See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/224193095

Online Trust: Definition and Principles

Conference Paper · October 2010

DOI: 10.1109/ICCGI.2010.17 · Source: IEEE Xplore

CITATIONS READS
52 11,331

3 authors:

Zainab Aljazzaf Mark Perry

Kuwait University University of New England (Australia)
12 PUBLICATIONS   148 CITATIONS    109 PUBLICATIONS   439 CITATIONS   

SEE PROFILE SEE PROFILE

Miriam A. M. Capretz
The University of Western Ontario
152 PUBLICATIONS   2,829 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Trust in computing View project

Harmonisation of EU copyright law View project

All content following this page was uploaded by Mark Perry on 17 April 2014.

The user has requested enhancement of the downloaded file.

 Online Trust: Definition and Principles
Zainab M. Aljazzaf, Mark Perry
Department of Computer Science
University of Western Ontario
London, Canada
{zaljazza, mperry}@uwo.ca
Abstract—Trust is as significant a factor for successful online
interactions as it is in offline communities. Trust is an important
factor to predict the behaviour of an entity and as a criterion
for an entity selection. Most trust studies focused on trust
establishment without identifying and considering the main
trust definition components and trust principles. This paper
explores trust in the offline and the online world to extract
important trust definition components and trust principles. The
trust definition and principles are presented, which form a basis
that should be followed to establish trust online.
Keywords - Trust definition; trust principles.
I. I NTRODUCTION
In human communities, there is uncertainty about the be-
haviour of strangers. People who do not trust others avoid
interacting with them. Trust plays a significant role in facili-
tating interaction in such uncertain environments. A Trustor is
the subject that trusts a target entity. A target entity is the entity
that is trusted and is known as the trustee [1]. An entity could
be a person, a store, a bank, a service, a product, etc. An entity
can be identified by its properties such as name, identification,
picture, signature, store location, and stated policies [2][3]. An
entity’s decision to interact with others is an act of trust. In
this case, the trustor relies on and places its trust in the trustee
to accomplish the task as agreed upon [4].
In the Internet, trust establishment has additional issues. In
such an open online environment, many entities are separated
by physical distance and likely to be complete strangers. Some
entities on the Internet use real names and some have physical
stores. However, this is not always the case. Entities are
mostly not physically identified, and there are many anony-
mous entities. In addition, as in the real world, the Internet
has many domains and each has different requirements. A
domain’s requirements need to be considered to establish trust
for that domain. The trust establishment process for Internet
interactions needs consideration of requirements for diverse
organisations.
Building a distributed software system requires the interac-
tion of entities and use of resources from diverse organisations
throughout the web. In such diverse systems, different entities
spread around different domains and organizations, and pass
the boundary of community, which has clear security and trust
preferences. Service Oriented Computing (SOC) is “a comput-
ing paradigm that utilizes services as fundamental elements to
support rapid, low-cost development of distributed application
Miriam A. M. Capretz
Department of Electrical and
Computer Engineering
University of Western Ontario
London, Canada
mcapretz@uwo.ca
in heterogeneous environments” [5]. Realizing SOC promise
involves developing Service Oriented Architecture (SOA) [5].
SOA is “an architectural style for building enterprise so-
lutions based on services” [6]. A service is “a discrete unit
of business functionality that is made available through a
service contract” [6]. SOA is concerned with an enterprise
scope beyond a single application [6]. SOA can be imple-
mented using many distributed computing technologies such
as CORBA (Common Object Request Broker Architecture),
DCOM (Distributed Component Object Model), and Web
Services. Web Services gain more popularity as a technol-
ogy to implement SOA because of their important features
especially the interoperability and self description interface.
A Web Service is “self-contained, self-described, dynamically
discovered applications with Internet-based interfaces” [7].
There are three role interactions in the SOA, service provider,
an organization or platform that owns, implements, and con-
trols access to the service; service requestor, an application,
services, or the client who is looking for and invoking a
service; and service discovery agency, a searchable directory
where the description of the services is published by the
providers and searched by the requestors [8].
