Citation Context

...l, informational, and technical points of view [10]. For each of these perspectives there are different trust issues that should be addressed, for instance, how users perceive the trust in the system =-=[21]-=- (social), what are the concepts and semantics of trust mapped into the system (informational), and how secure is the encryption technology used (technical). In this paper we are especially interested...

Citation Context

...that are not easily portable to our context-aware domain because they either specify incomplete trust relationships related to at most one trust aspect (e.g., enforcement of access control procedures =-=[5]-=-, integrity of identities [6], or the enforcement of privacy policies [7]) or make no distinction between different trust aspects because users need to trust a centralized service as a whole, for inst...

Citation Context

...ends with a discussion on the integration of trust recommendations in our trust model. 3.1 Formalization of Aspect-Specific Trust Relationships Many models for trust management exist (e.g., see [3][4]=-=[16]-=- and Section 5 of this paper). Most of these models refer to a specific application domain and, as such, propose special-purpose solutions that are not easily portable to other domains: our context-aw...

Citation Context

...tes our trust model and is currently implemented in a peer-to-peer prototype using JXTA [11]. We present the current proof-of-concept implementation of our trust model which uses the Subjective Logic =-=[12]-=- API for trust calculations. In the prototype the user can select his goal (privacy enforcement or service adaptation) and see the resulting trust value for the available context-aware services. This ...

Citation Context

... system, stating a level of trust in the recommendations received from that entity. In order to merge the recommendations received from many entities, for example, we can use the solution proposed in =-=[27]-=-. Here the SL consensus operator is used to merge considering uncertainty in a “fair” way and if entities receive conflicting recommendations this increases the uncertainty in the trust values. This i...

Citation Context

...on ends with a discussion on the integration of trust recommendations in our trust model. 3.1 Formalization of Aspect-Specific Trust Relationships Many models for trust management exist (e.g., see [3]=-=[4]-=-[16] and Section 5 of this paper). Most of these models refer to a specific application domain and, as such, propose special-purpose solutions that are not easily portable to other domains: our contex...

Citation Context

...mation is used as input for trust evaluation can be found in [24][25]. Here, the inference of different levels of trustworthiness of a piece of data depends upon also the currently active context. In =-=[26]-=-, the context is explicitly modeled in the trust relationship that might exist between two agents; as such the trust relationship that results is formally contextualized; contextual data, when availab...

Citation Context

...cts that we consider. Based on specific user goals, the trust values in the privacy enforcement and context provisioning aspects have different weights in the resulting trust in the service. Based on =-=[10]-=- we address two types of user goals: one demanding with higher priority the enforcement of his/her privacy rules and the second one demanding with higher priority the service adaptation. With the calc...

Citation Context

...ionships. These relationships are interpersonal relationships where each of them has an entity that sets up the trust relationship with another entity, called respectively the Trustor and the Trustee =-=[3]-=-. This set of trust relationships is by no means exhaustive; other trust relationships targeting different aspects can be identified if different scenarios would be considered. Our objective here is t...

Citation Context

...mong the entities, such as, service, identity and context providers, that cooperate during the service provisioning. For example, users of context-aware services may not accept that privacy sensitive =-=[1]-=- context information is released if they do not trust the service providers receiving the information; service providers 1 Supported by CNPq Scholarship – Brazilsmay, in turn, demand trustworthy conte...

Citation Context

... a set of interconnected trust relationships related to specific trust aspects that satisfy the trust requirements of our target contextaware service platform (the Freeband AWARENESS service platform =-=[9]-=-). Our trust management model, or trust model for short, addresses a basic set of trust aspects related to identity provisioning, privacy enforcement, and context provisioning activities. This list is...

Citation Context

...ers 1 Supported by CNPq Scholarship – Brazilsmay, in turn, demand trustworthy context providers in order to ensure that the context information has the minimum required quality for service adaptation =-=[2]-=-; finally, context providers may request trustworthy identity providers to ensure that the retrieved context information corresponds to the correct identity. The trust of a user in the context-aware s...

