- »Lectures and Classes
- Diskrete Strukturen und Logik (WS 2011/12)
- Internet Security (WS2011/2012)
- Semantic Web Technologien (WS2011/2012)
- Large Scale Processing for Multimedia Analysis (WS2011/2012)
- SEO - Search Engine Optimization (WS2011/2012)
- Webprogrammierung und Web 2.0-Technologien (WS2011/12)
- Der neue Personalausweis: Konzept und Umsetzung (WS2011/2012)
- Web Service Security (WS2011/2012)
- Network Security in Practice (WS2011/2012)
- Archive
- »Tele-Lectures
- »Master-Projekte
- Master Theses
- »Bachelor Projects
- PhD Students
- D-School teaching
- Research Seminars
- »Lectures and Classes
Contact
Prof. Dr. Christoph Meinel
Hasso-Plattner-Institut
an der Universität Potsdam
Tel: +49 0331/5509-222
Fax: +49 0331/5509-325
Mobil: +49 176 10010727
meinel"at"hpi.uni-potsdam.de
Books
Trust in SOA
In a Service Oriented Architecture (SOA) the need to provide different levels of security between services that handle private information is becoming more critical. These services will need to provide privacy guarantees to prevent delicate information from ending up in the wrong hands. This is not an easy task in a world that has always new participants, laws and policies, requirements, and conditions. In open systems, authentication-based security and privacy schemes are inadequate, due to the fact that principals might be able to provide authentication but are otherwise unknown to the system and thus not authorizable for specific actions. In this case services will adopt the real-world behavior; which is relying on Trust-relationships.
Trust Management
As a means to formalize trust negotiation in the web, there are two approaches for managing trust: policy-based and reputation-based. The two approaches have been developed within the context of different environments and targeting different requirements. On one hand, policy-based trust relies on “strong security” mechanisms such as signed certificates and trusted certification authorities in order to regulate the access of users to services. The result is a binary decision- trusted or not. On the other hand, reputation-based trust relies on a “soft computational” approach. In this case, trust is typically computed from local experiences together with the feedback given by other entities in the network.
The two approaches address the same problem - establishing trust among interacting parties in distributed and decentralized systems. However, they assume different settings. While the policy based approach has been developed within the context of structured organizational environments, the reputation systems have been proposed to address the unstructured user community. Consequently, they assume different sources for trust (Certificate Authorities and community opinion, respectively) and accordingly employ different mechanisms.
Reputation-based systems
Reputation systems also can generally be described into two abstract Reputation Topologies:
- Directly: by users’ statements about their experiences (all social networks).
- Indirectly: from behavior (Google: view the behavior of creating a hyperlink to a Web Page as evidence of the quality, reliability of that web page). Or like the number of cross citations that a given author or journal has accumulated over a period of time. It is a science known as Scientometrics. It is the study of measuring research outputs such as journal impact factors
Reputation Transfer
Business often develop proprietary reputation systems for their community, with the side effect of locking users into that service if they wish to maintain their reputation. Reputation is used in multi-agent models like e-commerce, and distributed computation and reasoning. Currently, virtual communities are using only their own reputation values without exchanging information about this context. Reputation transfer is a controversial subject that is considered either not applicable or of high potentials, whether it is among social network participants or among software agents.
We research the possibility of transferring reputation values among platforms and communities taking into consideration each community’s perspective. Setting the model and the requirements for such goal is part of the research. We also introduce the idea of Reputation Trust Centers as a third party hosting services for reputation values with their context.
Contact for this topic:
Selected Publication
- Rehab Alnemr, Christoph Meinel, "From Reputation Models and Systems to Reputation Ontologies", Proc. 5th IFIP Trust Management, Springer IFIP, Copenhagen, Denmark, July 2011.
- Rehab Alnemr, Adrian Paschke, Christoph Meinel, "Enabling Reputation Interoperability through Semantic Technologies", ACM International Conference on Semantic Systems, Sept 2010.
- Rehab Alnemr, Stefan Koenig, T. Eymann and C. Meinel, "Enabling Usage control through Reputation Objects: A discussion on e-Commerce and the Internet of Services environments", in the special issue of Trust and Trust Management, Journal of Theoretical and Applied Electronic Commerce Research, 2010.
- Rehab Alnemr, Justus Bross, Christoph Meinel, "Constructing a Context-aware Service-Oriented Reputation Model using Attention Allocation Points", Proceedings of the IEEE Conference on Service Computing (SCC 2009), Bangalore, India, September 2009, pp. 451 to 457, ISBN: 978-0-7695-3811-2/09.
- Rehab Alnemr, Matthias Quasthoff, Christoph Meinel, "Taking Trust Management to the Next Level", Book chapter in Handbook of Research on P2P and Grid Systems for Service-Oriented Computing: Models, Methodologies and Applications,IGI Global, Hershey, 2010.
- Rehab Alnemr, Christoph Meinel, "Getting more from Reputation Systems: A Context-aware Reputation Framework based on Trust Centers and Agent Lists", The Third International Multi-Conference on Computing in the Global Information Technology, Greece, July 2008.