapter 5: Trust Issues and Solutions in Multimedia Content Distribution
By Shiguo Lian

This chapter introduces the trust issues in multimedia content distribution, such as authorization, authentication, privacy, payment, ownership, illegal distribution, and forgery. It also reviews the latest research progress of the solutions, and discusses a number of open issues and promising research topics.

Chapter 6: Certificate-Based Trust Establishment in E-Enabled Airplane Applications: Challenges and Approaches
By Mingyan Li, Krishna Sampigethaya, Radha Poovendran

This chapter discusses potential roles of trust in future aviation information systems. It describes two recent abstractions of such aviation systems – an electronic distribution system connecting aircraft with ground components for exchanging updates and data of onboard software, and a radio frequency identification (RFID) system for logistics and maintenance of aircraft – which use digital certificates to establish trust in integrity and authenticity of information assets as well as in authorized components handling these assets. The unique challenges of aviation such as regulations and business models are also discussed because they could complicate the current implementation and verification.

The second section explores trust evaluation based trust management solutions in the areas of distributed systems, such as Grid computing, peer-to peer systems, ad-hoc networks, pervasive computing systems, mobile networks, multimedia networks and e-commerce systems. It contains ten chapters. The discussions cover trust modeling, evaluation and management with special concerns on trust characteristics (e.g., dynamic, subjective, and transferable), context-awareness (e.g., purpose and time), trustee’s behavior and performance, stability, privacy and risk. Particularly, the verification on the effectiveness of various trust/reputation mechanisms is an interesting research topic with regard to the performance of different trust management solutions. It is an issue of “trust’s trust.”

Chapter 7: Trust Management for Grid systems
By Benjamin Aziz, Alvaro Arenas, Fabio Martinelli, Paolo Mori, Marinella Petrocchi, Michael Wilson

Trust management is a major issue in the shared Grid environment because Grid participants are generally unknown with each other and usually belong to separate administrative domains, with little or no common trust in the security of opposite infrastructures. This chapter provides a valuable survey on proposals for enhancing trust management in Grid systems.

Chapter 8: Formalizing and Managing Activity-Aware Trust in Collaborative Environments
By Ioanna Dionysiou, David E. Bakken

This chapter proposed a conceptual trust framework that models an entity’s trust as a relation whose state gets updated as relevant conditions change. Based on the trustor entity’s specification on trust adaptation, end-to-end trust assessment for a particular activity in collaborative environments can be derived by examining and aggregating multiple trust relationships in a bottom-up evaluation manner.

Chapter 9: Trust Development in Peer-to-Peer Environments
By Yan Wang

A peer-to-peer system is another digital environment that lacks trust among system entities. Thus the trust evaluation prior to and posterior to entities’ interactions becomes a very important issue to overcome security challenges and help in security related decisions. This chapter presents a dynamic peer trust evaluation model, which aims to measure responding peers' recommendation trust, and hence filter out low credibility recommendations and obtain more accurate and objective trust values.

Chapter 10: Trust Management in Ad Hoc Networks
By Rafael Timóteo De Sousa Júnior, Ricardo Staciarini Puttini

This chapter describes the distinctive characteristics of ad hoc networks and presents an overview of the underlying technologies and protocols for ad hoc networks, as well as analyzes the vulnerabilities and potential attacks of these networks. The authors further discuss the utilization of trust to mitigate these attacks and vulnerabilities on the basis of ad-hoc trust management architecture with regard to autonomic trust reasoning by each node and the collaboration among nodes. Interesting applications of trust management in ad hoc networks include the utilization of trust for choosing alternative routes, and visualization of trust as a human oriented metric of the behavior and performance of ad hoc networks.

Chapter 11: A Context-Aware Model of Trust for Facilitating Secure Ad Hoc Collaborations
By Indrajit Ray, Indrakshi Ray , Sudip Chakraborty

This chapter proposed a context-aware trust model to facilitate secure ad hoc collaborations. This model can measure trust in a given context even though sometimes enough information is not available about a given context to calculate the trust value. In order to achieve this purpose, the authors apply a context graph to formalize the relationships between contexts. It allows extrapolating values from related contexts to approximate a trust value of an entity.

Chapter 12: An Evaluation Framework for Reputation Management Systems
By Andrew G. West, Sampath Kannan, Insup Lee, Oleg Sokolsky

This chapter proposes an evaluation framework based on the trace-simulator paradigm to conduct comparative analysis on reputation algorithms. Trace file generation emulates a variety of network configurations and pays particular attention to modeling malicious user behaviors. The chapter reports on the framework’s design decisions and demonstrates this general-purpose simulator with two reputation algorithms (EigenTrust and a modified TNA-SL) under varied network conditions. As one of the first studies in the area of trust management effectiveness research, the described framework is available as open source so that researchers can evaluate the effectiveness of other reputation management techniques and/or extend its functionalities.

Chapter 13: Observation-Based Trust Management for Services in Mobile Networks
By André Paul, Carsten Jacob, Heiko Pfeffer, Stephan Steglich

This chapter provides a trust management framework to conduct trust/reputation evaluation for services in mobile networks by detecting misbehavior or inaccuracy in service executions and for rating them according to user preferences. Thus, it is possible to reduce and prevent the interaction with misbehaving mobile nodes since the framework can also be responsible for determining the risk of interactions.

