A transparent framework for trust-based collaborative decision-making

The making of decisions is a common task in software applications. The prevalence of distributed applications requires that decisions should be drawn on the basis of collective wisdoms. However, in many distributed systems, such as grid computing, peer-to-peer systems, and web servers under different domains, entities are administrated independently and do not have common trust with each other, which makes the collaboration insecure under potential attacks and brings many significant challenges to the fulfillment of multilateral decision-making. In this dissertation, we focus on the problems of how to draw decisions on the basis of collective wisdom among a group of autonomous collaborators without common trust. We present a new framework that integrates trust, collaboration and decision-making as a whole. It helps distributed applications collaborate with one another while preserving their autonomy in decision-making and mitigating potential attacks on the basis of trust metrics. In particular, we originate a three-layered abstraction model that allows distributed applications to draw trust-based collaborative decisions in a transparent way as if they are only applying stand-alone mechanisms on each local entity. Our framework comprises three principal designs. Trust-based State Variable (TSV) is a pivotal design that integrates local perceptions from each independent collaborator into system-wide perceptions on the basis of the respective interest of each collaborator. Federated Security Context (FSC) explores the solutions to manage the trust relationships and optimize communication for the trust-based collaboration. Policy Evaluation and Enforcement Agent (PEEA) further provides a design that greatly automates the evaluation of policies and the making of trust-based collaborative decisions. By implementing our framework as the Trust-based Collaborative Decision-Making (TRU-CODEM) toolkit, we greatly secure and simplify the making of multilateral decisions under a distributed system without common trust. We have also applied our trust-based collaborative decision-making framework to several practical applications, such as grid computing, web servers and e-mail servers. This framework greatly enhances their capability and security in collaboration and further supports many advanced features such as trust-based system-wide quota imposition, collaborative intrusion detection and response, and dynamic lockdown.