Embed Size (px)
Citation preview
Managing Social Overlay Networks in SemanticOpen Enterprise Systems
Florian Skopik, Daniel Schall, Schahram DustdarDistributed Systems Group
Vienna University of TechnologyArgentinierstraße 8/184-1, A-1040 Vienna, Austria
{skopik|schall|dustdar}@infosys.tuwien.ac.at
ABSTRACT
Cross-enterprise collaboration has emerged as a key survivalfactor in today’s global markets. Semantic Web technologiesare the basis to establish enterprise interoperability includ-ing data mediation support and automatic composition ofservices. Capabilities of services are semantically describedand reasoning techniques support the discovery and selectionof services at run-time. These technologies are commonlybased on precisely defined enterprise ontologies. In con-trast to Semantic Web technologies that cover interactionsbetween (technical) services, human collaborations emergebased on social preferences. Social networks have become amass phenomenon. The fundamental aspects of these net-works are to manage personal contacts and to share profileinformation with friends. These principles are increasinglyharnessed in businesses and professional environments. Ina manner similar to service-oriented systems, they enableflexible discovery and dynamic collaborations between par-ticipants. In this paper, we discuss the concept of socialoverlays for Web service based collaboration infrastructures.This mechanism enables information flows between actorsin order to allow for flexible group formations in highly dy-namic large-scale networks.
Categories and Subject Descriptors
H.3.5 [Online Information Services]: Web-based Ser-vices; H.4 [Information Systems Applications]: Mis-cellaneous; I.2.11 [Distributed Artificial Intelligence]:Coherence and coordination
General Terms
Human Factors, Management, Measurement
Keywords
Semantic Service-Oriented Collaboration, Social Networks,Formation
Permission to make digital or hard copies of all or part of this work forpersonal or classroom use is granted without fee provided that copies arenot made or distributed for profit or commercial advantage and that copiesbear this notice and the full citation on the first page. To copy otherwise, torepublish, to post on servers or to redistribute to lists, requires prior specificpermission and/or a fee.WIMS ’11, May 25-27, 2011, Sogndal, NorwayCopyright 2011 ACM 978-1-4503-0148-0/11/05 ...$10.00.
1. INTRODUCTIONThe rapid advancement of ICT-enabled infrastructure has
fundamentally changed how businesses and companies op-erate. Global markets and the requirement for rapid in-novation demand for alliances between individual compa-nies. Such alliances are created on different scales rangingfrom short- to long-term. A long-term alliance is typicallya merger of companies or individual organizational units.Short- to mid-term alliances are commonly created to per-form joint collaborations with the goal of fulfilling businessobjectives. Organizations have become open enterprises sys-tems (OES) that offer capabilities as services. Capabilitiescan be discovered and composed to form new alliances. How-ever, such systems do not only span automated interactionsamong (technical) services, but require humans actors tobe in the loop. Today’s Web applications facilitate interac-tive knowledge sharing, information exchange, user-centeredcontent creation, and collaboration on the WWW. Even inbusiness environments, Web 2.0 tools increasingly provideusers the free choice to interact or collaborate with eachother in virtual communities. The Web becomes therebya medium of interwoven human and service interactions.These principles have also changed models for computingon the Web by utilizing human manpower through crowd-sourcing platforms (e.g., Amazon Mechanical Turk [4]).
There are two obstacles hampering the establishment ofseamless communications and collaborations across organi-zational boundaries: (i) the dynamic discovery and compo-sition of resources and services, and (ii) flexible and context-aware interactions between people residing in different de-partments and companies. Here we address challenges re-lated to human interactions in dynamic service-oriented sys-tems. Semantic technologies and platforms [5] provide themeans to automate the discovery and interactions of com-positions. Semantically-enriched collaboration services pro-vide the means for flexible interaction support. The techni-cal composition layer of a service-oriented system (SOA) hasreceived considerable attention in recent years from both theresearch community and industry. Considerably less atten-tion was devoted to human aspects and interaction prefer-ences in such systems. For example, people use services toperform collaborations.
We focus on social aspects in cross-organizational collab-orations enabled by SOA. In order to take advantage ofsocial preferences, we propose social network principles toovercome limited information flows in collaborative environ-ments. Social interactions between network members allowsto influence and control information flows.
Challenges and Approach Outline In this work weaddress challenges related to the automated management ofsocial network based on interactions in cross-organizationalcollaborations.
• Top-down composition and interaction model are typ-ically designed for long-term use. Dynamic environ-ments that are short- to medium-lived such as openenterprise systems require dynamic interaction mod-els. Flexible interactions with the purpose of commu-nicating, coordinating, and collaborating need to besupported in a service-oriented manner.
• Theories found in social network analysis are promisingcandidate techniques to support flexible interactions.Since interactions take place dynamically, capturingthe purpose and context of interactions to infer mean-ingful social relations remains challenging.
• Social network principles such as formation algorithmshelp to overcome limited information exchange in sep-arated collaborative networks through propagation ofprofile data. From the technical point of view, adaptiveinformation flows need to be supported using servicestechnology. Information needs to be discovered andexchanged based on the underlying social network.
The Semantic Web and related technologies have madeimportant contributions to pave the way towards the ef-fective interoperability of enterprise systems and infrastruc-tures. Due to the proliferation of Web 2.0 collaborationprinciples and Semantic Web technologies, a combinationof these approaches seems to be promising to create novelcross-enterprise collaboration systems. In the following wegive an outline of our approach.
Interaction
Logs
Service
Invocations
Enterprise Interoperability
Interaction Network
Analysis
Sv SwSu Sw
Semantic Web
Service Infrastructure
Social Network and
Collaboration Platform
Group Formation
Support
Enterprise Collaboration
? ?
??
1
2
3
Figure 1: Enterprise collaboration and interoper-ability through social and Semantic Web techniques.
Figure 1 illustrates the fundamental motivation of apply-ing and combining Semantic Web methodologies with Web2.0 concepts. We show two main building blocks (i) En-terprise Interoperability and (ii) Enterprise Collaboration tosupport a seamless service-oriented infrastructure for cross-organizational collaboration in open enterprise systems. TheSemantic Web Service Infrastructure provides the meansto enable efficient and dynamic interactions spanning hu-mans that belong to different organizational units. Un-derneath, Web services build an abstraction mechanism forintra-organizational infrastructures and resources and there-fore, are the ideal technical grounding to enable interac-tions across organizational boundaries. Observing interac-tions and collecting collaboration data (Interaction Network
Analysis) helps to support humans in building up new rela-tionships by recommending new partners or notifying aboutpossibly interesting business opportunities. A Social Net-work and Collaboration Platform allows people to managetheir personal contacts and interact with well-known collab-oration partners in context of certain projects. Group For-mation Support concepts applied in collaborative networksallow actors to discover unconnected members using profileinformation, to build alliances, and to dynamically establishreliable information flows in order to exchange profiles.
Our Contributions. In this paper we deal with:
• Cross-Organizational Application Model. Cross-orga-nizational scenarios are supported considering socialaspects of interacting humans on the Web and techno-logical interoperability using Semantic Web concepts.
• Group Formation. Formation is typically based uponsophisticated member discovery techniques. Thus, en-abling actors to share personal profiles and informa-tion in a trustworthy manner is a key concept of ourwork. We discuss a social trust based access con-trol (TBAC) mechanism that accounts for dynamicallychanging trust relations.
• Specification and Implementation. We discuss the im-plementation of social overlay networks using today’sWeb technologies, including Semantic Web services,interaction mining techniques, public key infrastruc-tures, and the Friend-Of-A-Friend (FOAF) ontology.
• Evaluation and Discussion. We evaluate proposed mod-els and their application in virtual communities, andderive general findings for designing applications forsocially-enhanced service-oriented environments.
