Development and Automatic Monitoring of Trust-Aware Service-Based Software
Uddin, Mohammad Gias
MetadataShow full item record
Service-based software can be exploited by potentially untrustworthy service requestors while providing services. Given that, it is important to identify, analyze the trust relationships between service providers and requestors, and incorporate them into the service-based software. Treating trust as a nonfunctional requirement (NFR) during software development and monitoring allows clarifying these relationships and measuring the trustworthiness of service requestors. This analysis is facilitated by incorporating trust scenarios and trust models into the software. A trust scenario describes a trust relationship between interested parties based on a specific context. A trust model provides trust equations to measure the trustworthiness of service requestors based on the analysis of service-based interactions. Although much research has been devoted to monitor service quality, to date, no approach has been proposed to develop and automatically monitor service providing software from trust perspectives. In this thesis, we propose a trust-aware service-based software development framework which utilizes our proposed Unified Modeling Language (UML) extension called UMLtrust (UML for trust scenarios)to specify the trust scenarios of a service provider and incorporates our developed trust model called CAT (Context-Aware Trust) into the software to calculate the trustworthiness of service requestors. The trust scenarios are converted to trust rules to monitor service-based interactions. A service requestor is penalized for the violation of a trust rule and rewarded when no rule is violated. The trustworthiness of the requestor is then calculated (using the equations of CAT) based on the current request, outcomes of previous requests, and recommendations from other service providers. A trust-based service granting algorithm is presented to decide whether a service requestor should be granted the requested service. A trust monitoring architecture is presented which is assumed to reside in each service provider. The monitor uses trust rules from UMLtrust specifications and trust equations from CAT to analyze service-based interactions. The incorporation of the monitor into a provider makes it trust-aware. A trust monitoring algorithm is provided to analyze interactions and make decisions at run-time. A prototype of a file sharing service-based grid is implemented to evaluate the applicability of our framework that confirms the effectiveness of the framework.