Skip to main content
Springer Nature Link
Log in

Engineering Trust-Awareness and Self-adaptability in Services and Systems

  • Chapter
Engineering Secure Future Internet Services and Systems

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8431))

  • 1402 Accesses

Abstract

The Future Internet (FI) comprises scenarios where many heterogeneous and dynamic entities must interact to provide services (e.g., sensors, mobile devices and information systems in smart city scenarios). The dynamic conditions under which FI applications must execute call for self-adaptive software to cope with unforeseeable changes in the application environment. Models@run.time is a promising model-driven approach that supports the runtime adaptation of distributed, heterogeneous systems. Yet frameworks that accommodate this paradigm have limited support to address security concerns, hindering their usage in real scenarios. We address this challenge by enhancing models@run.time with the concepts of trust and reputation. Trust improves decision-making processes under risk and uncertainty and constitutes a distributed and flexible mechanism that does not entail heavyweight administration. This chapter introduces a trust and reputation framework that is integrated into a distributed component model that implements the models@run.time paradigm, thus allowing software components to include trust in their reasoning process. The framework is illustrated in a smart grid scenario.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

eBook
USD 18.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Blair, G., Bencomo, N., France, R.B.: Models@ run.time. Computer 42(10), 22–27 (2009)

    Article  Google Scholar 

  2. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, SP 1996, p. 164. IEEE Computer Society, Washington, DC (1996)

    Chapter  Google Scholar 

  3. Chakraborty, S., Ray, I.: Trustbac: Integrating trust relationships into the rbac model for access control in open systems. In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, SACMAT 2006, pp. 49–58. ACM, New York (2006)

    Chapter  Google Scholar 

  4. Chu, Y.-H., Feigenbaum, J., LaMacchia, B., Resnick, P., Strauss, M.: REFEREE: Trust management for Web applications. In: Selected Papers From the Sixth International Conference on World Wide Web, pp. 953–964. Elsevier Science Publishers Ltd., Essex (1997)

    Google Scholar 

  5. Conner, W., Iyengar, A., Mikalsen, T., Rouvellou, I., Nahrstedt, K.: A trust management framework for service-oriented environments. In: Proceedings of the 18th International Conference on World Wide Web, WWW 2009, pp. 891–900. ACM, New York (2009)

    Chapter  Google Scholar 

  6. Crapanzano, C., Milazzo, F., De Paola, A., Re, G.L.: Reputation Management for Distributed Service-Oriented Architectures. In: 2010 Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems Workshop (SASOW), pp. 160–165 (2010)

    Google Scholar 

  7. Farmer, R., Glass, B.: Building Web Reputation Systems, 1st edn. Yahoo! Press, USA (2010)

    Google Scholar 

  8. Fouquet, F., Barais, O., Plouzeau, N., Jézéquel, J.-M., Morin, B., Fleurey, F.: A Dynamic Component Model for Cyber Physical Systems. In: 15th International ACM SIGSOFT Symposium on Component Based Software Engineering, Bertinoro, Italie (July 2012)

    Google Scholar 

  9. Ghezzi, C.: The fading boundary between development time and run time. In: Zavattaro, G., Schreier, U., Pautasso, C. (eds.) ECOWS, p. 11. IEEE (2011)

    Google Scholar 

  10. Grandison, T.: Trust management for internet applications. PhD thesis, University of London (July 2002)

    Google Scholar 

  11. Hanen, H., Bourcier, J.: Dependability-Driven Runtime Management of Service Oriented Architectures. In: PESOS - 4th International Workshop on Principles of Engineering Service-Oriented Systems - 2012, Zurich, Suisse (June 2012)

    Google Scholar 

  12. Herrmann, P., Krumm, H.: Trust-adapted enforcement of security policies in distributed component-structured applications. In: Proceedings of the Sixth IEEE Symposium on Computers and Communications, pp. 2–8 (2001)

    Google Scholar 

  13. Herrmann, P.: Trust-Based Protection of Software Component Users and Designers. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 75–90. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  14. Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decision Support Systems 43(2), 618–644 (2007)

    Article  Google Scholar 

  15. Jürjens, J.: UMLsec: Extending UML for Secure Systems Development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  16. Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  17. Marsh, S.: Formalising Trust as a Computational Concept. PhD thesis, University of Stirling (April 1994)