Structure of this Work. The remainder of this pa-per is organized as follows. In Section 2 we outline ourapproach of linking Semantic Web paradigms with socialnetwork concepts, and introduce a large-scale collaborationplatform utilizing techniques from both domains. Conceptsfor distributed social network management are further pre-sented in Section 3. We specify and implement this systemas shown in Section 4. Then, we evaluate and discuss ourwork in Section 5. Section 6 deals with related work andSection 7 concludes the paper.
2. SOCIAL OVERLAYS IN SEMANTIC SOAEnterprise collaboration and interoperability services are
going to become an invisible, pervasive, and self-adaptiveknowledge and business utility for any industrial sector anddomain. The goal is to enable rapid set-up, efficient manage-ment and effective operation of different forms of businesscollaborations, from the most traditionally supply chains tothe most advanced and dynamic business ecosystems. Fig-ure 3 shows an overview of our layered approach to enablereliable and flexible formation of collaboration groups: (i)the Service Layer provides the technical infrastructure tosemantically describe and host Web services in order to en-able cross-organizational collaborations; (ii) the InteractionLayer provides the means of Web service-based human inter-actions; e.g., allows actors to communicate and collaboratewith others using dedicated services from the bottom layer;(iii) the Monitoring Layer, observes interactions collected
Semantic Web Service Infrastructure
Presentation Layer
Business Layer
Data Layer
Web Portal, Single Point of Access
Sin
gle
S
ig
n–
on
La
ye
r
User data Context data
Collaboration
Artifacts
Social Network and Collaboration Platform
Data Layer
Business Layer
WS
DL
Inte
rface
Data Layer
Business Layer
WS
DL
Inte
rfa
ce
Semantic
Services
Goal
Compo-
sition
Support
BPMN
Engine
GUI
Log-i
n
Po
rta
l M
an
ag
em
en
t
...
Liferay
Support
COIN Baseline
IFrame
BO
Ch
ara
cte
riza
tio
n
BO
Re
ward
ing
Srv
...
COINBaseline
Portlets
Co
mm
un
ica
tio
n S
rv
BO
Re
ward
ing
Srv
...
WSDL Interfaces
GSP
Comm-
unication
Interface
Integrated Services
Pro
du
ction
P
lan
nin
g
Liferay Basic
Services
Access
Rig
hts
Reg
istr
atio
n
... S
e c
u r
i t
y
L a
y e
r
eMailService
Services Implementation
Product Management Service
Customer Support Service
Services Implementation
Services Implementation
WS
DL
Inte
rface
Communica-tion Manager
Composition
Selection andRanking
Data Mediation
Choreography
Re
so
urc
e M
an
ag
er
Core
Security Manager
Discovery
Monitoring
Invoker
S e
c u
r i t
y
L a
y e
r
S e
c u
r i t
y
L a
y e
r
Goals
Servi-ces
Onto-logies
Medi-ator
Web Services 1...n
Pro
duct
De
ve
lop
me
nt
Pro
ject
Ma
na
ge
me
nt
Hu
ma
n
Inte
ractio
n
uses
Figure 2: The COIN Framework enabling cross-organizational collaboration and interoperability.
from various sources (i.e., interaction services); and (iv) theDiscovery Layer discovers social relations gathered throughmining of interactions and profile properties, and supportsgroup formation based on evaluating network links.
Interaction
Layer
Service
Layer
Monitoring
Layer
Discovery
Layer
Figure 3: Model for social overlay networks.
2.1 Semantic Web Service InfrastructureIn order to realize the vision of cross-organizational collab-
oration and interoperability, various multi-national researchprojects, such as within the EU Seventh Framework Pro-gram1, are conducted. The COIN project2, where our con-tributions of this paper are embedded, aims at developinga basic platform for future Web based cross-organizationalcollaborations. In the following, we discuss the architecturalmodel of semantically-enriched social OESs and outline uti-lized major concepts on each layer.
The COIN project aims at providing an open, self-adaptiveintegrative solution for Enterprise Interoperability and En-terprise Collaboration. Service orientation is a well-suitedand widely adopted concept in collaboration scenarios, there-fore, COIN utilizes state of the art SOA concepts, includ-ing Semantic Web technologies and Software-as-a-Service(SaaS) models (see [17] for more details). With respect toEnterprise Collaboration, COIN supports numerous features
1http://cordis.europa.eu/fp72http://www.coin-ip.eu
that focus on product development, production planningand manufacturing, and project management in networksof enterprises. As a fundamental aspect, human interac-tions exist in all forms and phases of virtual organizationsand play a major role in the success of collaborations withinopen enterprise networks. Therefore, understanding humaninteractions and providing advanced support for efficient andeffective interactions, is one of the key objectives in COIN’sEnterprise Collaboration research track.
The COIN Framework (see Figure 2) consists of (i) theSocial Network and Collaboration Platform (SCP) that pro-vides fundamental features that are required in (nearly) ev-ery collaboration scenario, and (ii) a Semantic Web ServiceInfrastructure (SSI) that allows extensions with services fol-lowing the SaaS model from third party providers. The SCPis designed for and tightly coupled to a community portalthat provides an effective way to configure and personalizethe SCP for specific end-users by providing customized ser-vices and tools. Single sign-on- and security mechanismsspan services and tools across layers. The SSI relies on Se-mantic Web technologies, implemented by the Web ServiceModeling eXecution environment (WSMX)3 [19] and is uti-lized to discover, bind, compose, and use third-party servicesat run time. Because of its extensibility and configurability,the COIN platform can be applied in a wide variety of dif-ferent collaboration scenarios, ranging from traditional pro-duction planning to social campaigning and interest groupformations in professional virtual communities. For enablingcontext-aware interactions, the following baseline compo-nents are of major interest (i) user data, including skillsand interest profiles, (ii) context data, such as current ongo-ing activities and user preferences, (iii) integrated baselineservices for communication and coordination (e.g., e-mailnotifications, and instant messengers), (iv) the SCP as theplatform to host extended human interaction services.
2.2 Human Interaction LayerOpen enterprise systems that allow to form virtual or-
ganizations pose additional challenges to human interaction
3http://www.wsmx.org
support. Typically such virtual organizations are temporaryalliances that form and dissolve again. Various actors fromdifferent physical organizations are involved collaboratingand working on joint activities. Figure 4 shows a seman-tic representation (i.e., an ontology) of utilized concepts,grouped in communication, coordination and collaborationentities.
MessageIM Message
Skype Text
Message
Virtual Organization
Individual
Physical
Organization
Virtual
Community
Member
Profile
Strategic
NetworkDomain
VO
Notification
Message
Individual
Notification
Organization
Notification
Genric
Resource
Rating
Delegation
Task
Internet Forum
Entry
1…*hasVO
1…*hasVO
1…*hasOrg
1…*hasOrg
1…*hasInd
1hasMsg
1hasFrom
1…*hasMember
1…*hasMember
1…*hasMember
1hasTask
1hasRes
1…*hasDomain
1hasDomain
1…*hasMember
1…*hasMember
1hasTo
1…*hasInit
1hasContext
Activity
1hasActivity
Co
mm
un
ica
tio
nC
oo
rdin
ati
on
Co
llab
ora
tio
n
0…*hasMemship
0…*hasMem
ship
1hasFrom1 hasTo
Figure 4: Enterprise collaboration ontology.
Various artifacts need to be created in order to integratecommon WSDL-based Web services into the Semantic Webinfrastructure of WSMX [38]. We provide a basic descriptionthat acts as the underlying basis for the rest of this paperin the following:
• Enterprise Collaboration Ontology: A collection of pre-defined semantic concepts establishes data interoper-ability through transformation, mediation, and reason-ing. As depicted by Figure 4 the basic enterprise col-laboration entities and their relations are well definedin a baseline ontology.
• Semantic Goals: A client specifies the objective to beachieved in terms of a goal [36], and the system re-solves this by automated detection, composition, andexecution of Web services. This concept allows dy-namic discovery based on functional as well as non-functional properties, and advanced composability ofservices and service instances respectively.