There are many services with similar functionalities. Ser-
vices’ non-functional properties can be the differentiation
factors between the similar services. Thus, it is important for
the requestor (trustor) to select a service (trustee) based on
its non-functional properties. Quality of service (QoS) is a
quality or non-functional properties of a service. Hoyle [9]
defines quality as “the degree to which a set of inherent
characteristics fulfils a need or expectation that is stated, gen-
eral implied or obligatory”. Quality is a non-time-dependent
characteristic. QoS properties should be considered for service
selection. Trust has been used as a criteria for service selection
[10][11][12][13].
Figure 1 [10] shows trust-based service selection ap-
proaches. In the direct experience approach, the requestor
builds trust about services after utilizing it. However, there is
a need to trust the service before executing it. In the Trusted
Third Party (TTP) approach, the consumers consult a trusted
third party for the trustworthiness of services. There are two
TTP approaches: social trust and matchmaking. In the social
TTP approach, each consumer evaluates the performance of a
service he/she consumes and the TTP gathers the evaluations
and computes the trust rate for each service. The consumer
 Trust based approach for
online service selection
Direct Trusted Third
Hybrid
Experience Party
Social (Indirect
Matchmaking SocioCognitive
Experience)
Reputation Recommendation Referrals
Fig. 1. Approaches for trust-based service selection [10]
trying to use any services consults the TTP for the trustworthi-
ness of that service. There are three classifications of the social
trust approach: reputation, recommendation, and referrals.
Reputation is a public opinion about characteristics of an entity
and it represents a collective evaluation of that entity [14].
The recommendation system aggregates recommendations and
matches between recommenders and the one searching for the
recommendation. Referral is the decentralized approach based
on software agents and communities. In the TTP matchmaking
approach, a service description is matched with user’s request
and trust preference. The hybrid approach is the combina-
tion of different approaches. The idea is to improve some
weaknesses of the other approaches by combining different
approaches. The automated trust negotiation approach builds a
mutual trust between service requestors and service providers.
Therefore, in this approach the trust is assessed in two direc-
tions: the requestor trusts the service/provider and the service
provider trusts the consumer. The automated approach depends
on the disclosure of digital credentials between the two parties.
The rest of the paper is organised as follows: Trust aspects
are presented in Section II. Section III presents and analyses
trust definitions in the trust literature. Our proposed trust
principles are presented in Section IV. Section V presents the
proposed trust definition. Section VI concludes the paper.
II. T RUST A SPECTS
This section presents briefly a number of online trust
aspects. This includes:
• Trust development phases. Trust is a dynamic concept
that can be divided into three development phases: trust
building, where trust is formed; stabilising trust, where
trust already exists; and dissolution, where trust ends [15].
• Trust characteristics. Some trust characteristics are tran-
sitivity, for example, if Alice trusts Bob, and Bob trusts
Sam, then Alice can trust Sam; context specific, trust
depends on context, for example, someone may trust a
person based on the specific context (as a doctor) but
not in another context (as a chef); multi-faceted, different
trust needs to be developed for different aspects of the
domain/entity, for example, trust based on some QoS
properties (performance, scalability, delivery timeliness,
.etc) for one domain and other QoS properties for an-
other domain; and dynamic, trust may change, decrease,
increase, become less important or irrelevant, or decay
with time [14][16].
Trust
• Online Trust Dimensions: Offline and online trust are
negotiation multi dimensional and can differ with respect to gener-
ality, the breadth of trust and it extends from general to
Trust and Direct Experience
Reputation and Reputation specific trust; kind, there are slow trust (occurs over time
in long term relationship) and swift trust (quickly created
and ended); degree, the depth of trust that a person has
and it extends from basic to guarded to extended; and
stage, the trust development stages [17].
• Principles of trust online. Some of trust principles on the
online trust literature are: trust depends on identity, is
based on information, is the function of perception of
risk, deepens over time and with increased reciprocity, is
a matter of degree, first party information is important in
developing trust, second party opinions are important in
developing trust, and third party ratings are important in
developing trust [18].
