Experiences from using a UML-based method for trust analysis in an industrial project on electronic procurement

Authors:
Tormod V. Håvaldsrud;Olav S. Ligaarden;Per Myrseth;Atle Refsdal;Ketil Stølen;Jon Ølnes
Affiliations:
SINTEF ICT, Oslo, Norway and Department of Informatics, University of Oslo, Oslo, Norway;SINTEF ICT, Oslo, Norway and Department of Informatics, University of Oslo, Oslo, Norway;DNV Research and Innovation, Høvik, Norway;SINTEF ICT, Oslo, Norway;SINTEF ICT, Oslo, Norway and Department of Informatics, University of Oslo, Oslo, Norway;DNV Research and Innovation, Høvik, Norway
Venue:
Electronic Commerce Research
Year:
2010

Citing 7
Cited 1

A logic for uncertain probabilities

International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Belief-based risk analysis

ACSW Frontiers '04 Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation - Volume 32
Requirements engineering for trust management: model, methodology, and reasoning

International Journal of Information Security
Probabilistic logic under uncertainty

CATS '07 Proceedings of the thirteenth Australasian symposium on Theory of computing - Volume 65
Extending UML sequence diagrams to model trust-dependent behavior with the aim to support risk analysis

Science of Computer Programming
Can we manage trust?

iTrust'05 Proceedings of the Third international conference on Trust Management
Security and management policy specification

IEEE Network: The Magazine of Global Internetworking

Threat modeling of a mobile device management system for secure smart work

Electronic Commerce Research

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper reports on experiences from using a UML-based method for trust analysis in an industrial project. The overall aim of the trust analysis method is to provide a sound basis for making trust policy decisions. The method makes use of UML sequence diagrams extended with constructs for probabilistic choice and subjective belief, as well as the capture of policy rules. The trust analysis method is evaluated with respect to a set of criteria. The industrial project focused on the modeling and analysis of a public electronic procurement (eProcurement) system making use of a validation authority service for validating electronic certificates and signatures.