• Grounding Descriptions: Since WSMX functionalitiesoperate on semantic descriptions of messages, non-semantic messages require transformations to semanticrepresentations and vice versa (i.e., lowering and liftingscripts).
• Semantically-enriched WSDL Interface: Data typesused by Web service interfaces (WSDL) need to belinked to corresponding grounding scripts that mediate
data between standard SOAP messages and semanticgoals (RDF).
We utilize Semantic Web technologies to cope with inher-ent dynamics of open enterprise systems and to keep theenvironment manageable. In particular, we use the WSMX[19] platform to enable
• Cross-Organizational Abstraction. Since members fromvarious domains and organizations need to interact, weuse Semantic Web Services as an abstraction from or-ganizational structures in order to distribute communi-cation facilities. Typically members of virtual commu-nities use their organizations’ resources and infrastruc-ture; Web services resolve the need (semantic goal) ofinteraction to actual SOAP requests and additionallymediate between differing ontological concepts.
• Context-aware Interaction Channel Selection. Select-ing appropriate communication, coordination, and col-laboration service does not only depend on functionalneeds, but also on contextual constraints. For instance,the delivery of a message (described by a semanticgoal) can be achieved through e-mail services, instantmessaging, or postings in Internet forums. The ap-propriate channel can be selected based on user data(location, privacy rules) and messages (priority, size).
2.3 Monitoring LayerInteractions are observed and collected to determine so-
cial relations. We designed the system to manage relationsby evaluating occurring interactions and therefore, unbur-den network participants – at least partly – from managingtheir relations manually. Logging invocations of collabora-tion services is the basis for advanced interaction analysis,and allows to infer social relations that are described by ob-jectively measured metrics, such as average response times,availability, or reciprocity.
Formally, a virtual community is a special kind of socialnetwork, where the single actors participate to perform ac-tivities. A community is modeled as a directed graph, wherevertices V represent the actors that are connected throughedges E. A directed edge from actor u to v is denoted as euv.Activities A are a fundamental part of our model; thus, wedescribe the graph model of a community as G = (V,E,A).The concept of an activity a ∈ A is used to include a setof participants. Thus, in short, activities describe the col-laboration boundaries and goals. Network members interactin scope of particular activities (i.e., to reach certain goals).Interactions are collected to determine (i) the center of inter-est of single network members by evaluating the frequencyof used keywords [31, 33], and (ii) the strength of a social re-lation by determining the similarity of the center of interests[35]. Since these techniques have been extensively discussedin previous work, we do not present a detailed descriptionin this paper.
2.4 Discovering Relevant Social NetworksIn our framework, an actor has several passive links, mod-
eled as FOAF relations, that express business/personal con-tacts (typically emerged from previous collaborations), butnot describing that interactions are performed along theselinks. An actor can activate these links by initiating a newcollaboration, e.g., setting up a joint activity. However, due
to resource constraints, members can only participate in alimited amount of concurrent activities, and thus, the num-ber of simultaneously active links is limited. Hence, collab-oration partners are discovered and selected carefully, con-sidering required effort and received benefit.
Direct relations are established to create a typical socialnetwork. Since single members usually build up strong rela-tions to only a small amount of partners, reliable informationflows through collaborative networks, such as exchanging ex-pertise and interest profiles, are limited. Thus, the discoverylayer allows actors to exchange business contacts by sharingand propagating (parts of) profiles over intermediate nodes.Each actor’s connectivity to other community members isdetermined by issuing keyword-based queries [32] denotedby the query context Q. The query context is described bya pool of keywords (e.g., describing certain expertise areas)picked from global taxonomies. Using logged interactiondata (and additional manual ratings) the link weight fromone actor to another is calculated using a social trust metricthat is discussed in detail in the next section.
3. SOCIAL NETWORK MANAGEMENTThis section discusses a framework enabling distributed
profile management in large-scale Web-based open enter-prise systems. Profiles are shared among members and eval-uated to discover potential collaboration opportunities basedon interest similarities, coverage of expertise needs, projectparticipation, and organizational memberships.
3.1 Architectural Overview and DesignSince information sharing with mostly unknown individ-
uals in large-scale environments is a delicate matter, ourframework applies common security standards to encryptsensitive information and therefore, enables selective sharingof information. We adopt one of the most popular encryp-tion concepts, in particular public key infrastructure (PKI)[1] for that purpose.
Profile Management
User Portal
Personalized Analysis
Web Infrastructure
logging
data
public
keys
FOAFs
sigs.
docs.
Public Key Server
Member Discovery
Signature and Encryption
Data Preparation
Rule-based Fragmentation
Profile Creation and Update
Data MiningMetric
Calculation
E-mails
Discussions
Ratings
Private Web
Server
Profile Management
Profile Sharing
Figure 5: Architecture supporting discovery in self-managed social networks of open enterprise systems.
The fundamental architecture of our framework is de-picted in Figure 5. Basically, the left side consists of globallyavailable components, such as various Web servers owned byindividuals and organizations, public key servers, and col-laboration tools hosted in a semantic Web services environ-ment, including e-mail infrastructures, discussions forums,and rating platforms. The right side comprises distributedcomponents that are replicated for each user (and groups ofusers forming closed communities respectively) to managetheir profiles from their personal point of view. The archi-
tecture consists of the following three layers: (i) Personal-ized Analysis enables data aggregation from collaborationtools and data mining to determine collaboration relations.Basically, the strength of social relations is inferred by calcu-lated various interaction and behavior metrics from mininge-mail data or Internet forum entries [31, 33]. (ii) ProfileManagement includes features to semi-automatically createand update FOAF profiles with calculated metrics. Pro-files are encrypted and valid signatures created so that onlyclose collaboration partners can decrypt and use them fordiscovering actors. (iii) the User Portal hosts tools to dis-cover potential partners and sharing and managing personalprofiles.
3.2 Emergence of Social Relations and TrustWe believe that trust and reputation mechanisms are key
to the success of open dynamic service-oriented environ-ments. However, trust is emerging based on evidence, i.e.,interaction behavior. Interactions, for example, may be cat-egorized in terms of success (e.g., failed or finished) andimportance. Therefore, a key aspect of our approach isthe monitoring and analysis of interactions to automaticallydetermine trust. We argue that in large-scale SOA-basedsystems, only automatic trust determination is feasible. Inparticular, manually assigned ratings are time-intensive andsuffer from several drawbacks, such as unfairness, discrimi-nation or low incentives for humans to provide trust ratings.
Trust Definition. In contrast to a common security per-spective, social trust refers to the interpretation of previouscollaboration behavior [33] and the similarity of dynamicallyadapting interests [16, 35]. Especially in collaborative envi-ronments, where users are exposed to higher risks than incommon social network scenarios [12], and where businessis at stake, considering social trust is essential to effectivelyguide interactions. Much research effort has been spent ondefining and formalizing trust models (for instance, [18, 40]).
Here, we define trust as follows: Trust reflects the expec-tation one actor has about another’s future behavior to per-form given activities dependably, securely, and reliably basedon experiences collected from previous interactions.
