Temporal Logic-Based Specification and Verification of Trust Models
Mutual trust is essential in performing economical transactions. In modern internet-based businesses, however, traditional trust gaining mechanisms cannot be used and new ways to build trust between e-business partners have to be found. In consequence, a lot of models describing trust and the mechanisms to build it were developed. Unfortunately, most of these models neither provide the right formalism to model relevant aspects of the trust gaining process (e.g., context and time of a trust-related interaction), nor do they allow refinement proofs verifying that a trust management tool implements a certain trust model. Therefore, we propose the temporal logic-based specification and verification technique cTLA which provides a formalism enabling to model context- and time-related aspects of a trust building process. Moreover, cTLA facilitates formal refinement proofs. In this paper, we discuss the application of cTLA to describe trust purposes by means of simple example systems which are used to decide about the application of certain policies based on the reputation of a party. In particular, we introduce a basic and a refined reputation system and sketch the proof that the refined system is a correct realization of the simple one.
KeywordsTrust Model Process Type Trust Management Reputation System Process Instance
Unable to display preview. Download preview PDF.
- 1.McKnight, D.H., Chervany, N.L.: The Meanings of Trust. Working Paper Series 96–04, University of Minnesota — Carlson School of Management (1996)Google Scholar
- 2.Gambetta, D.: Can We Trust Trust? In: Gambetta, D. (ed.) Trust: Making and Breaking Cooperative Relations, pp. 213–238. Basil Blackwell, Malden (1990)Google Scholar
- 3.Jøsang, A.: The right type of trust for distributed systems. In: Proc. UCLA New Security Paradigms Workshop, Lake Arrowhead, pp. 119–131. ACM, New York (1996)Google Scholar
- 7.Cheskin Research and Studio Archetype/Sapient: eCommerce Trust Study (1999)Google Scholar
- 12.Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proc. 17th Symposium on Security and Privacy, Oakland, pp. 164–173. IEEE, Los Alamitos (1996)Google Scholar
- 13.Grandison, T., Sloman, M.: Specifying and Analysing Trust for Internet Applications. In: Proc. 2nd IFIP Conference on E-Commerce, E-Business & E-Government (I3E), Lisbon, pp. 145–157. Kluwer Academic Publisher, Dordrecht (2002)Google Scholar
- 14.Abdul-Rahman, A., Hailes, S.: Supporting Trust in Virtual Communities. In: Proc. 33rd Hawaii International Conference, Maui, Hawaii, vol. 6. IEEE Computer Society Press, Los Alamitos (2000)Google Scholar
- 17.Vissers, C.A., Scollo, G., van Sinderen, M.: Architecture and specification style in formal descriptions of distributed systems. In: Agarwal, S., Sabnani, K. (eds.) Proc. 8th IFIP International Conference on Protocol Specification, Testing and Verification (PSTV 1988), pp. 189–204. Elsevier, Amsterdam (1988)Google Scholar
- 18.Herrmann, P., Krumm, H.: A Framework for the Hazard Analysis of Chemical Plants. In: Proc. 11th IEEE International Symposium on Computer-Aided Control System Design (CACSD 2000), Anchorage, IEEE CSS, pp. 35–41. Omnipress (2000)Google Scholar
- 20.Jøsang, A., Knapskog, S.J.: A metric for trusted systems. In: Proc. 21st National Security Conference, NSA (1998)Google Scholar
- 21.Abadi, M., Lamport, L.: An old-fashioned recipe for real time. In: Huizing, C., et al. (eds.) REX 1991. LNCS, vol. 600. Springer, Heidelberg (1992)Google Scholar