Chapter 14: Risk-Based Trust Management for E-Commerce
By Soon-Keow Chong, Jemal H. Abawajy

This chapter presents a multi-attribute trust management model that incorporates trust, transaction costs and product warranties. The new trust management system enables potential buyers to determine the risk level of a product before committing to proceed with the transaction in electronic market places.

Chapter 15: Privacy and Trust Issues in Context-Aware Pervasive Computing: State-of-the-Art and Future Directions
By Pierre E. Abi-Char, Abdallah M’hamed, Bachar El-Hassan, Mounir Moukhtari

This chapter concerns privacy and trust issues in context-aware pervasive computing. The authors discuss new challenges, opportunities and requirements, as well as existing solutions regarding privacy, trust and security in a pervasive computing environment.

Chapter 16: Trust and Stability in Heterogeneous Multimedia Networks
By Dimitrios Koukopoulos

This chapter discusses the relationship of trust and stability in heterogeneous distributed computing systems. In such a context, trust is interpreted as the confidence in the association of a stable network execution to the efficient distribution of multimedia products in the final user. The author studies the property of stability under various compositions of contention-resolution protocols and different packet trajectories trying to characterize this property in terms of network topologies. The results indicate that a composition of protocols leads to worst stability behaviour than having a single unstable protocol for contention-resolution.

The last section consists of five chapters about social trust studies across multiple disciplines. This kind of study provides valuable guidelines for trust modeling and management in order to design and develop a trustworthy digital system.

Chapter 17: The Role of Trust in Social Life
By Yan Dong

This chapter reviews the literature of trust in sociology and psychology. By introducing the conception, theory model and measurement of trust, the author discusses trust in three important social contexts: interpersonal situation, organizational settings and Internet life and proposes a synthetic trust model with a multi-disciplinary approach as a future research direction.

Chapter 18: Issues on Anshin and its Factors
By Yuko Murayama, Yasuhiro Fujihara

This chapter introduces a project ‘Anshin’ to study emotional trust issue: an emotional state of one’s mind in peace. The authors introduce the concept of Anshin and its research issues. Instructively, they present how to use statistical analysis methods to derive the factors of Anshin, which is identified as a key component of emotional trust.

Chapter 19: Trust in Identification Systems: from Empirical Observations to Design Guidelines
By Piotr Cofta, Hazel Lacohée

This chapter utilises a case study of citizen identification systems to illustrate the continuum of trust-related considerations and technology adoption, ranging from theoretical underpinnings of trust, to empirical studies, through to practical design guidelines. A mixed methodological approach that combines the best from various disciplines is presented by applying it into the citizen identification systems.

Chapter 20: Human-Machine Trust Interaction: a Technical Overview
By Conghui Liu

This chapter reviews the concept of trust and the main factors that affect a user’s trust in human-machine interaction. The author discusses the current state, challenges, problems and limitations in this area and evaluates the existing solutions for improving the user’s trust appropriately, especially in an e-commerce environment.

Chapter 21: Rethinking Realistic Wireless Network Mobility: Model and Trust
By Lu Yan

This chapter discusses a proposal for a more realistic mobility model that captures key features of human movements in pervasive markets. The findings based on users’ mobility behaviors lead to a non-traditional mobility model. It can be used to reconstruct the statistical patterns commonly observed in the literature, and facilitate the study of mobile communication and software engineering design problems under the context of pervasive computing for markets. This model could imply a trust relationship between the user and the markets that can be used for the design of a pervasive service.

From a social concept to system development, the book covers the entire scope of research for developing a trustworthy digital system: from traditional security enhanced technologies to computational trust based approaches; from social trust studies to digital trust researches; from hardware based designs to software development; from system framework and architecture to user interface and human-machine interaction. It provides a comprehensive study on trust management system development. Editing this book has been an enlightening and thought-provoking experience to me. I hope you enjoying reading this book. I will be happy if you find this book helpful and your interest in the field of trust modeling and management could be further aroused by reading various perspectives presented herein.

Zheng Yan
Editor
Nokia Research Center
Helsinki, Finland
May, 2009

Author(s)/Editor(s) Biography

Zheng Yan received a bachelor’s of engineering in electrical engineering and a master’s of engineering in computer science and engineering from the Xi’an Jiaotong University in 1994 and 1997, respectively. She received the second M. Eng in information security from the National University of Singapore in 2000. She received the Licentiate of Science and the Doctor of Science in Technology in electrical engineering from the Helsinki University of Technology in 2005 and 2007, respectively. She is currently a member of research staff at the Nokia Research Center, Helsinki. Before joining in the Nokia in 2000 as a research engineer and later on a senior research scientist, she worked as a research scholar at the Institute for Information Research from 1997 to 1999 and a software engineer at the IBM partner SingaLab from 1999 to 2000, Singapore. She sole-authored and first-authored about thirty articles and three book chapters. She is the inventor and co-inventor of eight patents and patent applications. Her research interests are in trust modeling and management; trusted computing; mobile applications and services; reputation systems, usable security/trust, distributed systems and digital rights management. Dr. Yan is a member of the IEEE. She also serves as an organization committee member and a program committee member for a number of international conferences and workshops.

Indices