Interaction Metrics. In order to support the emergenceof social relations, we utilize the following two metrics:
Interest Similarity isim. This metric determines the over-lap of actor interests, which is an important measure to findmotivated partners in the same interest area. We managekeywords used by actors u and v as interest profile vectorspu and pv respectively (see [35] for details), and determinethe similarity of profiles through the cosine between theirprofile vectors (Eq. 1). The result is a value between 0 (nooverlap) and 1 (full overlap).
isim(u, v) = cos(pu,pv) =pu · pv
|pu||pv |(1)
Reciprocity recpr. A typical social behavior metric is reci-procity [14] that here reflects the ratio between obtained andprovided support in a community. Let REQ(u, v) be the setof u’s sent support requests to v, and RES(u, v) the set ofu’s provided responses to v’s requests. Then we define reci-procity in [−1, 1] as in Eq. 2; hence, 0 reflects a balancedrelation of mutual give and take.
recpr(u, v) =|RES(u, v)| − |REQ(u, v)|
|RES(u, v)|+ |REQ(u, v)|(2)
The actual strength (weight w respectively) of a socialtrust relation is determined by normalizing, combining andweighting these metrics whenever a discovery process is started,i.e., a query issued. While isim is a globally valid metric,recpr is bound to distinct contexts Q (e.g., expertise areas).In particular, interactions bound to all activities whose de-scription match at least one of the query keywords issued fordiscovering neighbor nodes are considered when calculatingrecpr. Currently we employ flat keyword-based matchingonly, however for more advanced ontology matching tech-niques see [10, 13]. Eq. 3 allows for the balancing betweentwo cases: (i) newcomer support versus (ii) weighting of linksof well established actors (based on evidence). The factor αcan be adjusted based on the requirements for each case. Forexample, by setting α = 1, newcomer support becomes moredominant since isimuv accounts for interest (profile) simi-larities. Whereas, the other case with α = 0 puts strongeremphasis on already established links by accounting for thepreference towards existing relations.
wQ(u, v) = α · isim(u, v) + (1− α) · recprQ(u, v) (3)
3.3 TBAC - Trust based Access ControlTrust Bases Access Control (TBAC) supports the discov-
ery of collaboration partners and subsequently the formationof groups and networks in open enterprise systems using dis-tributed profile information. The main idea is to allow actorsto access the profiles of other network members based on thestrength of social relations, e.g., social trust. In other words,only trustworthy partners are allowed to access, in particularread, someone’s personal profile information. Key principlesof the proposed approach are:
• Self-managed Distributed Profiles. Actors manage theirpersonal profiles in a distributed manner, i.e., profilesare fully under control of the respective actors.
• Public and Private Scopes. Some profile informationmay be available public, for instance, expertise areaand basic contact details in order to discover new col-laboration partners. However, access to sensitive in-formation, e.g., private contact details and friend rela-tions, is restricted.
• Social Trust-based Access Control. Access to privatefragments of profiles is granted based on strengths ofsocial relations. For instance, close collaboration part-ners can read larger parts of an actor’s profile. Socialtrust relies on interactions and an update of personalrelations can be triggered by actors using logged in-formation from the SOA infrastructure. Note, onlylogged interactions with personal involvement are used.
• Public Key Infrastructure (PKI). PKI is the means toenable public and private profile scopes and to addressprivacy concerns in open distributed environments.
Transitive Access. As in the real world, informationis not only shared between direct neighbors, but can tra-verse several intermediate nodes. Using this approach allowssharing of profiles along trusted paths even if actors are notdirectly connected in the social network. This spreading ofinformation relies on the principle of recommendation andpropagation of trust respectively [18]. Since all involved par-ties are connected with a strong trust path, privacy is still
maintained. Transitive access is an important concept toovercome inherent limitations of trust based discovery only.
4. IMPLEMENTATION DETAILSThis section deals with the specification and implementa-
tion of the proposed social overlay model to realize dynamicdiscovery in semantically-enriched collaborative open enter-prise systems.
4.1 Adaptive Distributed Profile ManagementThe mainly applied techniques are the Friend-Of-A-Friend
(FOAF)4 ontology, Public Key Infrastructure, in particularGnuPG5, and Web-Of-Trust (WoT)6 schemas.
4.1.1 Friend-Of-A-Friend Profile Management
Various concepts and protocols have been proposed tomanage open social and collaborative networks in a dis-tributed manner. The Friend-Of-A-Friend (FOAF) conceptis one of the most popular ones on the Web. It allows tomodel user properties, interests and relations with a well-known ontology. We apply FOAF to facilitate the discoveryprocess used to find potential collaboration partners.
1<?xml version="1.0"?>2<rdf:RDF xmlns:foaf="http://xmlns.com/foaf/0.1/"3xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
4xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"5xmlns:foaf="http://xmlns.com/foaf/0.1/"
6xmlns:dc="http://purl.org/dc/elements/1.1/"7xmlns:wot="http://xmlns.com/wot/0.1/"8<foaf:Person rdf:ID="me">
9<foaf:name>Florian Skopik</foaf:name>10<foaf:nick>florian</foaf:nick>11<foaf:mbox sha1sum>a4b378...</foaf:mbox sha1sum>
12<wot:haskey rdf:nodeID="KeyFS" />13<foaf:interest rdf:resource="http://..." />14<foaf:currentProject>15<foaf:Project>16<dc:title>Implementation Module X</dc:title>17<dc:description>WS, programming, java</dc:description>18<dc:identifier rdf:resource="http://.../activity#4539"/>19</foaf:Project>20</foaf:currentProject>21<foaf:knows>22<foaf:Person>23<foaf:mbox sha1sum>1a4578...</foaf:mbox sha1sum>
24<foaf:name>Daniel Schall</foaf:name>25</foaf:Person>26</foaf:knows>27</foaf:Person>28</rdf:RDF>
Listing 1: Example of public FOAF file.
Listing 1 shows a simplified example of a public FOAFprofile, containing basic personal properties (name, nick,interest) and social relations (knows). The Web of Trust(WoT) RDF ontology is used to integrate concept of a pub-lic key infrastructure into FOAF profiles, as demonstrated inListing 2. The property haskey links a public key (pubkey-Address), hex_id, and fingerprint to a person. Further-more, a person’s private key is used to sign the own FOAFprofile and therefore, to guarantee for integrity and authen-ticity. Notice, the only guarantee regarding authenticity isthat the FOAF signer is owner of the registered mail accountthat has been used to create the key pair.
4http://xmlns.com/foaf/spec/5http://www.gnupg.org6http://xmlns.com/wot/0.1/
1 <!−− restricted part of FOAF profile −−>
2 <rdfs:seeAlso>3 <foaf:Document rdf:about="http://.../foaf-private.rdf.asc">4 <wot:encryptedTo>5 <wot:PubKey wot:hex id="34c5a421b" />6 </wot:encryptedTo>7 </foaf:Document>8 </rdfs:seeAlso>9
10 <!−− digital signature for this file −−>
11 <rdf:Description rdf:about="">12 <wot:assurance rdf:resource="foaf.rdf.asc" />13 </rdf:Description>1415 <!−− public key of the owner/signer of this file −−>
16 <wot:PubKey rdf:nodeID="KeyFS">
17 <wot:hex id>3756EA0B</wot:hex id>18 <wot:length>1024</wot:length>19 <wot:fingerprint>03f4...</wot:fingerprint>20 <wot:pubkeyAddress rdf:resource="http://.../key.asc"/>21 <wot:identity>22 <wot:User>23 <foaf:name>Florian Skopik</foaf:name>24 <foaf:mbox sha1sum>a4b378...</foaf:mbox sha1sum>
25 </wot:User>26 </wot:identity>27 </wot:PubKey>
Listing 2: Signing FOAFs (wot:assurance) and link-ing encrypted content (rdfs:seeAlso).
Access to parts of a FOAF document may be restricted tocertain users (whose public keys are used to encrypt thoseparts). We utilize this concept for (i) private information,such as private phone numbers or chat accounts that canonly be decrypted and used by close neighbors (connectedvia knows), and (ii) personal ratings that are given eitherexplicitly (manually) or implicitly (through data mining ofe-mail logs, instant messaging (IM) logs, or Internet forums).We understand privacy as a major concern when applyingmining techniques; hence, mining of metrics is performedfrom each actor’s perspective (or at least limited to certaingroups of experts). This means that data is not stored cen-trally but managed on the client side and private servers.
