Defining a trust framework design process

Abstract

Trust Management researchers have created several sound frameworks for well-defined problems based on their deep understanding of the field and the current state of the art. However, Trust Management experts are rarely contacted for the design of distributed business applications. Developers of these kinds of business applications are not familiar with latest results and are only aware of a very limited set of applicable solutions. This hinders the adaption of these novel security solutions into provided future services. To support the integration of Trust Management into these areas we defined a design process, which can be applied systematically by developers. Based on the design process they can use their scenario knowledge to narrow down their design space and finally select from a limited set of applicable implementations the best fit. We extended the static TrustFraMM meta-description of Trust Management in a way to enable it to support the exploration and exclusion of existing trust functionality implementations. We built our process on a number of requirements collected through our user-centered design approach. We also provide a possible visualization of the process which we evaluated using a paper prototype. Our process had a positive user acceptance among the questioned users. © 2013 Springer-Verlag.