Abstract
With the increasing acceptance of Trust Management as a building block of distributed applications, the issue of providing its benefits to real world applications becomes more and more relevant. There are multiple Trust Management frameworks ready to be applied; however, they are either unknown to developers or cannot sufficiently be adapted to applications’ use cases. In our research, we have defined a meta model to modularize Trust Management, where each element in the model has clearly defined dependencies and responsibilities – also enforced by a complete API. Based on this model, we were able to develop a process supported by a number of tools that enables non-security expert users to find an applicable Trust Management solution for their specific problem case. Our solution – collectively called the TrustMUSE system – has evolved over an iterative user-centered development process: starting with multiple focus group workshops to identify requirements, and having multiple prototypes to conduct usage observations. Our user evaluation has shown that our system is understandable for system designers, and is able to support them in their work.
Chapter PDF
Similar content being viewed by others
References
Gould, J.D., Lewis, C.: Designing for usability: key principles and what designers think. Commun. ACM. 28, 300–311 (1985)
Vinkovits, M.: Towards requirements for trust management. In: Privacy, Security and Trust (PST) 2012, pp. 159–160. IEEE Comput. Soc., Paris (2012)
Vinkovits, M., Zimmermann, A.: Defining a trust framework design process. In: Furnell, S., Lambrinoudakis, C., Lopez, J. (eds.) TrustBus 2013. LNCS, vol. 8058, pp. 37–47. Springer, Heidelberg (2013)
Vinkovits, M., Zimmermann, A.: TrustFraMM: Meta Description for Trust Frameworks. In: ASE/IEEE International Conference on Privacy, Security, Risk and Trust, Amsterdam, Netherlands, pp. 772–778 (2012)
Marti, S., Garcia-Molina, H.: Limited reputation sharing in P2P systems. In: Proceedings of the 5th ACM Conference on Electronic Commerce, EC 2004, pp. 91–101. ACM Press, New York (2004)
Zouridaki, C., Mark, B.L., Hejmo, M.: Byzantine robust trust establishment for mobile ad hoc networks. Telecommun. Syst. 35, 189–206 (2007)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings 1996 IEEE Symposium on Security and Privacy, pp. 164–173. IEEE Comput. Soc. Press (1996)
Josang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43, 618–644 (2007)
Artz, D., Gil, Y.: A survey of trust in computer science and the Semantic Web. Web Semant. Sci. Serv. Agents World Wide Web 5, 58–71 (2007)
Viljanen, L.: Towards an ontology of trust. In: Katsikas, S.K., López, J., Pernul, G. (eds.) TrustBus 2005. LNCS, vol. 3592, pp. 175–184. Springer, Heidelberg (2005)
Kinateder, M., Baschny, E., Rothermel, K.: Towards a Generic Trust Model – Comparison of Various Trust Update Algorithms. In: Herrmann, P., Issarny, V., Shiu, S.C.K. (eds.) iTrust 2005. LNCS, vol. 3477, pp. 177–192. Springer, Heidelberg (2005)
Saadi, R., Rahaman, M.A., Issarny, V., Toninelli, A.: Composing trust models towards interoperable trust management. In: Wakeman, I., Gudes, E., Jensen, C.D., Crampton, J. (eds.) IFIPTM 2011. IFIP AICT, vol. 358, pp. 51–66. Springer, Heidelberg (2011)
Gómez Mármol, F., Martínez Pérez, G.: Towards pre-standardization of trust and reputation models for distributed and heterogeneous systems. Comput. Stand. Interfaces 32, 185–196 (2010)
Whitten, A., Tygar, J.D.: Why Johnny Can ’ t Encrypt: A Usability Evaluation of PGP 5.0. In: Proceedings of the 8th USENIX Security Symposium (1999)
Zurko, M.E., Simon, R.T.: User-centered security. In: Proceedings of the 1996 Workshop on New Security Paradigms, NSPW 1996, pp. 27–33. ACM Press, New York (1996)
Basin, D., Doser, J., Lodderstedt, T.: Model driven security: From UML models to access control infrastructures. ACM Trans. Softw. Eng. Methodol. 15, 39–91 (2006)
Buchegger, S., Le Boudec, J.-Y.: A Robust Reputation System for P2P and Mobile Ad-hoc Networks. In: Proceedings of the Second Workshop on the Economics of Peer-to-Peer Systems (2004)
IoT-A FP7 Project: Final Architectural Reference Model for the IoT. (2013), http://www.iot-a.eu/public/public-documents/d1.5/view (last visited January 27, 2014)
CISCO: Cisco 2014 Annual Security Report (2014), http://www.cisco.com/web/offers/lp/2014-annual-security-report/index.html (last visited February 6, 2014)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFIP International Federation for Information Processing
About this paper
Cite this paper
Vinkovits, M., Reiners, R., Zimmermann, A. (2014). TrustMUSE: A Model-Driven Approach for Trust Management. In: Zhou, J., Gal-Oz, N., Zhang, J., Gudes, E. (eds) Trust Management VIII. IFIPTM 2014. IFIP Advances in Information and Communication Technology, vol 430. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-43813-8_2
Download citation
DOI: https://doi.org/10.1007/978-3-662-43813-8_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-43812-1
Online ISBN: 978-3-662-43813-8
eBook Packages: Computer ScienceComputer Science (R0)