Abstract. We describe the application of our collaboration-oriented software engineering approach to the design of trust-aware systems. In this model-based technique, a specification does not describe a physical system component but the collaboration between various components which achieve system functions by cooperation. A system model is com-posed from these collaboration specifications. By a set of transforma-tions, executable code can be automatically generated. As a modeling language, we use UML 2.0 collaborations and activities, for which we defined a semantics based on temporal logic. Thus, formal refinement and property proofs can be provided by applying model checkers as well. We consider our approach to be well-suited for the development of trust-based systems since the trust relations between different parties can be nicely modeled by the collaborations. This ability facilitates also a tight cooperation between trust management and software engineering experts which are both needed to create scalable trust-aware applications. The engineering approach is introduced by means of an electronic auction sys-tem executing different policies which are guided by the mutual trust of its principals. While the approach can be used for various trust models, we apply Jøsang’s Subjective Logic in the example. 1

Language and Method Guidelines, 1 st version (Status: External release approved) Classification: (Confidential or open)

Abstract — The trust management in P2P networks allows to establish the trust relationships among the peers and decide whether the considered transaction will be realized. It tries to ensure safety in the extremely unsafe environments of P2P networks. In this paper we focus on the formal description of requirements of trusted P2P networks and we propose the model which is able to measure them. Our model should be adaptable to the previously published methods and allows to compare them. The fundamentals of our model are trust matrices which record the trust relationships between peers. We define similarity between trust matrices for purpose of comparison of different management systems. On the basis of this similarity we propose the criterion which is able to measure successfulness of trust management. Trust management; P2P Networks; Reputation; Access control; I.