Two-level trust-based decision model for information assurance in a virtual organization
Introduction
A virtual organization represents a loosely coupled community with a set of participants sharing resources based on mutually agreed upon rules. In our discussion, each participant represents an independent computing system associated with a single administrative domain. Each system contains a set of internal applications (see Fig. 1). An internal application performs dedicated functions or provides certain services. Some common features of a VO are: (1) they are self-organized by participants based on mutual interests; (2) they have a large scope spanning over multiple administrative domains; (3) they have dynamic members, i.e., participants join and leave at any time; and (4) they allow resources shared in a controlled and accountable manner. An open source software community is an example of a virtual organization, where thousands of programmers and software engineers voluntarily contribute to developing large-scale software and offer programs they have developed to share with other participants. Such a virtual organization is decentralized and self-organized. In GNUe [8], for example, no company or corporate executive has administrative authority or resource control to determine what work will be done, what the schedule will be, and who will be assigned to perform any of the specified tasks [26]. The participants decide to offer and consume information based on their own needs and criteria. Many other types of VOs exist including peer-to-peer systems, Grid systems, and electronic virtual markets.
Information assurance has become a major concern for many VOs. Low barriers to publishing information in a VO require novel mechanisms to verify the quality and security features of available information before they can be used by a participant. In an open source software community, there are thousands of software freely available for download. The quality of each software varies widely due to the expertise of the software's developers, the software engineering practices those developers use, and the information process culture those developers have. In this paper, we focus on two aspects of information assurance: information quality and security. Information quality refers to the quality of an object, e.g., correctly describes a “thing” or provides a function. For instance, the quality of a software program can be described by its functionality, usability, reliability, etc. If a program has been developed with race condition or deadlock, for example, then that program is considered to have poor quality. If a program produces correct results in a consistent and predictable manner given a full set of well-prepared testing inputs, then it has high quality in term of functionality. Security features of a program refer to its safety and reliability when being executed by users. A program is safe to use if it does not contain malicious code, is free of vulnerabilities, and has no functions beyond its designed specifications.
Our framework addresses the issue of information assurance from the object trust perspective. A user evaluates the quality and security of a program based on how much the program can be trusted from two aspects: (1) whether the program functions correctly, and (2) whether the program is secure and safe for use. The core part of our framework is a two-level decision model developed to assist users in selecting external objects that satisfy the users' requirements for information assurance. As the name implies, a final decision is made based on evaluations at two levels – the system level and the internal application level. As mentioned earlier, a participant of a VO represents an independent system, which contains a set of internal applications providing different functions and services. The two-level decision model separates the specifications of selection criteria between a system and its internal applications. With different focuses and scopes at the two levels, the requirements for information assurance are specified with different degrees of details. The decision at the system level is based on a set of general trust-related attributes for a given type of objects and their respective testing conditions. For instance, for software selection and reuse, a system may define general policy rules based on general attributes related to the software's licenses (not all the open source software is created with the same licenses) and virus detection. These rules, for example, may define that “any software without appropriate licenses can't be selected” and “the software must pass virus detection test.” The goal is to quickly filter or select an object, if possible. The decision rules defined at this level are applied within the entire scope of the system. The decision at the application level, on the other hand, is based on additional or refined trust-related attributes for the given type of objects and their respective testing conditions to further filter and rearrange the objects that have been selected at the system level. For instance, the decision rules at the internal application level may specify, “the software selected to run on a server machine must not have hidden routines to open network connections without system administrator's acknowledgement” and “the software selected to be used as components to build mission-critical projects cannot accept arbitrary-length files as inputs for security reasons.” Any external object must satisfy the requirements defined at both the system and internal application levels in order to be used internally. A flow chart for a high-level view of the proposed decision process is illustrated in Fig. 2.
Throughout this paper, we use open source software selection and reuse as an illustrative example. Although our model focuses on the security and quality features of a given object, it is open to other dimensions. Our major contributions include (1) proposal of a trust-based hierarchical decision model, which focuses on object intrinsic and extrinsic features; (2) design of key decision-making components, e.g., attribute-driven policy rules, threshold selection criteria and operators, and balance between positive and negative features of an object; (3) development of an utility fusion theory based on the decreasing margin utility theory; and (4) applications of the proposed framework to software selection and reuse.
Section snippets
Related work
Two major streams of literature are related to our work: general decision-making methods and trust-based decision models. We discuss each of them next.
Terminology
This section first defines object, trust-related attributes of a type of objects, and the values of those attributes given an object. Then the coined term utility is introduced. A UML class diagram is developed to illustrate the relationships among the terms defined in this paper (see Fig. 3). Definition 1 An object is a passive entity that represents a piece of information or knowledge in various forms such as a software program, a data item, a statement, or a file. Object is a generic term. In our
Decision model at the system level
Since the decision model at the system level defines general rules to select objects, the decision process at this level is desired to be quick, standard, but less specific. Based on a relatively small set of most representative and important attributes, the decision rules at this level filters out some objects quickly, which are obviously out of boundaries, or select an object, which clearly meets the system's expectations.