• Trust classes. Different classes of trust [19][16] can be
distinguished in the literature relating to Internet services
such as: provision trust, where the users trust an entity
and seek protection from malicious entities; resource ac-
cess trust, describe trust as principle of access resources;
delegation trust, where the agent (delegate) acts on behalf
of users; identity trust, describe the belief that an entity’s
identity is as claimed; context trust, describes trust in
the context of the present systems ability to support
transactions and do remedies; and certification of trustee,
based on the certification of the trustee by a third party.
• Categories of trust semantics. Semantics characteristic of
the ratings and trust scores are important to interpret the
meaning of those measurements. The semantic can be
described in terms of “specificity-generality” dimension
and “subjectivity-objectivity” dimension. Specific mea-
sure is based on one trust aspect, while general represents
the average of all aspects. Subjective measure is based
on judgement, while objective measure is determined by
assessing the entity against formal criteria [19].
III. W HAT IS T RUST ?
Defining trust is challenging. In the trust literature, there
are dozens of definitions, in different contexts and situations,
and considerable variation in the meaning of trust. Trust is
an important factor in many interactions involving uncertainty
and dependency. The degree of uncertainty, dependency, and
risk is higher in the online world than the offline world [15].
In the following, analysis of trust definitions in the offline
and the online world are presented to extract the important
components of a trust definition.
A. Trust Definitions in the Offline World
In English, trust means: reliability; reliance on the integrity;
confident expectation; obligation or responsibilities imposed
on someone/something in whom confidence or authority is
placed; a fiduciary relationship; being left in guardianship
of another; believe, rely; dependence; certainty; faith; no
fear of consequences; commit; hope [20][21]. Companionship,
friendship, love, agreement, relaxation, and comfort are some
emotions associated with trust [22].
“Trust is both an emotional and logical act. Emotionally, it
is where you expose your vulnerabilities to people, but believe
they will not take advantage of your openness. Logically, it
is where you have assessed the probabilities of gain and loss,
calculating expected utility based on hard performance data,
and concluded that the person in question will behave in a
predictable manner” [22]. People trust others because they
have experienced their trustworthiness and because they have
faith in human nature [22].
The hope and vulnerabilities show the presence of risk.
The agreement shows that there is a lack of control (e.g.,
monitoring) over the trustee’s behaviour. Therefore, trustor
trusts trustee with less perception of control. In addition, it
shows that no Service Level Agreement (SLA) is required
to ensure the particular action. The logical definition of trust
includes utility and shows the importance of assessing the
trustworthiness of an entity based on the calculation of the
trustee’s promised utility.
B. Trust Definitions in the Online World
In the online world, trust has been defined in different
ways by the researchers and often reflects the paradigms
of the researchers’ academic discipline. The most frequently
cited definition is: “Trust is the willingness of a party to
be vulnerable to the action of another party based on the
expectation that the other will perform a particular action
important to the trustor, irrespective to the ability to monitor or
control that other party” [23]. This definition implies that there
is something important to be lost by the trustor (i.e., vulnera-
bility). Trust is a very effective complexity reduction method,
although the user cannot have control on the behaviour of
others [15]. This implies the lack of control. Corritore et al.
[17] define online trust as “an attitude of confident expectation
in an online situation of risk that one’s vulnerabilities will
not be exploited”. The authors include some key concepts
in their definition, which are risk, vulnerability, expectation,
confidence, and exploitation. Chang et al. [24] define trust as
“the belief that the Trusting Agent has in the Trusted Agent’s
willingness and capability to deliver a quality of service in a
given context and in a given Timeslot”. This definition implies
the context-specific characteristic of trust.
“Trust is about the ability to predict the behaviour of another
party” [25]. Grandison and Sloman [16] define trust as “the
firm belief in the competence of an entity to act dependably,
securely, and reliably within the specified context”. The au-
thors defined distrust as “the lack of firm belief in the com-
petence of an entity to act dependably, securely and reliably
within a specified context”. The authors mentioned that trust
is a composition of multiple attributes such as reliability,
honesty, dependability, security, timeliness, and competence,
and different attributes have to be considered in different
environments where trust will be established.
There are two common definitions of trust in literature:
reliability trust and decision trust. Reliability trust [26] is a
context where A relies and expects B to perform a given
action on which its welfare depends. This definition includes
the dependency and the reliability concepts. Decision trust
[27] is “the extent to which one party is willing to depend
on something or somebody in a given situation with a feel-
ing of relative security, even though negative consequences
are possible”. This trust definition includes the concepts of
dependency, reliability, utility, risk attitude, law enforcement,
insurance and other remedies.
In Web Services, trust is defined in the WS-Trust specifi-
cation [28] as “the characteristic that one entity is willing to
rely upon a second entity to execute a set of actions and/or
to make assertions about a set of subjects and/or scopes”.
This definition misses the concepts of vulnerability, risk, lack
of control, and context-specificity. Other studies define and
specify trust or reputation as one of the QoS [11][12][10].
Dragoni [10] mentioned that evaluation of trust is a key
QoS aspect of Web Service selection. Maximilian and Singh
[29] presented the selection of a Web Service based on non-
functional attributes such as QoS and trust. Kalepu et al. [13]
add a “verity” metric to the QoS properties for Web Service
selection and define it as “the ability to maintain the lowest
difference between the projected and achieved levels of service
metrics”. However, trust is not a QoS. QoS properties can be
used as information to establish trust.
Often, trust is confused and used synonymously with terms
such as cooperation, faith, competence, reliance and credibil-
ity. Cooperation is either a cause or a manifestation of trust.
Trust includes reason but faith is the opposite of reason. Trust
goes beyond the belief in the competence of the trusted party.
Trust in information means that the information is credible
or believable [17]. It is possible to rely on a person without
trusting him/her [17][30]. Mayer et al. [23] add the confidence
and predictability terms as synonymous terms. With trust, risk
is assumed, but with confidence it is not.
IV. T RUST P RINCIPLES
Defining trust principles is important to establish trust. We
proposes the following trust principles based on the explo-
ration and analysis of trust literature in the offline and the
online worlds and the extension of online trust principles [18].
The developer of a trust system is required to consider the
following principles that form a basis to establish trust.
A. Trust and risk
Risk is “the likelihood of an undesirable outcome” [17].
Risk is an intrinsic part of everyday life [1]. There is an
agreement that trust only exists in a risky and uncertain
environment. Mayer et al. [23] stated that “the need of trust
arises in a risky situation”. Therefore, the trustor should have
something to lose if trust is violated. If the trustor has a higher
perception of control, the less he has a need to trust [17]. Less
perception of control increases the risk. Trust is the expectation
of the trustee’s behaviour in risky circumstances and the extent
of their commitment to the rules [18].
There has been very little work on the analysis of the
relationship between risk and trust [16]. Risk is the core of
trust [18]. Therefore, a technique is required to ensure an
entity’s reliability in risky exchange situations. In addition, it
is important also to include penalties, rewards, insurance, and
other risk remedies in case something goes wrong to support
trust intention.
B. Trust development phases
Trust goes through three development phases: trust building,
stabilising trust, and dissolution [15]. Although most studies
assume a system where trust and reputations already exist (i.e.,
stabilising trust phase), it is important to initialise a trust rate
for a new entity (i.e., building trust phase) and to address trust
failure and reconstruction (i.e., dissolution trust phase).
To establish trust, the process should consider all three
trust development phases. In the trust building phase, initial
trust formation is important. For example, the system should
initially assign trust rate for any new comer that has no rate.
This phase is a crucial stage in any trust relationship. In the
stabilizing trust phase, trust evolves over time and is based
on interaction and observation between parties. In this phase,
trust is based, for example, on the trustor’s knowledge on the
trustee from past interactions or recommendation from other
parties. In the dissolution trust phase, trust could be declined,
and it is important to study the situations of trust decline and
trust rebuilding after a decline.
C. Dynamic nature of trust
Trust is dynamic. Trust changes over time and with further
experiences [14]. Maximilien and Singh [29] identified self-
adjusting trust that is an important characteristic in an open
environment. Self-adjusting trust is “The autonomic charac-
teristic of a multi-agent system whereby the levels of trust
between the interacting parties are dynamically established
and adjusted to reflect recent interactions”. Trust establishment
should consider the dynamic nature of trust. This requires
continuous evaluation of entities’ trustworthiness. Trust broker
opinion, reputation, recommendation, and referral, are some
approaches used, for example, to evaluate, test, personalise,
evolve, and ensure trust.
D. Trust and identity
Trust depends on identity. Having identity enables the
history (i.e., past experience) of the interactions to be built and
mapped to that identity [18]. Identities allow ratings about a
specific party from the past to be associated with that same
party in the future [19]. While in the real word the identity
can be established by visual recognition or identification, in the
online world, the identity is established using authentication
and tokens [28]. Trust can be formed by join values, tasks,
and goals, and by creating collective identity (e.g., common
team name) [15].
The identity trust class ensures that entity’s identity is as
claimed [19][16]. Authentication is a mechanism where both
parties prove that they are acting with each other. Some of
authentication methods are: user name and password, digital
certificate, or tokens [8]. Those methods are used to define
the identity of the trustee [31]. Authentication systems provide
such identity using authentication techniques (such as X.509
and PGP) [28][32].
E. Categories of Trust Semantics
Semantics characteristic of trust scores is important to
interpret their measurements’ meaning. Trust can be measured
based on a specific measure of one trust aspect (e.g., perfor-
mance) or on general measure, which represents the average
of all aspects (e.g., performance, accuracy, and availability).
Trust measurement can be based on judgement or calculation
to assess the trustworthiness of an entity. Those measurement
approaches provide many alternatives to evaluate trust in trust-
based systems. In addition, using those approaches can provide
a flexible way for the trustor to select trustees based on trustor
preferences.
F. Trust relationship properties
Trust is usually specified in terms of a relationship between
a trustor and a trustee. Trust relation can be one-to-one
between a trustor and a trustee, one-to-many between a trustor
and a group of entities, many-to-one such as between the
members and the manager of a department, and many-to-many
such as the mutual trust between members of a group [16].
Trust may not be symmetric or transitive. A trust relation-
ship is not absolute in that the trustor trusts a trustee with
respect to its ability to perform a specific action within a
specific context. Context specificity implies the multifaceted
and different degrees aspects of trust. Trust varies with the
individual, organisation, and situation. This requires a re-
questor to specify the degree level of different trust aspects for
different entities. For example, executing code in the systems
needs higher level of trust than just writing to a file, and
writing to a file needs a higher level of trust than only reading
a file (resource access trust) [16].
G. Global and local rate
There are two trust rates to predict the trustworthiness of
the trustee: local and global rates [33]. Global trust rate is
a unique trust score independent of the user who did the
evaluation and define how the community as a whole trusts
a specific trustee (i.e., unique reputation seen by all users).
Local trust rate depends on the user doing the evaluation (i.e.,
personalized score). Therefore, each trustee may have different
local rates seen by different users. Global trust requires TTP to
collect reputations (feedbacks) from the trustors about trustees
in different situations. Local trust requires the user to build
personalised rate about trustees and TTPs. The advantage of
the global rate is that it communicates the experiences, but the
information is potentially unreliable and comes from unknown
or anonymous second parties [18]. Local trust is more reliable
and based on user preferences. Therefore, considering both
global and local rates is important to establish trust, which
helps the trustor to make a better selection decision.
H. Trust is based on information
There is a need to know information about the other party
to establish trust. A challenge question is: What information
should be used to build trust? Information has many dimen-
sions and each entity set its own information dimensions and
builds an information model. Entities in online world traverse
many domains with different properties and requirements. For
example, a requestor of a service has many requirements
and each seeks for different services’ properties. Therefore,
defining a unified trust information for such an open envi-
ronment is a challenge. Some studies try to define a notion of
community [34] or address trust in specific domain [4][35][10]
to overcome this problem.
I. First party information
A first party (a trustee) should provide their information to
develop trust. For example, information such as performance,
security, and privacy is used by many commercial sites to
help establish trust. QoS properties and other information
(e.g., delivery methods, insurance, privacy, security, pricing,
availability) can be considered as important information on
which to build trust. Other information can help, such as the
providers’ properties.
J. Third party ratings
An expert opinion from a TTP such as certification au-
thority, service broker, or a trust broker, plays an important
role in trust establishment, evolution, and self-adjustment. TTP
helps the users to get rates of different entities even without
having direct experience with that entity. A TTP can aggregate
feedbacks and trust rates from trustors, calculate the rates,
and provide them globally. In addition, TTP can assess the
trustworthiness of an entity by doing self calculation and
evaluation of the entities and provide its opinion globally.
Trustors consult a TTP for the trustworthiness of a trustee.
The assumption is that this TTP is a trusted party and the
consumers rely on its result [19]. Assuming that TTP is a
trusted party constitutes the introduction of a security hole
and it is important to plug this hole.
K. Trust approaches
Trust approaches, as discussed in Section I, such as di-
rect experience, reputation, recommendation, referral, and
matchmaking help build and evolve trust. Those approaches
help provide global/local rates. Combining different trust ap-
proaches (i.e Hybrid approach) improves some of the other
approaches’ weaknesses and results in a better and more robust
approach to establish trust. Weaknesses and challenges in
trust literature (e.g., unfair rating) should be resolved in trust
establishment process.
L. The distinction between trust and QoS
There is a clear distinction between trust and QoS defini-
tions. Trust is not a QoS aspect of an entity. In Web Services,
trust has been studied as a QoS or based on a set of QoS
properties. However, trust goes beyond QoS of a Web Service.
QoS properties can be used as trust information to establish
trust. A clear distinction between the two terms should be
considered in the trust establishment process.
M. Security and privacy
Security and privacy are important factors to consider in the
trust establishment process. Security and privacy are consid-
ered as important trust information to establish trust in online-
banking and e-marketing. For security, the uncertainty of
transactions can bring several risks because of the technology
infrastructure or the actors involved in the online transaction. A
technique is required to ensure security and this help establish
trust. For privacy, a trustee should accomplishes a task and do
not disclose the trustor’s information. A technique is required
to protect the privacy of a trustor’s and this help to build trust.
N. Provider’s trustworthiness
Trust ratings of a service and its provider are related and
each one affects the other. A trustworthy service provider
provides trustworthy services. The trustor of a service can
select a service based on the service’s rate or/and the service
provider’s rate. For example, a trustor trusts Amazon site for
services it provides.
Trust in Internet has a clear distinction between the trust-
worthiness of the services and the providers. The studies have
identified quality requirements for providers to assist their
trustworthiness and help the user on his/her decision to use
the providers’ services [23][15]. In web services, the idea
of trusting a web service based on its provider is neglected
[14]. However, there are little studies, which cover trusting
providers. Considering a provider rates will encourage the
provider to provide high quality services because the trust rate
of the provider and each of its services are related.
O. Trustor preferences
Trust is context specific, muti-faceted, not absolute, matter
of degree, and may not be symmetric or transitive. Therefore,
a trust-based system should support trustor preferences. The
importance of trustor preferences comes from the difference
on preferences between different trustors. This will imply
different trust rates for the same trustee seen by different
trustors (i.e., personalized trust rate). A trustor should be
able to select a trustee based on the trustor preferences. In
service selection, a requestor may request a service based
on its performance and security, given a degree of 60% for
the performance and 100% for the security. The web is an
open system that spans different countries, regulations, and
cultures. Those differences impact the trust building process.
Consider trustor preferences mitigates the division of trust
between different countries and cultures.
P. Trust classes
Provision, delegation, context, and certification of trustee
are trust classes [19][16]. To establish trust, it is important
to consider trust classes. In provision trust, a requestor can
rely on a trust broker to rate a trustee and seek protection
from malicious services. Delegation plays a big role in trust
establishment. A trustor can delegate a TTP or an agent to
act on his/her behalf to identify an entity’s trustworthiness.
