Presentation

1. Introduction State of the art Discussion Conclusions
Analysis of Trust-Based Approaches for Web
Service Selection
Nicola Dragoni Nicola Miotto Davide Papini
Department of Informatics and Mathematical Modelling Technical University of Denmark
NODES 2011 - 5th Nordic Workshop on Dependability and Security
28 June 2011
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 1 / 35

2. Introduction State of the art Discussion Conclusions
Outline
1 Introduction
Service Oriented Computing
2 State of the art
Classification
3 Discussion
Pluses & Minuses
Direct Experience
TTP
Hybrid
Automated Trust Negotiation
Questions & Issues
Soft trust VS Hard trust
4 Conclusions
Soft trust + Hard trust
Steps
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 2 / 35

3. Introduction State of the art Discussion Conclusions
Introduction
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 3 / 35

4. Introduction State of the art Discussion Conclusions
Service Oriented Computing
The SOC vision
Service oriented architecture to improve code reuse and
integration
Web Services: the bricks
Brought to its full potential: automatic discovery and composition
of web services
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 4 / 35

5. Introduction State of the art Discussion Conclusions
Service Oriented Computing
VTA Scenario
Alice has to develop a Virtual Tourism Agency
Development by service composition:
flight booking
car rent
accommodation booking
e-payment
Several flight booking services found...
WS Trustworthiness
Which one can be trusted?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 5 / 35

6. Introduction State of the art Discussion Conclusions
State of the art
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 6 / 35

7. Introduction State of the art Discussion Conclusions
Classification
Classes
Figure: Current approaches for trust provisioning
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 7 / 35

8. Introduction State of the art Discussion Conclusions
Classification
Centralized vs Distributed
Centralized
Trust score owned and provided by a central authority.
Can’t be good for everyone
Single point of failure
hard to maintain (great scalability demand in SOA)
not fitting to a large open system such as SOA.
Distributed
Trust score computed with the help of other peers in the system
Specific issues for each kind of system
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 8 / 35

9. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Pluses & Minuses of current
approaches
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 9 / 35

10. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Direct Experience
Definition
A service consumer trusts a service because of his good past
experience with the service.
+ User fitting score → the trust score (derived by the user) is
perfectly fitting with his needs
- Blind execution → The consumer has to unconditionally trust the
web service in order to use/evaluate it.
SOA = open system where everyone can publish its
(malicious) code
- Otherwise he has to unconditionally distrust and discard it (even
if it was actually good)
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 10 / 35

11. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Main issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 11 / 35

12. Introduction State of the art Discussion Conclusions
Pluses & Minuses
TTP - Social
Definition
The trust score of a service/provider is community-driven.
3 classes:
Reputation: A service consumer trusts a service because of his
good reputation → reputation derived from direct experience of
the members of the community
Recommendation: A service consumer trusts a service because
of some recommendations obtained by a trusted authority →
recommendation score mined from knowledge of user,
community and dominium.
Referrals: A service consumer trusts a service because of some
referrals obtained from trusted software agents → rating likely to
be honest.
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 12 / 35

13. Introduction State of the art Discussion Conclusions
Pluses & Minuses
TTP - Social
Shared features:
+ Pre-use trust score → there are chances to obtain a trust score
before using a WS
- Community Dependent
- New WS Ramp-up
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 13 / 35

14. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Main issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 14 / 35

15. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Main issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
New WS Ramp-up: how to evaluate a brand new Web Service
joining the network?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 14 / 35

16. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Main issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
New WS Ramp-up: how to evaluate a brand new Web Service
joining the network?
Community dependency: a community based trust evaluation
always relies on the quality of the community itself. How to
bootstrap a good community?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 14 / 35

17. Introduction State of the art Discussion Conclusions
Pluses & Minuses
TTP - Social
Specific features:
Reputation
- most of the suggested approaches are centralized
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 15 / 35

18. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Main issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
New WS Ramp-up: how to evaluate a brand new Web Service
joining the network?
Community dependency: a community based trust evaluation
always relies on the quality of the community itself. How to
bootstrap a good community?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 16 / 35

19. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Main issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
New WS Ramp-up: how to evaluate a brand new Web Service
joining the network?
Community dependency: a community based trust evaluation
always relies on the quality of the community itself. How to
bootstrap a good community?
Centralized: single point of failure, hard to maintain, black box
computed trust, not fitting to a large open system such as SOA.
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 16 / 35

20. Introduction State of the art Discussion Conclusions
Pluses & Minuses
TTP - Social
Specific features:
Reputation
- most of the suggested approaches are centralized
Recommendation
+ trust score fitting to the user profile and behaviour;
- either the user has to disclose (maybe) sensitive
informations or new user ramp-up issue;
- most of the approaches are centralized;
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 17 / 35

21. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Main Issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
New WS Ramp-up: how to evaluate a brand new Web Service
joining the network?
Community dependency: a community based trust evaluation
always relies on the quality of the community itself. How to
bootstrap a good community?
Centralized: single point of failure, hard to maintain, black box
computed trust, not fitting to a large open system such as SOA.
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 18 / 35

22. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Main Issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
New WS Ramp-up: how to evaluate a brand new Web Service
joining the network?
Community dependency: a community based trust evaluation
always relies on the quality of the community itself. How to
bootstrap a good community?
Centralized: single point of failure, hard to maintain, black box
computed trust, not fitting to a large open system such as SOA.
New User Ramp-up: the user, in certain approaches, needs a
long interaction with the system in order to be “known” and receive
fitting suggestions.
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 18 / 35

23. Introduction State of the art Discussion Conclusions
Pluses & Minuses
TTP - Social
Specific features:
Reputation
- most of the suggested approaches are centralized
Recommendation
+ trust score fitting to the user profile and behaviour;
- either the user has to disclose (maybe) sensitive
informations or new user ramp-up issue;
- most of the approaches are centralized;
Referrals
+ rates coming from trusted peers;
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 19 / 35

24. Introduction State of the art Discussion Conclusions
Pluses & Minuses
TTP - Matchmaker
Matchmaker
A service consumer trusts a service because a trusted
(central/distributed) matchmaker states that the service’s policy
matches the consumer’s ones.
+ Pre-use trust score
+ User-fitting suggestions
+ Liar-recognition provided by some studies
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 20 / 35

25. Introduction State of the art Discussion Conclusions
Pluses & Minuses
TTP - Matchmaker
- Hard to setup → Both consumer and provider need to register to
matchmaker
- Those ones based on a Centralized architecture suffer of all the
drawbacks of centralized systems → Both provider and consumer
has to disclose their policies to a central authority
- Those based on a Distributed architecture demand the consumer
to trust an agent instead of a service (problem moved, not solved)
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 21 / 35

26. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Main issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
New WS Ramp-up: how to evaluate a brand new Web Service
joining the network?
Community dependency: a community based trust evaluation
always relies on the quality of the community itself. How to
bootstrap a good community?
Centralized: single point of failure, hard to maintain, black box
computed trust, not fitting to a large open system such as SOA.
New User Ramp-up: the user, in certain approaches, needs a
long interaction with the system in order to be “known” and receive
fitting suggestions.
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 22 / 35

27. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Main issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
New WS Ramp-up: how to evaluate a brand new Web Service
joining the network?
Community dependency: a community based trust evaluation
always relies on the quality of the community itself. How to
bootstrap a good community?
Centralized: single point of failure, hard to maintain, black box
computed trust, not fitting to a large open system such as SOA.
New User Ramp-up: the user, in certain approaches, needs a
long interaction with the system in order to be “known” and receive
fitting suggestions.
Hard Setup: an approach can be good but really difficult to install
in the real world, making it less incisive.
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 22 / 35

28. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Hybrid - Socio Cognitive
Socio-Cognitive
The degree of trust is a function of the subjective certainty of the
pertinent beliefs. Therefore, A service consumer trusts a service
because of some of its subjective beliefs.
Multi-Agent System where sources of subjective beliefs are direct
experience, reputation, categorization, reasoning
+ Accurate trust computation
+ User-fitting suggestions
- it inherits all the shortcomings deriving from the adopted belief
source
- agents has to be conforming to a model to communicate → hard
to setup
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 23 / 35

29. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Hybrid - Trust & Reputation
Trust & Reputation
A system providing for a trustworthiness score employing
methodologies based on both reputation and trust, in order to improve
some weaknesses of the constituent methodologies.
+ some methodologies provide liars recognition
+ pre-use trust score
+ some sort of result can be obtained even with poor community
or brand new service
- effectiveness still tightly connected to community quality and web
services “age”
- centralized
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 24 / 35

30. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Hybrid - Direct experience & Reputation
Direct Experience & Reputation
The trust towards a service is evaluated by means of the user direct
experience combined with the service reputation.
Trust based on agent direct experience or other agent direct
experience (reputation)
+ issues of constituent models mitigated
- new web service ramp-up issue
- community dependent
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 25 / 35

31. Introduction State of the art Discussion Conclusions
Pluses & Minuses
Automated Trust Negotiation
Credential-Based Trust
A service consumer and a service provider mutually trust each other
because the access control policy of the requested service is
compliant with the access control policy of the service consumer.
MUTUAL TRUST between service consumer and provider
+ user defined policies bring to a user fitting trust score
+ trust can ALWAYS be computed
- hard to setup
- no standard protocol or language defined
- current studies not fully “web service aware”
WS treated as a single operation
Trust “Keep alive” not supported
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 26 / 35

32. Introduction State of the art Discussion Conclusions
Questions & Issues
Questions & Issues
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 27 / 35

33. Introduction State of the art Discussion Conclusions
Questions & Issues
Questions
1 How does the trust score fit the user needs?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 28 / 35

34. Introduction State of the art Discussion Conclusions
Questions & Issues
Questions
1 How does the trust score fit the user needs?
2 Does the provider/consumer have to disclose any sensitive
informations?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 28 / 35

