In the literature, there is no clear identification of trust information for services. Zhengping et al. [103] define domain-specific trust information. Their work monitors the behaviour of Web Services for bugs during operation, which will decrease the degree of trust placed in the Web Services. The authors identified some properties of services to establish their trust, such as services’ functions and the run-time environment. Furthermore, they suggested properties for recommenders that recommends services, such as popularity and authenticity of the description. The system analyst defines the domain characteristics.
Kim and Doh [46] propose the selection of an optimal path for composing a number of Web Services based on QoS information and trust type. The trust type is the computed trust level based on aggregated ratings from the service consumer, thus indicating on estimation of the service provider’s reliability. The authors assume that trust type is associated with each service, where the assignment of trust types is performed by the clients themselves or by a trust authority. Thus, trust information is not specified and trust is based on an assumed trust type.
Other researchers address trust as a QoS [21, 95, 41, 90], build trust based on a set of QoS parameters [41, 90, 57, 38], or build trust based on QoS parameters that are related to specific system, application, or domain [21, 90, 57, 38]. Dragoni [21] mentions that the evaluation
of trust is a key QoS aspect of Web Service selection. The author uses security features of services to establish trust that satisfy the provider’s trust security requirements. Ying-Feng and Pei-Ji [95] specify trust or reputation as a QoS of Web Services. Similarly, Kalepu et al. [41] identify a new QoS attribute,verity, as an important contributor to the quality-driven selection and composition of Web Services, and they consider verity as a measure of trustworthiness for Web Services. Specifically, verity refers to the degree of variance in the compliance levels of the services and assesses the reputation of the provider based on local and global ratings. These authors identify verity for Web Services and for Web Service providers. Trust, however, has a different meaning than QoS.
Maximilien and Singh [57] model reputation as a vector of QoS attributes such as perfor- mance and reliability. Jin-Dian et al. [38] measure the possibilities of malicious behaviour and satisfaction values that measure how satisfied a user feels about a given interaction. Both measures are real numbers in the interval [0,1], where a high rate reflects a high interaction quality. Trust evaluation can include different QoS requirements, such as process time and ac- cess speed. Vu et al. [90] rank services according to their prospective level of satisfying users’ QoS requirements. However, the development of trust should consider other properties besides QoS.
Some researchers attempt to distinguish between trust and QoS and consider or use QoS as trust information [58, 94]. Wang and Vassileva [94] state the importance of defining information required for a trust and reputation mechanism. Specifically, they stated the use of QoS to build trust where trust and reputation are built for each quality property of a service and where the overall trust and reputation depend on the combination of trust and reputation for each property. Maximilian and Singh [58] distinguish between trust and QoS, and present the selection of Web Services on the basis of non-functional attributes, such as QoS and trust.
Because QoS properties are considered as important information for establishing trust or reputation, there is a need to identify QoS properties and the literature on QoS, as presented in the following subsection.
Quality of Service
There are many research efforts to define and categorize QoS as well as attempts to express, quantify, and model QoSs [48, 46, 78, 98, 83]. In [48, 41, 94, 78, 70, 65, 30, 77, 63, 34], in- cluding generic and business QoS requirements for services. Garcia and de Toledo [30] define a set of major Web Service QoS attributes. Menasce [63] examines QoS issues in Web Ser- vices, and Yu et al. [98] provide a list of QoS parameters and explain how to evaluate each. Although security is not a quantifiable QoS, these authors present a formula to test the security of Web Services based on the number of attack detections. Based on the most common QoS re- quirements in the literature, Rahman and Meziane [77] present five essential QoS requirements: readiness, transaction, reliability, speed, and security.
To identify a generic QoS, the QoS of services from the literature [48, 77, 78, 98, 46, 30, 70, 74, 24, 34, 63, 46, 20] are aggregated, including latency or network latency, execution time, response time, transaction time, reliability, scalability, capacity, robustness, exception handling, accuracy, integrity, accessibility, availability, interoperability, execution price, regulatory, time- liness, security, and transaction, which refers to ACID property: Atomicity, Consistency, Iso- lation, and Durability. Security includes: authentication, authorization, confidentiality, non- repudiation, accountability, traceability and auditability, data encryption, access control, and prevention of the Denial-of-Service attack (DoS). Table 3.1 presents the description of some QoS parameters that are used in this work.
Apart from these common characteristics, there are other QoS in the literature. O’Brien et al. [70] define other QoS requirements for SOA: Modifiability refers to “the ability to make changes to a system quickly and cost-effectively”, and testability indicates “the degree to which a system or service aids the establishment of test criteria and the performance of tests to deter- mine whether those criteria have been met”. Moreover, usability is “a measure of the quality of a user’s experience in interacting with information or services”. In addition, the authors identify the required QoS for SOA and argue that QoS can be significantly affected by SOA. Ran [78] identifies other QoS, which include a supported standard, stability/change cycle, and completeness. In addition, there is a domain or application specific QoS.
Table 3.1: QoS Parameters and Descriptions.
QoS parameters Descriptions References
Latency or Net- work Latency
“The time the SOAP message needs to reach its destination”.
[83] Execution Time The time taken by the service to execute and
process its sequence of activities.
[48] Response Time The time required to process and complete a
service request; the response time includes the execution time and the latency.
[48, 77, 30, 70, 63, 78, 98, 46] Throughput The number of requests a service can process
per unit of time.
[48, 30, 70, 63, 78] Security Offers mechanisms of authentication, autho-
rization, confidentiality, non-repudiation, ac- countability, traceability, and auditability.
[48, 78, 34, 74, 20]
Hoyle [34] identifies other quality characteristics for services, such as courtesy, comfort, competence, credibility, dependability, efficiency, effectiveness, flexibility, honesty, prompt- ness, and responsiveness. Specifically, the author argues that people are either competent or incompetent without any varying degrees of competency. Individuals are competent if they have the ability to produce the desired results when required and demonstrate performance that meets all required standards. Competence, which can be assessed under close supervision, is “the ability to demonstrate the skills, behaviours, attributes, and qualifications to the level re- quired for the job” and “a quality of individuals, groups, and organizations” [34]. “A competent entity is capable of performing the functions expected of it or services it is meant to provide correctly and within reasonable time scale” [88].
Grandison and Sloman [33] mention that trust is a complex subject relating to beliefs in honesty, truthfulness, competence, and reliability. In particular, a trustworthy service will tell the truth and be honest in interactions. Competence demonstrates a provider’s ability to provide a service and perform the function expected from it. In fact, competence is a relevant term for the environment related to services and computing systems and it applies to entities that perform an action on behalf of the trustor. A customer’s trust in the supplier’s competence and honesty will influence their decision as to which supplier to use [33]. Corritore et al. [17] suggest that
competence is one of many cognitive cues for trust, and similarly, Mayer et al. [61] present competence and honesty as trust factors for trustees. “An honest entity is truthful and does not deceive or commit fraud” [88].
Some research work [51, 40, 64] evaluate honesty of raters through long-term interaction. Specifically, Malik and Bouguettaya [51] evaluate the credibility of raters in a reputation-based framework based on the evaluation of their honestly over time. This framework aims to protect the reputation system from malicious raters and to fairly assess the providers’ reputations.
Larson [47] identifies serviceability and user satisfaction as performance measurements for service delivery, and Moorsel [65] discusses quantitative metrics and develops a framework for evaluating Internet services. This author defines three metrics that should be emerged to evaluate Business to Consumer (B2C), Business to Business (B2B), and service providers. The metrics include QoS, Quality of Experience (QoE), and Quality of Business (QoBiz). While QoE quantifies the user experience, QoBiz measures the business return.