Trusted Ecosystem (TE) ontology - Automating interpretations of trustworthiness
Abstract of the thesis 'Automating interpretations of trustworthiness'. Digital services have a significant impact on the lives of many persons and organisations. Trust influences decisions regarding potential service providers, and continues to do so once a service provider has been selected. It is common to refer to the trustor as the entity that is trusting, and to the trustee as the entity that is trusted. There is no globally accepted model to describe trust in the context of digital services, nor to evaluate the trustworthiness of entities. On one hand the term trust is commonly used in the context of digital services, while on the other hand it is overloaded with meaning and difficult to interpret. This thesis presents a novel model to describe and evaluate an entity's trustworthiness. The model is referred to as a trustworthy ecosystem model. It is based on four building blocks: a data model, rulebooks, trustworthiness evaluation functions and instance data. The data model is expressed in First Order Logic predicates. Rulebooks, which consist of constraints that reflect a particular context for reasoning about trustworthiness, are described using these predicates. The entity that is evaluating is referred to as the evaluator, and the entity that is evaluated as the evaluation subject. The evaluator corresponds to a potential trustor, and the evaluation subject to a potential trustee. Verifying whether the constraints are satisfied over a set of instance data allows an evaluator to evaluate the trustworthiness of an evaluation subject. For this purpose trustworthiness evaluation functions are specified. They contain a mandatory and a discretionary part. The mandatory part describes the constraints that must be satisfied to have the minimal basis for relevant execution of the discretionary rules. The discretionary part allows the evaluator to specify a trustworthiness evaluation policy by selecting discretionary constraints. The outcome of the evaluation provides evidence that can be used by the evaluator to decide to interact with the evaluation subject in the relationship of trustor--trustee. To demonstrate the practical feasibility of the proposed solution, a partial implementation is presented. The data model was implemented in OWL, a logic language that was established by the Worldwide Web Consortium (W3C). The data model was complemented by a data import and transformation mechanism which transforms data from public and authoritative sources into the trustworthiness evaluation data model and stores it in a graph database. A sample rulebook and trustworthiness evaluation functions were implemented in SPARQL queries. The implementation is partial because it implements only one particular rulebook, inspired by the European legislation for trust services, and because it uses a specific set of data sources for its instance data. The approach was validated by implementing the model, importing real world data, performing selective evaluations of trustworthiness and comparing their outcome to other approaches such as PKI and the Web of Trust verification.
Updated:
.