Maintaining Trustworthiness of Socio-Technical Systems at Run-Time
Abstract
Trustworthiness of dynamical and distributed socio-technical systems is a key factor for the success and wide adoption of these systems in digital businesses. Different trustworthiness attributes should be identified and accounted for when such systems are built, and in order to maintain their overall trustworthiness they should be monitored during run-time. Trustworthiness monitoring is a critical task which enables providers to significantly improve the systems’ overall acceptance. However, trustworthiness characteristics are poorly monitored, diagnosed and assessed by existing methods and technologies. In this paper, we address this problem and provide support for semi-automatic trustworthiness maintenance. We propose a trustworthiness maintenance framework for monitoring and managing the system’s trustworthiness properties in order to preserve the overall established trust during run-time. The framework provides an ontology for run-time trustworthiness maintenance, and respective business processes for identifying threats and enacting control decisions to mitigate these threats. We also present use cases and an architecture for developing trustworthiness maintenance systems that support system providers.
Keywords
Socio-Technical Systems Trustworthiness Run-Time MaintenancePreview
Unable to display preview. Download preview PDF.
References
- 1.Gol Mohammadi, N., Paulus, S., Bishr, M., Metzger, A., Könnecke, H., Hartenstein, S., Pohl, K.: An Analysis of Software Quality Attributes and Their Contribution to Trustworthiness. In: 3rd Int. Conference on Cloud Computing and Service Science, pp. 542–552. SciTePress (2013)Google Scholar
- 2.Amoroso, E., Taylor, C., Watson, J., Weiss, J.: A Process-Oriented Methodology for Assessing and Improving Software Trustworthiness. In: 2nd ACM Conference on Computer and Communications Security, pp. 39–50. ACM, New York (1994)Google Scholar
- 3.Sommerville, I.: Software Engineering, 9th edn. Pearson, Boston (2011)Google Scholar
- 4.Luckham, D.: The Power of Events – An Introduction to Complex Event Processing in Distributed Enterprise Systems. Addison-Wesley, Boston (2002)Google Scholar
- 5.IBM: An Architectural Blueprint for Autonomic Computing, Autonomic Computing. White paper, IBM (2003)Google Scholar
- 6.Kephart, J.O., Chess, D.M.: The Vision of Autonomic Computing. IEEE Computer 36(1), 41–50 (2003)CrossRefGoogle Scholar
- 7.Zhao, S., Wu, G., Li, Y., Yu, K.: A Framework for Trustworthy Web Service Management. In: 2nd Int. Symp. on Electronic Commerce and Security, pp. 479–482. IEEE (2009)Google Scholar
- 8.Computer Security Institute: 15th Annual 2010/2011 Computer Crime and Security Survey. Technical Report, Computer Security Institute (2011)Google Scholar
- 9.Arlitt, M., Krishnamurthy, D., Rolia, J.: Characterizing the Scalability of a Large Web Based Shopping System. ACM Transactions on Internet Technology 1(1), 44–69 (2001)CrossRefGoogle Scholar
- 10.Bassin, K., Biyani, S., Santhanam, P.: Metrics to Evaluate Vendor-developed Software based on Test Case Execution Results. IBM Systems Journal 41(1), 13–30 (2002)CrossRefGoogle Scholar
- 11.Zivkovic, M., Bosman, J.W., van den Berg, J.L., van der Mei, R.D., Meeuwissen, H.B., Nunez-Queija, R.: Dynamic Profit Optimization of Composite Web Services with SLAs. In: 2011 Global Telecommunications Conference (GLOBECOM), pp. 1–6. IEEE (2011)Google Scholar
- 12.Rana, O.F., Warnier, M., Quillinan, T.B., Brazier, F.: Monitoring and Reputation Mechanisms for Service Level Agreements. In: Altmann, J., Neumann, D., Fahringer, T. (eds.) GECON 2008. LNCS, vol. 5206, pp. 125–139. Springer, Heidelberg (2008)CrossRefGoogle Scholar
- 13.Clark, K.P., Warnier, M.E., Quillinan, T.B., Brazier, F.M.T.: Secure Monitoring of Service Level Agreements. In: 5th Int. Conference on Availability, Reliability, and Security (ARES), pp. 454–461. IEEE (2010)Google Scholar
- 14.Quillinan, T.B., Clark, K.P., Warnier, M., Brazier, F.M.T., Rana, O.: Negotiation and Monitoring of Service Level Agreements. In: Wieder, P., Yahyapour, R., Ziegler, W. (eds.) Grids and Service-Oriented Architectures for Service Level Agreements, pp. 167–176. Springer, Heidelberg (2010)CrossRefGoogle Scholar
- 15.Elshaafi, H., McGibney, J., Botvich, D.: Trustworthiness Monitoring and Prediction of Composite Services. In: 2012 IEEE Symp. on Computers and Communications, pp. 000580–000587. IEEE (2012)Google Scholar
- 16.Lenzini, G., Tokmakoff, A., Muskens, J.: Managing Trustworthiness in Component-Based Embedded Systems. Electronic Notes in Theoretical Computer Science 179, 143–155 (2007)CrossRefGoogle Scholar
- 17.Yu, T., Zhang, Y., Lin, K.: Efficient Algorithms for Web Services Selection with End-to-End QoS Constraints. ACM Transactions on the Web 1(1), 1–26 (2007)CrossRefGoogle Scholar
- 18.OPTET Consortium: D8.1 – Description of Use Cases and Application Concepts. Technical Report, OPTET Project (2013)Google Scholar
- 19.OPTET Consortium: D6.2 – Business Process Enactment for Measurement and Management. Technical Report, OPTET Project (2013)Google Scholar