Trust Management For A Decentralized Service Exposure Marketplace: A Service Exposure Perspective

Abstract

Enabling trust between entities to collaborate, without the necessity of a third-party mediator is a challenging problem. This problem is highlighted when the collaboration involves a complicated process, spans multiple systems, and encompasses a large number of entities. This is the case in a decentralized service exposure marketplace. In this work, we design and implement a \ac{PoC} suite of services to enable a blockchain to become the anchor of trust for a decentralized service exposure marketplace. We first formalize the necessary requirements to enable trust between a consortium of entities hosting the marketplace. We then follow with a threat model against the identified requirement, highlighting misbehaviour from the different entities. Finally, we propose a model, Trust Engine, which facilitates the trust management process and mitigates the identified threats. We showcase a proof-of-concept of our model, utilizing a combination of smart contracts (hyperledger fabric), blockchain, and service mesh technology (Istio). The Trust Engine successfully identifies the misbehaviour, documents it in the blockchain, and enforces polices to remediate the misbehaviour. Furthermore, we examined each component in our suggested system to identify the performance bottleneck. Lastly, we discuss the limitations of our suggested model with regards to other service mesh deployment models as well as potential future work and improvements.