    Google Scholar 

  18. McDermott, J., Fox, C.: Using Abuse Case Models for Security Requirements Analysis. In: Proceedings of the 15th Annual Computer Security Applications Conference, ACSAC 1999, p. 55. IEEE Computer Society, Washington, DC (1999)

    Google Scholar 

  19. Miller, K.W., Voas, J., Laplante, P.: In Trust We Trust. Computer 43, 85–87 (2010)

    Article  Google Scholar 

  20. Mouratidis, H., Giorgini, P.: Secure Tropos: A Security-Oriented Extension of the Tropos Methodology. International Journal of Software Engineering and Knowledge Engineering 17(2), 285–309 (2007)

    Article  Google Scholar 

  21. Moyano, F., Fernandez-Gago, C., Lopez, J.: A conceptual framework for trust models. In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds.) TrustBus 2012. LNCS, vol. 7449, pp. 93–104. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  22. Moyano, F., Fernandez, C., Lopez, J.: Towards engineering trust-aware future internet systems. In: Franch, X., Soffer, P. (eds.) CAiSE Workshops 2013. LNBIP, vol. 148, pp. 490–501. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  23. NESSoS. Initial version of two case studies, evaluating methodologies. Deliverable 11.3: http://www.nessos-project.eu/ (October 2012)

  24. Pavlidis, M., Mouratidis, H., Islam, S.: Modelling Security Using Trust Based Concepts. IJSSE 3(2), 36–53 (2012)

    Google Scholar 

  25. Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Computer Networks 57, 2266–2279 (2013)

    Article  Google Scholar 

  26. Schneier, B.: Attack Trees: Modeling Security Threats. Dr. Dobb’s Journal (1999)

    Google Scholar 

  27. Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requir. Eng. 10(1), 34–44 (2005)

    Article  Google Scholar 

  28. Uddin, M.G., Zulkernine, M.: Umltrust: Towards developing trust-aware software. In: Proceedings of the 2008 ACM Symposium on Applied Computing, SAC 2008, pp. 831–836. ACM, New York (2008)

    Google Scholar 

  29. van Lamsweerde, A., Letier, E.: Handling Obstacles in Goal-Oriented Requirements Engineering. IEEE Trans. Softw. Eng. 26(10), 978–1005 (2000)

    Article  Google Scholar 

  30. Yan, Z., Prehofer, C.: Autonomic Trust Management for a Component-Based Software System. IEEE Transactions on Dependable and Secure Computing 8(6), 810–823 (2011)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Malaga, 29071, Malaga, Spain

    Francisco Moyano, Carmen Fernandez-Gago & Javier Lopez

  2. INRIA Rennes Bretagne-Atlantique, Campus de Beaulieu, 35042, Rennes, France

    Benoit Baudry

  3. SIMULA RESEARCH LAB., Certus Software V&V Center, Lysaker, Norway

    Benoit Baudry

Authors
  1. Francisco Moyano
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carmen Fernandez-Gago
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Benoit Baudry
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Javier Lopez
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. INKO, Software Engineering, Universität Duisburg-Essen, 47048, Duisburg, Germany

    Maritta Heisel

  2. Department of Computer Science, KU Leuven, Celestijnenlaan 200A, 3001, Heverlee, Belgium

    Wouter Joosen

  3. Computer Science Department, Network, Information and Computer Security Lab, University of Malaga, 29071, Malaga, Spain

    Javier Lopez

  4. Istituto di Informatica e Telematica (IIT), Consiglio Nazionale delle Ricerche (CNR), Via G. Moruzzi 1, 56124, Pisa, Italy

    Fabio Martinelli

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Moyano, F., Fernandez-Gago, C., Baudry, B., Lopez, J. (2014). Engineering Trust-Awareness and Self-adaptability in Services and Systems. In: Heisel, M., Joosen, W., Lopez, J., Martinelli, F. (eds) Engineering Secure Future Internet Services and Systems. Lecture Notes in Computer Science, vol 8431. Springer, Cham. https://doi.org/10.1007/978-3-319-07452-8_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-07452-8_8

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-07451-1

  • Online ISBN: 978-3-319-07452-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics