Karl Quinn, Declan O'Sullivan, Vincent Wade

Policy Driven Composition of Trustworthy Web Services

Knowledge and Data Engineering Group
Department of Computer Science
Trinity College Dublin

Definitions of trust generally use synonyms or trust inspiring terms in their definition. "Belief" [McKnight96], "Credibility or Reliability" [Golbeck03], "Confidence or Faith" [Shadbolt02], "Reputation" [Golbeck04], "Competence and Honesty" [Grandison00] have all been used in this way. Definitions generally try to convey that trust has a specific, quantitative, and directed (i.e. A to B, not B to A) value. Increasingly the definition of trust values and their calculation are seen as important elements of an overall security framework. Determination of an end-to-end trust value for a particular service can be brought about by reasoning over the trust metadata (including trust values) associated with each of the individual service components. Web Services will benefit from the use of trust metadata and management as it can aid in the automatic discovery or composition of trustworthy web services.

In parallel, a major direction of web service research is towards service collaboration and semantic annotation [Zhang03] through ontologies. Ontology provides a means to describe and define terms, concepts, and relationships specific to a knowledge domain such as trust and services. The development of technologies for the Semantic Web [BernersLee01] has produced ontology languages such as the W3C’s OWL (Ontology Web Language) [McGuinness03] which can be reasoned over at runtime. It is argued that trust and service metadata described with reference to such ontologies provide for improved reasoning because of its semantic basis. Trust management research is also exploring models for managing trust on an internet scale outside of the more traditional centralized systems. Furthermore trust management research has also exploring the use of policy based management [Bfix98, Bfl96, Bfs98, Keromytis03].

Given the above directions, our research focuses on combining ontology and policy based approaches for trust management. This involves the annotation of web services with trust metadata with reference to ontologies for Trust and Services which is under development. In addition users will be enabled to specify policies that determine how the management system should reason over the trust metadata for trustworthy service selection and composition.

This extended abstract: provides an overview of the key concepts of semantic web services, policy and trust; highlights important related work; and introduces our current experimentation in the area. The full paper will provide details of the results and experiences arising out of our current experiment (due for completion August 2004).