TAS3_D10p1-v1p5.pdf

Trustworthiness – State of the Art - Accepted by European Commission in June 2009. Executive Summary: This document is the first deliverable of TAS3 WP10: Quality Measures and Trustworthiness. Trustworthiness of networked and service-oriented systems is a very broad concept that is addressed in the various TAS3 WPs from different perspectives. WP10 scope and objectives. Within WP10 we intend to focus on important system qualities that are not traditionally considered in trust literature, but nonetheless also contribute to the overall trust perception: we will contribute to the TAS3 infrastructure and governance with tools and mechanisms to verify the compliance of TAS3 services to functional and QoS specifications and to measure user-perceived usability and quality. We recall the WP10 objectives, as stated in the DoW: • Validating the functionality of the TAS offered services; • Validating the usability of the TAS architecture; • Evaluating agreed QoS parameters; • Analyzing end-user perceived QoS. The above objectives pose several outstanding research challenges in each specific subject field. Moreover, altogether they share the TAS3 innovative goals of dealing with such complementary views of trust in a holistic way, and in harmony with the more traditional “handles” of security. This deliverable. The objectives of this deliverable are twofold: to clarify the positioning of WP10 with respect to TAS3 trust provision; and to provide a survey of challenges and existing tools and technologies for the assessment of the trustworthiness dimensions addressed in WP10. We also point at some solutions that at current stage we have identified as potentially useful to address the above WP objectives. In reading this deliverable, it is important to consider that: • the project has already delivered a comprehensive state-of-art survey in Deliverable D1.1, to which we refer for getting a full exposition to TAS3 background. This deliverable is meant to complement D1.1 with deeper study of WP10 topics. • This deliverable has been extensively revised after the first TAS3 review. For completeness, and to fulfill the explicit reviewers’ requests, the deliverable content has been widened beyond the actual focus of WP10 to also include a broader overview of trust and reputation methods and a survey of security issues and testing. However, properly the place where trust management and reputation methods, including TAS3 targeted Key Performance Indicators (KPIs), will be addressed in TAS3 is not WP10 but WP5: Trust Policy Management. Security testing, as shown in Chapter 4, is very wide and a complete coverage of all its facets is outside the scope of WP10, for obvious reasons of resource limitations. In future deliverables, we will tackle anyhow some negative and fuzz testing, and will develop test suites from XACML policies (ongoing work, see hints at Chapter 8).

TAS3_D10p1-v1p5.pdf — PDF document, 1190Kb