In context trust, the system can support trust by having the
ability to support transactions and do remedies (e.g., use
law enforcement, insurance) in case something goes wrong.
Certification of the trustee can help to build trust. Having a
certification from third parties can enhance and ensure the
trustee’s trustworthiness. A trustor should trust certification
from the TTP given to the trustee.
V. T RUST D EFINITION
Trust is a complex subjective term. Based on the analysis
of trust definition in Section III, the trust definition should
includes the concepts of dependency, confidence expectation,
vulnerability, reliability, comfort, utility, context-specificity,
risk attitude, and lack of control. In addition, the definition
should show the assessment of trust by calculating promised
utility. Trust should not be used synonymously with many
terms such as trustworthiness, cooperation, faith, or QoS.
Therefore, this work proposes the following definition of trust:
Trust is the willingness of the trustor to rely on a trustee to
do what is promised in a given context, irrespective of the
ability to monitor or control the trustee, and even though
negative consequences may occur.
A trustworthy entity is an entity that behaves according to its
promised role, that reciprocates a trustor’s trust by completing
the interaction as agreed, and holds a positive attitude toward
the trustor’s goodwill and welfare. For example, a trustworthy
entity has a high reliability, performs an action within reason-
able time, and will not disclose privacy information.
VI. C ONCLUSIONS
This paper reviews trust in the offline and the online
worlds, and explores the trust area to extract trust definition
components and trust principles. Proposed trust definition and
principles are presented. Trust definition and trust principles
provide a solid starting point and form the basis to establish
trust. We are in the process of defining trust information and
building trust models and framework to support trust definition
and principles.
R EFERENCES
[1] R. Song, L. Korba, and G. Yee, Trust in E-services: Technologies,
Practices and Challenges. IGI Global, 2007.
[2] J. V. Dyke, “Establishing federated trust networks among web services,”
Bachelor thesis of Science in Computer Engineering, University of
Virginia, 2004.
[3] P. Resnick, K. Kuwabara, R. Zeckhauser, and E. Friedman, “Reputation
systems,” Commun. ACM, vol. 43, no. 12, pp. 45–48, 2000.
[4] T. A. Khopkar, “Provision, interpretation and effects of feedback in
reputation systems,” Ph.D. dissertation, School of Information, The
University of Michigan, 2008.
[5] M. P. Papazoglou and D. Georgakopoulos, Eds., Service-Oriented Com-
puting. Cambridge, MA: The MIT Press, 2008.
[6] M. Rosen, B. Lublinsky, K. T. Smith, and M. J. Balcer, Applied SOA:
Service-Oriented Architecture and Design Strategies. Wiley Publishing,
2008.
[7] M. Yuan and J. Long, “Securing wireless j2me,” IBM, Tech. Rep., 2002.
[8] M. Papazoglou, Web Services: Principles and Technology. Printice
Hall, 2008.
View publication stats
[9] D. Hoyle, Automotive Quality Systems Handbook, second edition ed.
Elsevier Ltd, 2005.
[10] N. Dragoni, “Toward trustworthy web services - approaches, weaknesses
and trust-by-contract framework,” IEEE/WIC/ACM International Con-
ference on Web Intelligence and Intelligent Agent Technology, vol. 3,
pp. 599–606, 2009.
[11] Z. Ying-feng and S. Pei-ji, “The model for consumer trust in c2c online
auction,” ICMSE ’06 International Conference on Management Science
and Engineering, pp. 125 –129, oct. 2006.
[12] M. N. Huhns and M. P. Singh, “Service-oriented computing: Key
concepts and principles,” IEEE Internet Computing, vol. 9, pp. 75–81,
2005.
[13] S. Kalepu, S. Krishnaswamy, and S. Loke, “Verity: a QoS metric for
selecting web services and providers,” Proceedings Fourth WISEW, pp.
131 – 139, Dec. 2003.
