SC-TRUST: A Dynamic Model for Trustworthy Service Composition in the Internet of Things

Abstract

A future Internet of Things (IoT) will feature a service-oriented architecture consisting of lightweight computing platforms offering individual, loosely-coupled microservices. Often, an end-user will request a bespoke service that will require a composition of two or more microservices offered by different service providers. However, the underlying complexities of soft compositions and the increased security risks are inherent in such a massively decentralised and distributed architecture. The use of trust management to secure the IoT is well studied in the literature. However, there are limitations to its use in service compositions in the IoT. Specifically, transparent (agnostic) trust composition and decomposition remain key problems for this area. A novel model for trustworthy service compositions in the IoT, SC-TRUST, is therefore proposed to deal with these challenges. In this study, the trust properties of service compositions and the effect of service workflows on transparent trust composition and decomposition are investigated. Based on the findings, relevant trust evaluation functions are derived to guide the compositions. SC-TRUST was implemented in a suitable application and its performance, in terms of the utility derived and the trust accuracy, convergence and resiliency, was evaluated. The results show that SC-TRUST improves the quality of service compositions and adequately mitigates trust-related attacks, thus increasing both efficiency and security.