1 <rdf:RDF xmlns:foaf="http://xmlns.com/foaf/0.1/">2 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
3 xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#">4 <foaf:Person>5 <!−− mbox sha1sum links to public FOAF profile −−>
6 <foaf:mbox sha1sum>a4b378...</foaf:mbox sha1sum>
78 <!−− private contact details −−>
9 <foaf:mbox rdf:resource="mailto:[email protected]"/>10 <foaf:phone>+43 xxxx xxxx</foaf:phone>1112 <!−− private chat account −−>
13 <foaf:account>14 <foaf:OnlineAccount>15 <rdf:type rdf:resource="http://.../OnlineChatAccount" />16 <foaf:accountServiceHomepage rdf:resource="http://..../" />17 <foaf:accountName>florian skopik</foaf:accountName>18 </foaf:OnlineAccount>19 </foaf:account>2021 <!−− attach personalized ratings to known persons −−>
22 <foaf:knows>23 <foaf:Person>24 <foaf:mbox sha1sum>1a4578...</foaf:mbox sha1sum>
25 <foaf:tipjar rdf:resource="http://..." rdfs:label="ratings"/>26 </foaf:Person>27 </foaf:knows>28 </foaf:Person>29 </rdf:RDF>
Listing 3: Private fragment of a FOAF profile.
Listing 3 depicts an example of encrypted private FOAFfragments. While users decide manually which parts of theirprofiles are shared globally and which are restricted to neigh-bors only, relation metrics, e.g., derived from personal rat-ings, are managed automatically by the system. For thatpurpose, single ratings are stored in a dedicated document(tipjar) for each user. This document is processed by vari-ous evaluation tools and plugins that are fully under controlof the users. Currently, we have three tools for (i) collect-ing manual ratings, (ii) analyzing Internet forums, and (iii)analyzing e-mail communication in order to assess collabo-ration performance of known partners and the strength ofsocial ties based on past interactions.
4.1.2 Profile Sharing
The presented concepts enable the discovery of directlyconnected partners based on common properties, interests,ratings, and contextual constraints (such as projects), butstill preserve their privacy. This means that profile ownersencrypt sensitive parts of their profiles for their known neigh-bors, i.e., using their public keys. Since we do not only man-age binary knows relations but also calculate the strengths ofrelations (e.g., social trust), the amount of shared informa-tion can be bound to certain strength levels. For instance,whenever one updates his profile, a rule-based system de-cides based on predefined link thresholds, who is allowed toread private FOAF fragments and encrypt files accordingly.
1<!−− link encrypted document −−>
2<foaf:Document rdf:about="http://.../foaf47.rdf">3<dc:title>Restricted Information</dc:title>4<wot:assurance>5<wot:Endorsement rdf:about="http://.../foaf47.rdf.asc">6<dc:title>signature of friend47 private profile</dc:title>7<wot:endorser rdf:nodeID="KeyFS"/>8</wot:Endorsement>9</wot:assurance>10</foaf:Document>1112<!−− encryption information −−>
13<wot:EncryptedDocument rdf:about="http://.../foaf47.rdf.asc">
14<dc:title>friend47 private profile</dc:title>15<wot:encryptedTo rdf:nodeID="KeyPartnerX"/>16<wot:encrypter rdf:nodeID="KeyFS"/>17</EncryptedDocument>
Listing 4: Linking encrypted documents in FOAF.
However, single members usually build up strong relationsto only a small amount of partners. That hinders the dis-covery process. In order to overcome that hurdle, we allowpropagation of information over several intermediate hubsalong strong social paths. Enabling such flows of informa-tion enables actors to discover new potential collaborationpartners. Technically, we allow actors to link private pro-file information of well connected partners as personally en-crypted documents to their own profile. Restricted access isthe basis for personalized and reliable sharing of information.We use once more the WoT ontology to link external doc-uments to one’s FOAF profile (see excerpt in Listing 4). Adetailed implementation perspective regarding processing ofXML data is out of scope of this paper, but has been investi-gated in detail in [34]. A semantically-enriched Web Servicebased environment allows to notify partners about updatedprofiles and send them links to encrypted documents. Thereceivers are able to validate these documents, i.e, verify theauthenticity and consistency using the signer’s public keyand to decrypt information using their own private keys.
4.2 Semantic Service InfrastructureWSMX (Web Service Modeling eXecution environment)
[19] allows to describe and register Web services and thus,supports discovering, selecting, and invoking Web servicesat run-time in a semantic manner. The actual services arehosted elsewhere, but WSMX builds a semantic abstractionlayer for these services by managing additionally required ar-tifacts (as described in Section 2.2). The WSMX platformprovides a WS entrypoint to submit semantic goals thatneed to be fulfilled and the platform itself discovers the bestsuitable service based on (i) functional properties (FPs),i.e., supported concepts, such as messaging; and (ii) non-functional properties (NFPs), here, contextual constraintsincluding organizational boundaries, people’s location andworking context.
4.2.1 Registering Semantic Web Services
The first step of registering a common Web service witha WSDL interface in WSMX is to annotate appropriatelowering- and lifting scripts. These XSLT scripts enablethe transformation between SOAP messages and ontologi-cal representations. Listing 5 shows a small excerpt of asemantically-enriched WSDL file. Here, the complex datatype sendMessageKey (and its corresponding response) haveloweringSchemaMapping and liftingSchemaMapping respec-tively attached. Listing 6 shows a lowering script. Here,values of required semantic concepts to build an instanceof type sendMessageKey are extracted from the enterprisecollaboration ontology.
1 <xs:element name="sendMessageKey"2 sawsdl:loweringSchemaMapping="SendEmailMessage-lowering.xslt">
3 <xs:complexType>4 <xs:sequence>5 <xs:element minOccurs="0" name="to" type="xs:string"/>6 <xs:element minOccurs="0" name="subject" type="xs:string"/>7 <xs:element minOccurs="0" name="body" type="xs:string"/>8 <xs:element minOccurs="0" name="key" type="xs:string"/>9 </xs:sequence>
10 </xs:complexType>11 </xs:element>12 <xs:element name="sendMessageKeyResponse"13 sawsdl:liftingSchemaMapping="SendEmailMessage-lifting.xslt">14 <xs:complexType>15 <!−− details omitted −−>
16 </xs:complexType>17 </xs:element>
Listing 5: Schema mapping annotations in WSDL.
1 <xsl:template match="rdf:Description[rdf:type/@rdf:resource=
2 ’http://www.coin-ip.eu/ontologies/ec#EmailServiceMessage’]">3 <email:sendMessageKey>4 <xsl:for−each select="ecg:hasEmailAddress">5 <to><xsl:value−of select="."/></to>6 </xsl:for−each>7 <xsl:for−each select="ecg:hasSubject">8 <subject><xsl:value−of select="."/></subject>9 </xsl:for−each>
10 <xsl:for−each select="ecg:hasContent">
11 <body><xsl:value−of select="."/></body>12 </xsl:for−each>13 <xsl:for−each select="ecg:hasAuthenticationKey">14 <key><xsl:value−of select="."/></key>15 </xsl:for−each>16 </email:sendMessageKey>17 </xsl:template>18 </xsl:stylesheet>
Listing 6: Lowering script example.
4.2.2 Semantic Goal Description
Listing 7 shows exemplarily a goal defined in WSML7 forsending a notification via e-mail. For that purpose, NFPsare defined (here: type of discovery), as well as pre- andpostconditions for invoking a capable Web service (e.g., de-fined recipient and message). The block instance email-
Request contains the actual parameters that are lowered toa SOAP message and sent to an Email Web service.