[14] Y. Wang and J. Vassileva, “A review on trust and reputation for web ser-
vice selection,” in ICDCSW ’07: Proceedings of the 27th International
Conference on Distributed Computing Systems Workshops. Washington,
DC, USA: IEEE Computer Society, 2007, p. 25.
[15] T. Kautonen and Karjaluoto, Eds., Trust and New Technologies: Mar-
keting and Management on the Internet and Mobile Media. Edward
Elgar, 2008.
[16] T. Grandison and S. Sloman, “A survey of trust in internet applications.”
IEEE Communications Surveys and Tutorials, vol. 3, no. 4, 2000.
[17] C. L. Corritore, B. Kracher, and S. Wiedenbeck, “On-line trust: concepts,
evolving themes, a model,” Int. J. Hum.-Comput. Stud., vol. 58, no. 6,
pp. 737–758, 2003.
[18] M. Daignault, M. Shepherd, S. Marche, and C. Watters, “Enabling trust
online,” in ISEC ’02: Proceedings of the Third International Symposium
on Electronic Commerce. IEEE Computer Society, 2002, p. 3.
[19] A. Jøsang, R. Ismail, and C. Boyd, “A survey of trust and reputation
systems for online service provision,” Decis. Support Syst., vol. 43, no. 2,
pp. 618–644, 2007.
[20] “Dictionary.com,” http://dictionary.reference.com/browse/trust (last ac-
cessed June 8, 2010).
[21] “Merriam webster online dictionary,” http://www.merriam-
webster.com/dictionary/trust (last accessed June 8, 2010).
[22] S. David, Changing Minds: in Detail. Syque Press, 2008.
[23] R. C. Mayer, J. H. Davis, and F. D. Schoorman, “An integrative model
of organizational trust,” The Academy of Management Review, vol. 20,
no. 3, pp. 709–734, 1995.
[24] E. Chang, T. Dillon, and F. Hussain, “Trust and reputation relationships
in service-oriented environments,” ICITA 2005. Third International
Conference on Information Technology and Applications, vol. 1, pp. 4
– 14 vol.1, july 2005.
[25] L. Buttyan and J. Hubaux, Security and Cooperation in Wireless
Networks: Thwarting Malicious and Selfish Behavior in the Age of
Ubiquitous Computing. New York, NY, USA: Cambridge University
Press, 2007.
[26] D. Gambetta, “Can we trust trust?” in Trust: Making and Breaking
Cooperative Relations. Basil Blackwell, 1988, pp. 213–237.
[27] D. H. McKnight and N. L. Chervany, “The meanings of trust,” Technical
report MISRC Working Paper, University of Minnesota, 1996.
[28] L. Kelvin, K. Chris, N. Anthony, G. Marc, G. Martin, B. Abbie, and
G. Hans, “Ws-trust 1.4,” Tech. Rep., February 2009.
[29] E. Maximilien and M. Singh, “Toward autonomic web services trust
and selection,” in ICSOC, M. Aiello, M. Aoyama, F. Curbera, and M. P.
Papazoglou, Eds. ACM, 2004, pp. 212–221.
[30] K. J. Blois, “Trust in business to business relationships: An evaluation of
its status,” Journal of Management Studies, vol. 36, no. 2, pp. 197–215,
03 1999.
[31] Entrust, “Web services trust and xml security standards,” April 2001.
[32] A. Abdul-Rahman, “The PGP trust model,” Journal of Electronic
Commerce, 1997.
[33] P. Massa and P. Avesani, “Trust metrics on controversial users: balancing
between tyranny of the majority and echo chambers,” International
Journal on Semantic web and Information Systems, 2007.
[34] Z. Malik and A. Bouguettaya, “Reputation bootstrapping for trust
establishment among web services,” IEEE Internet Computing, vol. 13,
no. 1, pp. 40–47, 2009.
[35] G. Zacharia, A. Moukas, and P. Maes, “Collaborative reputation mech-
anisms for electronic marketplaces,” Decision Support Systems, vol. 29,
no. 4, pp. 371–388, 2000.