Resilient trust management for Web service integration

In a distributed Web service integration environment, the selection of Web services should be based on their reputation and quality-of-service (QoS). Various trust models for web services have been proposed to evaluate the reputation of Web services/service providers. Current mechanisms are based on tracing the feedbacks to the past behaviors of Web services. However, very few of them consider the robustness and attack-resiliency of the trust models. In this paper, we present an attack resilient distributed trust management system in a Web service management environment. The proposed attack resilient trust model uses two vectors to capture the behavior and the trustworthiness of a Web service/service provider based on our analysis on the possible attacks against the trust models. We also present a set of experiments that show the effectiveness of our trust model in detecting malicious behavior of service providers.

[1]  Julita Vassileva,et al.  Trust and reputation model in peer-to-peer networks , 2003, Proceedings Third International Conference on Peer-to-Peer Computing (P2P2003).

[2]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[3]  D. Box,et al.  Simple object access protocol (SOAP) 1.1 , 2000 .

[4]  Stephen Hailes,et al.  Supporting trust in virtual communities , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[5]  Heiko Schuldt,et al.  Scalable peer-to-peer process management - the OSIRIS approach , 2004 .

[6]  Shuping Ran,et al.  A model for web services discovery with QoS , 2003, SECO.

[7]  Ernesto Damiani,et al.  Choosing reputable servents in a P2P network , 2002, WWW.

[8]  Heiko Ludwig,et al.  Defining and Monitoring Service-Level Agreements for Dynamic e-Business , 2002, LISA.

[9]  Daniel W. Manchala E-Commerce Trust Metrics and Models , 2000, IEEE Internet Comput..

[10]  Karl Aberer,et al.  Managing trust in a peer-2-peer information system , 2001, CIKM '01.

[11]  Ueli Maurer,et al.  Modelling a Public-Key Infrastructure , 1996, ESORICS.

[12]  Heiko Schuldt,et al.  Scalable peer-to-peer process management - the OSIRIS approach , 2004, Proceedings. IEEE International Conference on Web Services, 2004..

[13]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[14]  Paul Resnick,et al.  Reputation systems , 2000, CACM.

[15]  Shonali Krishnaswamy,et al.  Reputation = f(user ranking, compliance, verity) , 2004, Proceedings. IEEE International Conference on Web Services, 2004..

[16]  Francisco Curbera,et al.  Web services description language (wsdl) version 1. 2 , 2001 .

[17]  Mike P. Papazoglou,et al.  Leveraging Web-Services and Peer-to-Peer Networks , 2003, CAiSE.

[19]  Ernesto Damiani,et al.  A reputation-based approach for choosing reliable resources in peer-to-peer networks , 2002, CCS '02.

[20]  Katia P. Sycara,et al.  Using DAML-S for P2P Discovery , 2003, International Conference on Web Services.

[21]  Thomas Beth,et al.  Valuation of Trust in Open Networks , 1994, ESORICS.