A Framework for Modelling Trust During Information Systems Development

This Thesis aimed to design and develop a Trust Framework that would enable information system developers in considering Trust during the development of information systems and it can be confirmed that the Trust Framework has been advantageously developed.

Trust plays an extremely important part and must be present in the development of information systems development. Following the immense research that was carried out into Trust, five concepts were recognized and established to be related to Trust and are concepts that should be modelled alongside the same, explicitly Initial Trust, Security, Privacy, Risk and Reputation.

Essentially there was a deficit of ontological and methodological support to model and reason about Trust with its related concepts in one allied framework, with this
being vital as more trustworthy systems are required to be developed and currently there were no available frameworks in the literature to assist this process. To achieve this deficiency and successfully realize this niche, a framework was needed that integrated information systems Trust which would allow information system developers to consider Trust and its related concepts collectively during the development of information systems. Correspondingly for this Thesis a Trust Framework was designed and developed that consists of a trust-related ontology, trust-aware modelling language, methods that support trust analysis and a tool to automate framework support in order to assist information system developers in considering Trust during the development of information systems. Furthermore an
emphasis was put upon the functionality of the Trust Framework in the form of validating the Trust Framework with the case tool against the eSAP case study in order to ensure that Trust is taken into account in the early stages of information systems development which was fruitfully accomplished.

It is important to acknowledge that the Trust Framework developed within this Thesis provides a framework that supports some concepts and with potential to support the remaining concepts. Looking at this in detail, the Trust Framework does not support the modelling of Trust along with Risk or Trust along with Privacy because support for these concepts has not yet been implemented at this stage. With respect to Security this is supported when the Trust Framework is integrated into the Secure Tropos methodology. The concepts of Reputation, Initial Trust and Trust itself
are essentially modelled within the Trust Framework. Although Trust with Risk and Trust with Privacy is not supported within the Trust Framework, it must be elucidated
that the Risk and Privacy concepts are important and there is potential for them to be implemented within the Trust Framework in the future. Solely for this reason Chapter
3: Related Work consists of the concepts that are implemented into the Trust Framework (Trust, Security, Initial Trust and Reputation) as well as the concepts for
which there is scope within the Trust Framework for (Risk and Privacy). The same applies to Chapter 4: The Trust Ontology, which consists of the concepts that are
implemented into the Trust Framework as well as the concepts which are not implemented and for which there is scope in the future. From this point onwards and throughout the remainder of the Thesis, when Trust and its related concepts is stated this implies Trust including Initial Trust, Reputation and Security unless otherwise stated.

To summarise, the Thesis identifies the limitations, problems and/or challenges of the current state of the art with respect to Trust modelling and reasoning in information
systems development; the development of the Trust Ontology for information systems development; the development of the Trust Framework to consider Trust and its related concepts as part of the information systems development process (consisting of a process, models, corresponding methods and a modelling language); the extension of the SecTro CASE tool to support the developed Trust Framework and the integration of the proposed Trust Framework into the Secure Tropos Methodology and the validation of the framework against the Electronic Single Assessment Process (eS AP) case study.

This Thesis advances the current state of the art by being the first to model Trust and its related concepts in one single framework, the Trust Framework.

This thesis supplied via ROAR to UEL-registered users is protected by copyright and other intellectual property rights, and duplication of any part of the material is not permitted, except for your personal use for the purposes of non-commercial research and private study in electronic or print form. You must obtain permission from the copyright-holder for any other use. Electronic or print copies may not be offered, for sale or otherwise, to anyone. No quotation from the thesis may be published without proper acknowledgement.