1wsmlVariant "http://www.wsmo.org/wsml/wsml-syntax/wsml-rule"
2namespace { "http://www.coin-ip.eu/goals/ec#",3disc "http://wiki.wsmx.org/index.php?title=DiscoveryOntology#",4ec "http://www.coin-ip.eu/ontologies/ec#",5ecp "http://www.coin-ip.eu/ontologies/ecp#"}67goal MessageGoal8importsOntology {9ec#EnterpriseCollaborationOntology,10ecp#EnterpriseCollaborationProcess11}1213capability MessageGoalCap14nonFunctionalProperties15disc#discoveryStrategy hasValue disc#NoPreFilter16disc#discoveryStrategy hasValue disc#HeavyweightDiscovery17endNonFunctionalProperties1819sharedVariables {?x, ?z, ?y}2021precondition MessageGoalPre22definedBy23?x memberOf ec#EmailMessage and24?z memberOf ec#Individual and25?y memberOf ec#Individual.2627postcondition MessageGoalPost28definedBy29ecp#messageSent(?z, ?x, ?y).3031ontology EmailRequest32importsOntology {33ec#EnterpriseCollaborationOntology34}3536instance emailRequest memberOf ec#EmailMessage37hasAuthenticationKey hasValue "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx"
38hasEmailAddress hasValue "[email protected]"39hasSubject hasValue "Notification about project opportunity"40hasContent hasValue "Dear sir, according to your profile ..."
Listing 7: Semantic goal for e-mail message service.
5. EVALUATION AND DISCUSSIONThis section deals with evaluation results regarding the
whole system as well as discussions of essential findings. Inparticular, we demonstrate the performance of semantically-enriched service hosting with WSMX, discuss network for-mation processes using simulation, study member discoveryprocesses through propagating distributed FOAF profiles,and discuss various design decisions with respect to PKI forFOAF.
5.1 WSMX Performance AspectsThe used WSMX setup consists of 38 different Web ser-
vices, primarily communication services and document man-agement services, 52 ontology parts (the main ontology is theenterprise collaboration ontology depicted in Figure 4, butfurther ontologies of single services refine some concepts),and 13 semantic goals (e.g., sending a message with a given
7Web service modeling language
(a) bootstrapping phase: only pre-dicted links (α = 1)
(b) formation phase: mix of pre-dicted and emerged links (α = 0.5).
(c) saturation phase: only emergedlinks (α = 0)
Figure 6: Network formation process visualization.
content to a particular person). For the following experi-ments, WSMX and services (implemented using Axis28) arehosted on a server with Intel Xeon 3.2GHz (quad), 10GBRAM, running Tomcat 6 with Axis2 1.4.1 on Ubuntu Linux.Furthermore we perform concurrent calls from a client simu-lation that runs on a Pentium 4 with 2GB on Windows XP,and is connected with the server through a local 100MBitEthernet. Figure 7 compares the performance of WSMXwith standard SOAP calls that invoke Web services directlyfor different numbers of concurrent calls.. Note, the addi-tional overhead caused by WSMX is the difference betweenthe two results, since after processing the semantic layeralso WSMX invokes a particular WS via SOAP only. Inour test environment, invoking a service via WSMX com-pared to invoking the same service directly takes approx-imately 5 times longer. The additional processing time isused for lowering a request (such as the goal in Listing 4)to a SOAP message, and, after invoking the service, liftingthe response back to the semantic level. Although WSMXadds much additional overhead to service invocation, sev-eral advantages can be taken, including, dynamic discoveryand selection of best suitable service instances (dependingon NFPs), and establishing real cross-enterprise interoper-ability through data mediation on ontological level. Note,services can be distributed over several WSMX instances todistribute load and increase performance.
1 10 20 50 1000
10
20
30
40
50
number of concurrent invocations
pro
ce
ss
ing
tim
e [
se
c]
WSMX platform
direct SOAP calls WSMX step time [ms]lowering 250-400service invoc. > 130lifting 150-250
single invoc. time [ms]SOAP (avg) 80-120WSMX (avg) 450-750
Figure 7: WSMX performance comparison.
5.2 Network Formation Simulation in SOAWe use a Web service testbed to simulate the interaction
behavior in SOA-based communities. The purpose of theGenesis2 framework [22] (in short, G2) is to support soft-ware engineers in setting up testbeds for runtime evaluation
8http://ws.apache.org/axis2/
of SOA-based concepts and implementations. It allows toestablish environments consisting of services, clients, reg-istries, and other SOA components, to program the struc-ture and behavior of the whole testbed, and to steer theexecution of test cases on-the-fly. G2’s most distinct featureis its ability to generate real testbed instances (instead ofjust performing simulations) which allows engineers to in-tegrate these testbeds into existing SOA environments and,based on these infrastructures, to perform realistic tests atruntime.
Experiment Setup. The created test environment con-sists of 200 autonomous services that simulate behavior incommon flexible collaboration scenarios. Each service (calledactor) has an interest/expertise profile assigned, consistingof 5 to 8 distinct keywords. Profiles may partly overlap. Inorder to bootstrap collaborations links between actors arepredicted based on profile similarities. Typically, interestsimilarities are a reasonable grounding for future collabo-ration success and emerging personal relations [39]. Dur-ing the actual collaboration single actors interact by del-egating tasks and requesting support from other membersof the community; thus, in our simulation we let randommembers interact in fixed time intervals. Each interactionis tagged with a maximum of 3 keywords and sent to ac-tors with matching interest profiles. We run different testsand vary the number of globally known tags, as well as theamount of occurring interactions. The results of these exper-iments enable us to study the formation process of typicalmedium scale Web-based communities. In particular we in-vestigate the three phases of (i) bootstrapping, i.e., initiatingthe formation of a network; (ii) formation phase, i.e., settingup strong links between matching collaboration partners;(iii) saturation phase, i.e., cross-linking emerging small-scalecommunities with weak links. The aim of this experiment isto determine the effort in terms of monitoring and processinginteractions until similar network structures (in the respec-tive evolutionary phases) for different taxonomy complex-ities emerge. For instance, using less complex taxonomiesconsisting of only 10 keywords also requires less monitoredinteractions, since profiles and interaction contexts convergemuch faster than for more complex taxonomies.
Experiment Results. We study the network formationprocess of 200 unconnected actors for different environmentsetting. Depending on the complexity of the global taxon-omy that determines interaction contexts, varying amountsof interactions are required in order to guarantee a feasible
1 2 3 4 50
10
20
30
40
50
60
70
average trustees
ac
tors
in
cir
cle
of
tru
st
|N| = 10
|N| = 100
|N| = 1000
|N| = 10000
(a) varying network size |N |.
1 2 3 4 50
200
400
600
800
1000
average trustees
ac
tors
in
cir
cle
of
tru
st
pp = 2
pp = 3
pp = 4
pp = 5
pp = 6
(b) varying prop. path pp.
Figure 8: Size of the circle of trust.
1 2 3 4 50
50
100
150
200
250
average trustees
gra
ph
op
era
tio
ns
|N| = 10
|N| = 100
|N| = 1000
|N| = 10000
(a) varying network size |N |.
1 2 3 4 50
2000
4000
6000
8000
10000
average trustees
gra
ph
op
era
tio
ns
pp = 2
pp = 3
pp = 4
pp = 5
pp = 6
(b) varying prop. path pp.
Figure 9: Required graph operations.
inference of social relations based on interest similarities.We let actors pick tags from a global taxonomy consistingof 10/20/50 keywords according to their interest profiles inorder to annotate their interactions, e.g., express the exper-tise areas of support requests. In order to bootstrap a net-work formation process (see Figure 6(a)) links are predictedonly (see dashed lines) based on actor profile overlaps [35].Utilizing measured interaction metrics (here reciprocity cf.Eq. 2), social links are established based on evidence aboutreliable and dependable collaboration behavior. Note, thecolor of the nodes represent their (static) expertise areas,while their sizes reflect their degree of connectivity in thenetwork. Figure 6(b) shows a network where most membershave found at least one trustworthy (e.g., in terms of reci-procity) collaboration partner. Such social links are reflectedby solid lines whereas their strengths reflect the level of co-operation. Still, most relations are predicted only (dashedlines). Finally, after a sufficient amount of interactions hasbeen collected to reliably infer relations, a network consist-ing only of evidence-based relations is maintained in the sat-uration phase (Figure 6(c)).