The steps in developing policy rules can be summarized as: (1)
Decision model at the application level
The decision model at the system level focuses on the system-wide general requirements for information quality and security without addressing any particular concerns of internal applications within that system. The decision model at the application level allows individual internal applications to specify and apply their additional and refined policies to filter or reorganize those objects selected at the system level.
Conclusions
This paper addresses the issue of information assurance in a virtual organization (VO) environment. We present a two-level decision model to aid VO participants in selecting external information with required level of quality and security. Evaluating the trustworthiness of an object is challenging since it requires the evaluator to have solid domain knowledge about that object and have reliable resources to refer to. The proposed model guides users to go through two major steps to make the
Acknowledgement
The authors are thankful to Dr. Robert L. Herklotz for his support and the editors and anonymous reviewers for their valuable comments. The research effort of Dr. Brajendra Panda has been supported by the US AFOSR under grant F49620-01-10346.
Yanjun Zuo is an assistant professor at the University of North Dakota, Grand Forks, USA. He earned his Ph.D. in Computer Science from the University of Arkansas, Fayetteville, USA in 2005. He also holds two master’s degrees in Computer Science and Business Administration from the University of Arkansas and the University of North Dakota, Grand Forks, USA, respectively. His research interests include information and computer security, trustworthy computing, survivable and self-healing systems,
References (37)
- et al.
Eight key issues for the decision support systems discipline
Decision Support Systems
(2008) - et al.
Survey of decision field theory
Mathematical Social Sciences
(2002) - et al.
An intelligent agent-assisted decision support system for family financial planning
Decision Support Systems
(2007) - et al.
A trust-based consumer decision-making model in electronic commerce: the role of trust, perceived risk, and their antecedents
Decision Support Systems
(2008) - et al.
Neural networks for decision support: problems and opportunities
Decision Support Systems
(1994) - et al.
Trust in health infomediaries
Decision Support Systems
(2007) - et al.
An agent-based decision support system for wholesale electricity market
Decision Support Systems
(2008) Intelligent agents as a basis for decision support systems
Decision Support Systems
(1997)- et al.
Bankruptcy prediction using neural networks
Decision Support Systems
(1994) Utility-based decision support system for schedule optimization
Decision Support Systems
(2008)
Using soft computing to build real world intelligent decision systems in uncertain domains
Decision Support Systems
Knowledge discovery from decision tables by the use of multiple-valued logic
Artificial Intelligence Review
Decentralized trust management
Psychological expected utility theory and anticipatory feelings
Quarterly Journal of Economics
REFEREE: trust management for web applications
World Wide Web Journal
Measuring information systems service quality: concerns on the use of the SERVQUAL questionnaire
MIS Quarterly
Free software development: cooperation and conflict in a virtual organizational culture
Overview of the AT&T Labs Trust Management Project: position paper
Cited by (8)
The dynamic nature of trust transfer: Measurement and the influence of reciprocity
2012, Decision Support SystemsCitation Excerpt :Notably, whereas the action of trusting entails the trustor's decision to place himself into a vulnerable position based on positive expectations regarding the intentions of a certain trustee [31], the explanations of trust refer to the set of possible motivations (i.e., drivers of trust) leading a trustor to place his trust in a given trustee. Trust transfer is directly connected to the concept of transitive trust, i.e., one party (the trustor) trusts an unknown agent (the trustee) based on that agent's association with a trusted third party [29,74,79]. Thus, the trust in an agent (i.e., the third party) leads the trustor to trust an unknown trustee.
Determinants of open source software project success: A longitudinal study
2009, Decision Support SystemsA study of trust over time within a social network mediated environment
2013, Journal of Marketing ManagementUsability evaluation guidelines for Business Intelligence applications
2013, ACM International Conference Proceeding SeriesSearching for the optimal proof schedule in a proof-carrying survivability paradigm - A dynamic, interactive approach
2012, Proceedings of the 9th International Conference on Information Technology, ITNG 2012
Yanjun Zuo is an assistant professor at the University of North Dakota, Grand Forks, USA. He earned his Ph.D. in Computer Science from the University of Arkansas, Fayetteville, USA in 2005. He also holds two master’s degrees in Computer Science and Business Administration from the University of Arkansas and the University of North Dakota, Grand Forks, USA, respectively. His research interests include information and computer security, trustworthy computing, survivable and self-healing systems, and information privacy protection. He has published numerous articles in referred journals and conference proceedings in these fields.
Brajendra Panda is a professor at the University of Arkansas, Fayetteville, USA. He received his Ph.D. in Computer Science from North Dakota State University, Fargo, USA in 1994 and a master’s degree in mathematics from Utkal University, India in 1985. His research interests include database systems, trusted database systems, computer security, computer forensics, and information assurance. He has published extensively in these fields.