PeerTrust Prototype

The PeerTrust Project

The PeerTrust project is investigating trust negotiation in Semantic Web and P2P environments. Within the program, digital credentials can be signed XML or RDF statements that express peer properties, and policies are expressed as logic programs that tie resource access to required credentials. The ability to refer to peers, to credentials, or to other resources in PeerTrust logic programs lets us express the iterative exchange of credentials during a trust negotiation process.

The PeerTrust Prototype

The PeerTrust 1.0 prototype is available free at http://www.l3s.de/peertrust or http://sourceforge.net/projects/peertrust. PeerTrust 1.0’s outer layer is a signed Java application or applet program. It keeps queues of propositions that are in the process of being proved, parses incoming queries, translates them to the PeerTrust language, and passes them to the inner layer. Its inner layer answers queries by reasoning about PeerTrust policy rules and certificates using Prolog metainterpreters (in MINERVA Prolog, whose Java implementation offers excellent portability) and returns the answers to the outer layer. PeerTrust 1.0 imports RDF metadata to represent policies for access to resources and uses X.509 certificates and the Java Cryptography Architecture for signatures. It employs secure socket connections between negotiating parties, and its facilities for communication and access to security-related libraries are in Java.

Currently, we provide two modes of execution: secure mode and demo mode. In the secure mode, secure channels are used for communication (currently secure sockets), credentials retrieved are verified and real credentials are sent over the network. As creating credentials is not an easy task, we provided a demo mode in which the credentials are faked (no real credentials exist) and the communication is over normal sockets (not secure). This ease the modification for demostration purposes.

The following are three demos that shows how the visualization of our prototype works. Two representations are shown:

Sequence diagram: shows the interchange of messages between entities in the order they are sent or received.
Tree diagram: this diagram focuses on displaying the evolution of the negotiation as a search tree. Our algorithm currently uses a breath-first-search mechanism (although it is configurable to use different algorithms) in order to find a solution. In addition, a feature called "replay" is added in order to show in this tree the order in which the messages were received.

The demos are available from the following links (Macromedia flash is required):