We repeat this experiment to find out typically emerg-ing network structures for varying taxonomy complexities(number of tags #tags) and different amounts of interac-tions (#ia). Table 1 reveals the details. The metrics are (i)number of connected components (nc), (ii) average numberof network neighbors (nn), and (iii) network density (nd).Although an optimal connection is hard to determine, thesegraph metrics deem to be appropriate indicators [30] to de-scribe and compare network structures. Note, the values inbrackets int eh bootstrapping phase denote the given metricsif predicted links are treated as evidence-based links.
Table 1: Characteristic network metrics in differentevolutionary phases of a formation process.
phase #tags/#ia network metrics
bootstr. 10/0 nc = 200, nn = 0(7.62), nd = 020/0 nc = 200, nn = 0(5.56), nd = 050/0 nc = 200, nn = 0(1.13), nd = 0
formation 10/1000 nc = 99, nn = 1.12, nd = 0.00620/3000 nc = 109, nn = 0.84, nd = 0.00550/5000 nc = 101, nn = 0.98, nd = 0.005
saturation 10/5000 nc = 4, nn = 3.15, nd = 0.01720/15000 nc = 7, nn = 2.65, nd = 0.01450/25000 nc = 5, nn = 2.89, nd = 0.016
5.3 Member Discovery SimulationsWe create synthetic networks with fixed amounts of nodes
and power-law distributed edges [29] to evaluate the effectsof propagating profile information. This means, encrypted
parts of a FOAF profile are shared over multiple hops evenbetween unconnected members, if there is a strong trustpath between them. This concept of propagation [18] en-ables users to extend their circles of trust (i.e., all membersthat can be reached over a strong trust path without ex-ceeding an upper limit of hops) and to discover previouslyunknown members therein. The complexity of a graph isdescribed by the average outdegree of a node in the longtail of the degree distribution; in other words, the averagenumber of trusted neighbors (trustees) for the bottom 90%of members. We pick random nodes from this set and runexperiments for each one until we get stable average results.
The first set of experiments investigates the average size ofthe circle of trust, depending on the number of trustees fordifferent network sizes N and propagation path lengths pp.For that purpose profiles of all neighbors of specified nodes inthe network are retrieved recursively until the whole circleis discovered. Figure 8 show that for highly cross-linkedgraphs (i.e., avgtrustees > 2), only short pps (max. 3 or 4hops) are feasible. Otherwise, virtually all members are inone’s circle of trust. A second set of experiments highlightsthe computational complexity of determining the circle oftrust. While the size of the network does not considerablyinfluence the number of required graph operations from eachactor’s perspective (at least for small pp), increasing pp inhighly cross-linked graphs leads to exponential costs (Figure9). Graph operations include retrieving referenced nodesand edges, as well as neighbors, predecessors and successorsin the network model. Each of these operations means thatfinally distributed FOAF profiles need to be queried andretrieved from the Web.
5.4 Processing Encrypted FOAF ProfilesWe shortly discuss the complexity and required steps to
enable the discovery of collaboration partners based on FOAFprofile sharing using the security concepts discussed in thispaper. For that purpose, we distinguish between three differ-ent operations: (i) publishing profiles, (ii) discovering neigh-bors, i.e., retrieve their (encrypted) profiles, (iii) transitivediscovery, i.e., propagation of profile information over onehop. Table 2 summarizes complexities in terms of number ofretrieved documents (i.e., public/private FOAF fragments,signatures, public/private key files) and number of requiredsteps (i.e., file retrieval, encryption, decryption, file update,file upload). Note, we do not measure absolute performanceof the proposed profile management approach, because thisheavily depends on the hosting environment and IT infras-tructure. Symbol n denotes the number of direct neighbors;p the number of distinct private FOAF fragments.
FOAF Profile Publishing. Updating an actor’s own
Table 2: Comparison of profile management ops.operation #retrieved docs #steps
FOAF profile publishing 3 + n 3 + 3p + n
neighbor discovery (2 + p) · n (3 + p) · ntransitive discovery 2 + 2p + n+ pn 3 + 3p + n+ pn
profile consists of profile retrieval and update of alreadyexisting public/private profile fragments, signing the pub-lic fragment with own private key, retrieving the neighbors’public keys, encrypting private fragments individually forstrongly connected (e.g., trusted) neighbors, publish publicand private fragments on the Web.
Neighbor Discovery. This operation discovers directlyconnected actors by evaluating their profiles, e.g., interests,project participation, organizational memberships. Evalu-ating neighbor profiles includes for each single neighbor toretrieve the public profile and public key to validate the sig-nature, retrieval of linked private fragments, decryption ofdata with own private key.
Transitive Discovery. Transitive profile sharing enablesthe discovery of unconnected community members. For thatpurpose intermediate nodes mediate information by retriev-ing (encrypted) profiles from neighbors, and re-encrypt themfor their own (trusted) neighbors. In particular the follow-ing steps are performed: retrieve published public/privateFOAF fragments of one neighbor, get public key to verifysignature, decrypt private fragment with own private key,get public key of other neighbor(s), re-encrypt private frag-ment, attach this fragment to own FOAF profile, re-signand re-encrypt own FOAF fragments; optionally, notify in-terested neighbors about third-party profiles.
6. BACKGROUND AND RELATED WORKCross-Organizational Collaborations. The concept
of virtual communities is increasingly used to enable thecollaboration between geographically distributed membersbelonging to various organizational units. Studies on dis-tributed teams focus on human performance and interac-tions [28] as well as Enterprise 2.0 environments [7]. Service-oriented architectures (SOA) have emerged as the defactostandard to design and implement open enterprise systems.They allow for loose coupling between single componentsand enable sophisticated discovery mechanisms based onfunctional (e.g., supported features) and non-functional (e.g.,QoS) properties. Web service technology [2] enables cross-organizational interactions in collaborative networks [9].
Monitoring and Self-Organizing Systems. The prob-lem of composition and adaptation is strongly related toorganization and control. Self-* principles [6] provide theability to manage systems autonomously and to dynami-cally adapt to changes in accordance with objectives andstrategies. Enhanced flexibility of complex systems is intro-duced by establishing a cycle that feeds back environmentalconditions to allow the system to adapt its behavior. ThisMAPE cycle [21] is considered as one of the core mechanismsto achieve adaptability through self-* properties. While au-tonomic computing allows for autonomous elements and ap-plies these principles to distributed systems, current researchefforts left the human element outside the loop. In the con-text of multi agent systems (MAS), self-configuring socialtechniques were introduced in [8].
Social Trust in service-oriented systems has become a
very important research area. SOA-based infrastructuresare typically distributed comprising a large number of avail-able services and huge amounts of interaction logs. There-fore, trust in SOA has to be managed in an automatic man-ner [25]. Depending on the environment, trust may relyon the outcome of previous interactions [27] and interestsimilarity [16, 26]. In our approach, metrics express socialbehavior influenced by the context in which collaborationstake place [33]. For instance, reciprocity [14] is a conceptdescribing that humans tend to establish a balance betweenprovided support and obtained benefit from collaborationpartners.
Social Platforms and Service Communities. Socialnetworks have received tremendous attention recently fromboth research and academia. A large amount of informationis exchanged online using social networking platforms. It be-comes thus essential to adapt and influence the informationexchange in an automated manner [34]. Selective dissemi-nation of information (SDI) [3, 11] is used filter unnecessarydata by considering user profiles.
Social networks become more and more interlinked withenterprises and collaborative platforms [7]. Semantically-enriched service platforms following the SOA paradigm suchas WSMX [19] provide the means to discover and composeservices in cross-organizational environments based on stan-dardized languages (see WSMO [24]). These platforms notonly enable interactions between technical services acrossboundaries, but also human interactions on top of theseservices. The convergence of social interactions in flexibleservice-oriented environments makes it essential to extendwell-established data formats for describing the structureof social networks such as FOAF with access control tech-niques.
