Abstract
Digital services have a significant impact on the lives of many individuals and organisations. Trust influences decisions regarding potential service providers, and continues to do so once a service provider has been selected. It is common to refer to the entity that is trusting as the trustor, and to the entity that is trusted as the trustee. There is no globally accepted model to describe trust in the context of digital services, nor to evaluate the trustworthiness of entities.
Trust is commonly used in the context of digital services, yet it is overloaded with meaning and difficult to interpret.
This thesis presents a novel model to describe and evaluate an entity’s trustworthiness. The model is referred to as the trustworthy ecosystem model. It is based on four building blocks: a data model, a rulebook, trustworthiness evaluation functions and instance data.
The data model is expressed in First Order Logic. Rulebooks, which consist of constraints that reflect a particular context for reasoning about trustworthiness, are described using predicates. The entity that is evaluating is referred to as the evaluator, and the entity that is evaluated is the evaluation subject. The evaluator corresponds to a potential trustor, and the evaluation
subject to a potential trustee. Verifying whether the constraints are satisfied over a set of instance data allows an evaluator to evaluate the trustworthiness of an evaluation subject. For this purpose trustworthiness evaluation functions are specified. The functions takes as input a rulebook, i.e. a set of constraints, and a set of data. A rulebook contains a mandatory and a discretionary part. The mandatory part describes the constraints that must be satisfied to have the minimal basis for relevant execution of the discretionary rules. The discretionary part allows the evaluator to specify a trustworthiness evaluation policy by selecting discretionary constraints. The data represents real world information about the potential trustee and its context. The outcome of the evaluation provides evidence that can be used by the evaluator to decide to interact with the evaluation subject in the relationship of trustor–trustee.
To demonstrate the practical feasibility of the proposed framework, a partial implementation is presented. The data model was implemented in OWL, a logic language that was established by the Worldwide Web Consortium (W3C). The data model was complemented by a data import and transformation mechanism which transforms data from public and authoritative sources into the data model and stores it in a graph database. A sample rulebook and trustworthiness evaluation function were implemented in the form of SPARQL queries. The implementation is partial because it implements only two particular rulebooks, inspired by the European legislation for trust services, and because it uses a specific set of data sources for its instance data.
The approach was validated by implementing the model, importing real world data, performing selective evaluations of trustworthiness and comparing their outcome to other approaches such as PKI and the Web of Trust verification.
The scientific contribution of the thesis can be summarised as follows:
• A thorough investigation of the current academic field on trust and trustworthiness was performed through a literature review, to identify potential improvement points and thus create the basis for the thesis.
• An integrated set of requirements for trust, i.e. things which must hold for an entity, or the outcome of an interaction to be regarded as trustworthy, were proposed on the basis of the literature review and the findings of the FutureTrust research project.
• Based on these requirements, a new way to logically model providers and consumers of digital services as well as the providers of trust services as participants in a digital ecosystem was proposed. It is based on a data model, a rulebook, trustworthiness evaluation functions and instance data.
• A partial implementation of the model was performed to validate it, using data from authoritative public sources.
Trust is commonly used in the context of digital services, yet it is overloaded with meaning and difficult to interpret.
This thesis presents a novel model to describe and evaluate an entity’s trustworthiness. The model is referred to as the trustworthy ecosystem model. It is based on four building blocks: a data model, a rulebook, trustworthiness evaluation functions and instance data.
The data model is expressed in First Order Logic. Rulebooks, which consist of constraints that reflect a particular context for reasoning about trustworthiness, are described using predicates. The entity that is evaluating is referred to as the evaluator, and the entity that is evaluated is the evaluation subject. The evaluator corresponds to a potential trustor, and the evaluation
subject to a potential trustee. Verifying whether the constraints are satisfied over a set of instance data allows an evaluator to evaluate the trustworthiness of an evaluation subject. For this purpose trustworthiness evaluation functions are specified. The functions takes as input a rulebook, i.e. a set of constraints, and a set of data. A rulebook contains a mandatory and a discretionary part. The mandatory part describes the constraints that must be satisfied to have the minimal basis for relevant execution of the discretionary rules. The discretionary part allows the evaluator to specify a trustworthiness evaluation policy by selecting discretionary constraints. The data represents real world information about the potential trustee and its context. The outcome of the evaluation provides evidence that can be used by the evaluator to decide to interact with the evaluation subject in the relationship of trustor–trustee.
To demonstrate the practical feasibility of the proposed framework, a partial implementation is presented. The data model was implemented in OWL, a logic language that was established by the Worldwide Web Consortium (W3C). The data model was complemented by a data import and transformation mechanism which transforms data from public and authoritative sources into the data model and stores it in a graph database. A sample rulebook and trustworthiness evaluation function were implemented in the form of SPARQL queries. The implementation is partial because it implements only two particular rulebooks, inspired by the European legislation for trust services, and because it uses a specific set of data sources for its instance data.
The approach was validated by implementing the model, importing real world data, performing selective evaluations of trustworthiness and comparing their outcome to other approaches such as PKI and the Web of Trust verification.
The scientific contribution of the thesis can be summarised as follows:
• A thorough investigation of the current academic field on trust and trustworthiness was performed through a literature review, to identify potential improvement points and thus create the basis for the thesis.
• An integrated set of requirements for trust, i.e. things which must hold for an entity, or the outcome of an interaction to be regarded as trustworthy, were proposed on the basis of the literature review and the findings of the FutureTrust research project.
• Based on these requirements, a new way to logically model providers and consumers of digital services as well as the providers of trust services as participants in a digital ecosystem was proposed. It is based on a data model, a rulebook, trustworthiness evaluation functions and instance data.
• A partial implementation of the model was performed to validate it, using data from authoritative public sources.
| Original language | English |
|---|---|
| Qualification | Ph.D. |
| Awarding Institution |
|
| Supervisors/Advisors |
|
| Award date | 1 Sept 2021 |
| Publisher | |
| Publication status | Unpublished - 2021 |
Keywords
- Trust
- Trust Models
- Ontology
- trustworthiness
- trust and epistemology
- trusted computing
- Ontological reasoning
- Ontology construction