Page Last Updated - July 11th, 2007




My research interests are directed along two topics. The first is to investigate architecture-based approaches for developing trust-enabled decentralized applications. The second is to explore and compare different types of decentralized reputation-based trust systems with a view to better understand and model such systems.

1. Software Architecture Approach - While there exist several trust and reputation models in the research literature, there has been little work directed at identifying how these models can be integrated into the architecture of a decentralized peer. Towards this end, along with other colleagues Justin Erenkrantz and Scott Hendrickson, I developed the PACE architectural style. PACE stands for the Practical Architectural approach for Composing Egocentric Trust. The PACE architectural style provides specific design principles that guide the incorporation of trust models into the architecture of a decentralized peer. More information on the PACE style can be obtained on the PACE project web page and in my Publications.

2. Decentralized Reputation Models - My survey of decentralized trust and reputation models also revealed two other important shortcomings that have not been addressed by researchers.

  • The first is the lack of a common understanding of what a trust model is and what are the elements that constitute a trust model. Currently, there is no framework in the research literature that can help express and describe existing trust models and also serve as the basis for the creation of trust models in the future.
  • The second shortcoming stems from the fact that though there are a number of trust models proposed by researchers, there is unfortunately no framework that can help put these different models into perspective. As a result, application designers may be unable to decide what trust model to pick given certain application requirements. There is, thus, a compelling need for a comparison framework and infrastructure that will help compare these different models against their various capabilities.

My recent efforts have been directed at addressing these two shortcomings. Specifically, I am investigating how different reputation-based trust models can be expressed, evaluated, and compared. My work so far has focused on -

  • The creation of a generic extensible framework, called the 4C framework, that facilitates the rapid specification of a trust model and the generation of a corresponding XML-based trust model description. Details of the 4C framework can be found here.
  • The creation of (i) a theoretical framework, called TREF, that compares the capabilities of reputation-based trust models in the face of threats, and (ii) a java-based simulation framework, called SIFT, that simulates the behavior of trust models under different application settings and threat conditions towards (a) assisting in the selection of an appropriate model for a given application setting, and (b) pointing at future refinements to those models.