The mechanisms for signing RDF graphs have been pre-sented in [15]. The combination of FOAF and SSL [37] en-ables secure access to FOAF profiles. The embedding ofaccess control mechanisms in FOAF has been illustrated in[20, 23].
7. CONCLUSION AND FUTURE WORKIn this paper, we discussed the application of social net-
work concepts in cross-enterprise collaboration scenarios.While creating dynamic profiles and flexibly discovering peo-ple and services is frequently used in typical recommendersystems and on social platforms, the application in enter-prise scenarios in form of overlay networks is a novelty. Es-pecially, the combination with SemanticWeb methodologies,such as Web services, taxonomy-based context managementand SOA to achieve data and service interoperability is anew aspect. We proposed an approach to support humancollaboration in different domains and organizations in aseamless manner; not only from s social perspective, butalso from a technical one.
Our future research includes the application of social over-lay networks in real cross-enterprise scenarios. This willbe done within the EU FP7 project COIN, where we willcollect valuable information regarding the efficiency of thediscovery process based on social network structures. Fur-thermore, we will study network dynamics such as memberfluctuation and frequency of re-discovering partners; as wellas the feasibility of our approach from a technical point ofview, e.g., limits in managing FOAF profiles depending onprofile change rates.
Acknowledgments
This work was supported by the European Union FP7 projectsCOIN (216256) and SM4ALL (224332). The authors like tothank STI Innsbruck for support regarding WSMO, WSMLand WSMX.
8. REFERENCES
[1] C. Adams and S. Lloyd. Understanding Public-KeyInfrastructure: Concepts, Standards, and DeploymentConsiderations. Macmillan Publishing, 1999.
[2] G. Alonso, F. Casati, H. Kuno, and V. Machiraju.Web Services - Concepts, Architectures andApplications. Springer, October 2003.
[3] M. Altinel and M. J. Franklin. Efficient filtering ofxml documents for selective dissemination ofinformation. In VLDB, pages 53–64, 2000.
[4] Amazon.com. Amazon mechanical turk, last access:2010. available online: http://www.mturk.com.
[5] T. Berners-Lee, J. Hendler, and O. Lassila. Thesemantic web. Scientific American, May 2001.
[6] A. Berns and S. Ghosh. Dissecting self-* properties. InSASO, pages 10–19. IEEE, 2009.
[7] J. Breslin, A. Passant, and S. Decker. Social webapplications in enterprise. The Social Semantic Web,48:251–267, 2009.
[8] V. Bryl and P. Giorgini. Self-configuringsocio-technical systems: Redesign at runtime. ITSSA,2(1):31–40, 2006.
[9] L. M. Camarinha-Matos and H. Afsarmanesh.Collaborative networks. In PROLAMAT, pages 26–40,2006.
[10] S. Castano, A. Ferrara, and S. Montanelli. Matchingontologies in open networked systems: Techniques andapplications. pages 25–63, 2006.
[11] Y. Diao, S. Rizvi, and M. J. Franklin. Towards aninternet-scale xml dissemination service. In VLDB,pages 612–623, 2004.
[12] C. Dwyer, S. R. Hiltz, and K. Passerini. Trust andprivacy concern within social networking sites: Acomparison of facebook and myspace. In AMCIS,2007.
[13] J. Euzenat and P. Shvaiko. Ontology Matching.Springer, Berlin, 2007.
[14] A. Falk and U. Fischbacher. A theory of reciprocity.Games and Economic Behavior, 54(2):293–315, 2006.
[15] M. Giereth. On partial encryption of rdf-graphs. InY. Gil, E. Motta, V. R. Benjamins, and M. A. Musen,editors, ISWC, pages 308–322, 2005.
[16] J. Golbeck. Trust and nuanced profile similarity inonline social networks. ACM Trans. on the Web, 3(4),2009.
[17] N. Gold, C. Knight, A. Mohan, and M. Munro.Understanding service-oriented software. IEEESoftware, 21(2):71–77, 2004.
[18] R. Guha, R. Kumar, P. Raghavan, and A. Tomkins.Propagation of trust and distrust. In WWW, pages403–412, 2004.
[19] A. Haller, E. Cimpian, A. Mocan, E. Oren, andC. Bussler. Wsmx - a semantic service-orientedarchitecture. In ICWS, pages 321–328. IEEE, 2005.
[20] J. Hollenbach, J. Presbrey, and T. Berners-Lee. Usingrdf metadata to enable access control on the socialsemantic web. In ISWC, 2005.
[21] IBM. An architectural blueprint for autonomiccomputing. Whitepaper, 2005.
[22] L. Juszczyk and S. Dustdar. Script-based generationof dynamic testbeds for soa. In ICWS, pages 195–202.IEEE, 2010.
[23] S. R. Kruk, S. Grzonkowski, A. Gzella, T. Woroniecki,and H.-C. Choi. D-foaf: Distributed identitymanagement with access rights delegation. In ASWC,pages 140–154, 2006.
[24] R. Lara, D. Roman, A. Polleres, and D. Fensel. Aconceptual comparison of wsmo and owl-s. InECOWS, pages 254–269. IEEE, 2004.
[25] Z. Malik and A. Bouguettaya. Reputationbootstrapping for trust establishment among webservices. Internet Computing, 13(1):40–47, 2009.
[26] Y. Matsuo and H. Yamamoto. Community gravity:Measuring bidirectional effects by trust and rating ononline social networks. In WWW, pages 751–760, 2009.
[27] L. Mui, M. Mohtashemi, and A. Halberstadt. Acomputational model of trust and reputation fore-businesses. In HICSS, page 188, 2002.
[28] N. Panteli and R. Davison. The role of subgroups inthe communication patterns of global virtual teams.IEEE Trans. Prof. Com., 48(2):191–200, 2005.
[29] A. Reka and Barabasi. Statistical mechanics ofcomplex networks. Rev. Mod. Phys., 74:47–97, June2002.
[30] H. C. Romesburg. Cluster Analysis for Researchers.Krieger Pub. Co., 2004.
[31] D. Schall and S. Dustdar. Dynamic context-sensitivepagerank for expertise mining. In Social Informatics,pages 160–175. Springer, 2010.
[32] D. Schall and F. Skopik. Mining and composition ofemergent collectives in mixed service-oriented systems.In CEC. IEEE, 2010.
[33] F. Skopik, D. Schall, and S. Dustdar. Modeling andmining of dynamic trust in complex service-orientedsystems. Inf. Syst., 35:735–757, 2010.
[34] F. Skopik, D. Schall, and S. Dustdar. Trust-basedadaptation in complex service-oriented systems. InICECCS. IEEE, 2010.
[35] F. Skopik, D. Schall, H. Psaier, and S. Dustdar. Socialformation and interactions in evolving service-orientedcommunities. In ECOWS. IEEE, 2010.
[36] M. Stollberg and B. Norton. A refined goal model forsemantic web services. In ICIW, pages 17–22, 2007.
[37] H. Story, B. Harbulot, I. Jacobi, and M. Jones.Foaf+ssl: Restful authentication for the social web,last access: 2010. http://esw.w3.org/Foaf%2Bssl.
[38] M. Zaremba and T. Vitvar. Wsmx: A solution for b2bmediation and discovery scenarios. In ESWC, pages884–889, 2008.
[39] C.-N. Ziegler and J. Golbeck. Investigatinginteractions of trust and interest similarity. DecisionSupport Systems, 43(2):460–475, 2007.
[40] C.-N. Ziegler and G. Lausen. Propagation models fortrust and distrust in social networks. Inf. Syst.Frontiers, 7(4-5):337–358, 2005.
