Page 77 - Trust in ICT 2017
P. 77
Trust in ICT 1
Konfidi uses Pretty Good Privacy (PGP) connections to determine authenticity and topical trust connections
described in RDF to compute inferred trust values. Between yourself and some person X whom you do not
know, Konfidi works to find a path of cryptographic PGP signatures to assure the identity of X, and estimates
a trust rating by an algorithm that operates along the trust paths that connect you to X. The trust paths are
formed from public person-to-person trust ratings that are maintained by those individuals.
Konfidi refers to the trust network design, the ontology used to encode it, and the software to make it usable.
The central idea is that between yourself and person X whom you do not know, there is a path of PGP
signatures to assure the identity of X. An estimated trust rating can then be computed by some algorithm
that operates along the trust paths that connect you to X. The numbered paths indicate the steps in the
process to form a Trust Network Figure 21:
1) A client makes a request to the Konfidi server, indicating the source and the sink.
2) The frontend passes the request to the PGP Pathfinder, which verifies that some path exists from
the source to the sink in the PGP Web-of-Trust.
3) The Pathfinder returns its response.
4) If thre is a valid PGP Web-of-Trust connection, the frontend passes the request to the TrustServer,
which traverses the Konfidi trust network that is built from data kept up-to-date by the FOAFServer.
5) The TrustServer responds with the inferred trust value or an appropriate error message.
6) The Frontend combines the responses of the Pathfinder and the TrustServer, and sends them back
to the client.
Figure 21 – Combined Trust Network Ontology in Konfidi
8.2.3.3 Trust Ontology for Data Usage Policy in Smart Cities
The trust ontology is used to define the trust policy formulated in the Data Usage Policy. It is possible to reuse
related concepts proposed in data usage conceptual models in Smart Cities as illustrated in Figure 22, and
extend more concepts in advance to define own trust ontology, called Trust Data Usage Ontology. Data usage
is defined by using modal operators (Obligation, Forbidden, and Permission) on following conditions: (i) class
of actors, (ii) constraints (Spatiality, Temporality, and Abstraction), (iii) class of purposes, and (iv)
monetization.
69