35. Introduction State of the art Discussion Conclusions
Questions & Issues
Questions
1 How does the trust score fit the user needs?
2 Does the provider/consumer have to disclose any sensitive
informations?
3 Can the user know how the trust is calculated?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 28 / 35

36. Introduction State of the art Discussion Conclusions
Questions & Issues
Questions
1 How does the trust score fit the user needs?
2 Does the provider/consumer have to disclose any sensitive
informations?
3 Can the user know how the trust is calculated?
4 How does the community influence the trust score?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 28 / 35

37. Introduction State of the art Discussion Conclusions
Questions & Issues
Questions
1 How does the trust score fit the user needs?
2 Does the provider/consumer have to disclose any sensitive
informations?
3 Can the user know how the trust is calculated?
4 How does the community influence the trust score?
5 Does the user has to unconditionally trust/distrust certain
services?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 28 / 35

38. Introduction State of the art Discussion Conclusions
Questions & Issues
Questions
1 How does the trust score fit the user needs?
2 Does the provider/consumer have to disclose any sensitive
informations?
3 Can the user know how the trust is calculated?
4 How does the community influence the trust score?
5 Does the user has to unconditionally trust/distrust certain
services?
6 What is the trustworthiness of a brand new WS?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 28 / 35

39. Introduction State of the art Discussion Conclusions
Questions & Issues
Questions
1 How does the trust score fit the user needs?
2 Does the provider/consumer have to disclose any sensitive
informations?
3 Can the user know how the trust is calculated?
4 How does the community influence the trust score?
5 Does the user has to unconditionally trust/distrust certain
services?
6 What is the trustworthiness of a brand new WS?
7 How hard is the trust provisioning infrastructure to setup and
maintain?
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 28 / 35

40. Introduction State of the art Discussion Conclusions
Questions & Issues
Main issues
Unconditional Trust/Distrust: the user is constrained to a “take it
or leave it” approach for some services.
New WS Ramp-up: how to evaluate a brand new Web Service
joining the network?
Community dependency: a community based trust evaluation
always relies on the quality of the community itself. How to
bootstrap a good community?
Centralized: single point of failure, hard to maintain, black box
computed trust, not fitting to a large open system such as SOA.
New User Ramp-up: the user, in certain approaches, needs a
long interaction with the system in order to be “known” and receive
fitting suggestions.
Hard Setup: an approach can be good but really difficult to install
in the real world, making it less incisive.
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 29 / 35

41. Introduction State of the art Discussion Conclusions
Soft trust VS Hard trust
Soft trust VS Hard trust
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 30 / 35

42. Introduction State of the art Discussion Conclusions
Soft trust VS Hard trust
Soft Trust
Participants in a market collaborate each other in sharing
informations on other participants or services.
Malicious user can be identified and consequently put aside
The vast majority of the analyzed approaches (community
dependent) are based on “Soft trust”
Main issue: if someone does not take the risk of invoking an
unknown service for the first time, then no one will be able to
decide about the trustworthiness of the service before its
invocation
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 31 / 35

43. Introduction State of the art Discussion Conclusions
Soft trust VS Hard trust
Hard Trust
Trustworthiness of a WS could be derived just from the a
non-functional contract
Semantic of a WS is taken into account (i.e. security behaviour)
Not dependent on the “social control philosophy”
Main issue: no fault-recognition provided, i.e. anyone can provide
fake/wrong contract/policies
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 32 / 35

44. Introduction State of the art Discussion Conclusions
Conclusions
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 33 / 35

45. Introduction State of the art Discussion Conclusions
Soft trust + Hard trust
Soft trust + Hard trust
Hybrid system turned to be generally improving constituent methods:
Hard trust + Soft trust =
ALWAYS possible to obtain a trust value for discovered Web
Services
Malicious users/services bypassing the trust system are put aside
from the community
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 34 / 35

46. Introduction State of the art Discussion Conclusions
Steps
Steps
1 define what “trust” and “trustworthiness” mean → two terms are
still confused to date
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 35 / 35

47. Introduction State of the art Discussion Conclusions
Steps
Steps
1 define what “trust” and “trustworthiness” mean → two terms are
still confused to date
2 combine hard trust and soft trust methodologies in a unified
framework
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 35 / 35

48. Introduction State of the art Discussion Conclusions
Steps
Steps
1 define what “trust” and “trustworthiness” mean → two terms are
still confused to date
2 combine hard trust and soft trust methodologies in a unified
framework
3 adapt them to a Service Oriented Computing environment
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 35 / 35

49. Introduction State of the art Discussion Conclusions
Steps
Steps
1 define what “trust” and “trustworthiness” mean → two terms are
still confused to date
2 combine hard trust and soft trust methodologies in a unified
framework
3 adapt them to a Service Oriented Computing environment
Alice will be finally able to safely choose where to book a flight
when she needs it.
Nicola D., Nicola M., Davide P. (DTU) Trust-Based Approaches for WS Selection 28 June 2011 35 / 35