Citation Context

...n also be trusted. The relation between context-awareness and trust can also be carrier of new opportunities. Proposals where context information is used as input for trust evaluation can be found in =-=[24]-=-[25]. Here, the inference of different levels of trustworthiness of a piece of data depends upon also the currently active context. In [26], the context is explicitly modeled in the trust relationship...

Citation Context

...so be trusted. The relation between context-awareness and trust can also be carrier of new opportunities. Proposals where context information is used as input for trust evaluation can be found in [24]=-=[25]-=-. Here, the inference of different levels of trustworthiness of a piece of data depends upon also the currently active context. In [26], the context is explicitly modeled in the trust relationship tha...

Citation Context

...ism of combining trust aspects we have not found treated appropriately in the literature. Despite we have not researched in this direction, we do not exclude that existing formalisms for trust (e.g., =-=[17]-=-) can be extended to express and combine multiple trust aspects as it is required by our domain. As widely accepted, we formalize trust as a relationship between two entities, the Trustor and the Trus...

Citation Context

... whose features are unknown) and with which they have had no previous experiences, we support recommendation management in trust relationships in our model in a similar way to the approach adopted by =-=[19]-=-. By using recommendations (indirect) trust can be established based on information received from other entities. Each entity can have an a priori trust value regarding the recommendation aspect about...

Citation Context

...rust mapped into the system (informational), and how secure is the encryption technology used (technical). In this paper we are especially interested on the informational level. Grandinson and Sloman =-=[22]-=- propose a trust specification and analysis framework for internet applications called SULTAN. In SULTAN trust levels are defined from a Trustor perspective for different allowed Trustee actions. SULT...

Citation Context

... context-aware service adaptation. Trust in the context provider from the service provider point of view is also required in case dynamic security policies based in context information are used (e.g. =-=[13]-=-), which may require additional security verifications in case untrustworthy context information is received. An example of additional security verifications could be, for example, redundant check of ...

Citation Context

...m identities regarding their trust on others, and it is responsible to the synthesis of an overall recommendation. More advanced algorithms to calculate trust from indirect knowledge are presented in =-=[20]-=-. We leavesas a future work the formalization and evaluation of trust recommendations exchange in our trust model using the SL consensus operator. 4 Distributed Trust Management Architecture A context...

Citation Context

...ties specialized in privacy protection issues. Privacy protection organizations take care of privacy policies certification in the same way identities are certified today by certification authorities =-=[15]-=-. We foresee that privacy recommendations will be provided by informal organizations such as virtual users’ communities and customer protection organizations.sContext Information Provisioning. The tru...

Citation Context

...ence, andsreliability”. Other behaviors are also important and will be considered in our future work. A list of possible trustee behaviors and their correlations based in user studies can be found in =-=[18]-=-. The trust aspect models different scopes that can be tackled by the trust relationships. As motivated in Subsection 2.1, for our target context-aware service platform we address the following aspect...

Citation Context

...should be compared with the context owner’s privacy preferences and, in case they match, it is assumed that the privacy expectations will be followed. The following metrics have also been proposed by =-=[14]-=- and [7] to calculate trust values regarding privacy enforcement aspects: user interest in sharing, confidentiality level of the information, number of positive previous experiences, number of arbitra...

Citation Context

...her specify incomplete trust relationships related to at most one trust aspect (e.g., enforcement of access control procedures [5], integrity of identities [6], or the enforcement of privacy policies =-=[7]-=-) or make no distinction between different trust aspects because users need to trust a centralized service as a whole, for instance, in the way it is done by e-bay [8]. We define a new trust managemen...

Citation Context

...strusting the Trustee. Kolari et al. [7] also proposes trust for privacy where trust values are associated with privacy policies in the Platform for Privacy Preferences (P3P) format. Liberty Alliance =-=[23]-=- and MSN passport are examples of identity federation and single sign-on solutions. When using these approaches the authentication task is delegated to trusted identity providers. The authentication i...