Reputation, Trust and Risk:

Bibliographic overview

Orfeas Stefanos Thyfronitis Litos

olitos@corelab.ntua.gr

Webs of trust

  • PGP [1]

- Trust over correspondence of physical identity and public key

- Single transitivity step

  • Freenet [2]

- File sharing decentralized platform with spam protection

- No explicit trust definitions

- PGP Pathfinder finds transitive closure: http://pgp.cs.uu.nl

- Nodes and files have unique keys

- File key requests directed to node with closest node key

- Popular files replicated, old files forgotten in LRU fashion

Decentralized systems with explicit trust

Frameworks

Trust Models

Centralized trust systems

  • CA-based PKI [3]

- Certification Authorities vouch for website authenticity

- Requires trust to central third parties

  • Bazaar [4]

- Users' undirected graph created out of their interactions

- A successful interaction between A and B leads to

  increased weight of the edge (A, B) and the opposite

- Need for centralized storage and graph secrecy

- Can reduce frauds in online marketplaces

Trust Models (1)

  • A Computational Model of Trust and Reputation [5]

Trust

Reciprocity

Reputation

  • The Beta Reputation System [6]

- Users can make binary choices which are recorded

  • FIRE [7]

- Trust is the average of the ratings available to the user

- Future user behaviour predicted with Beta distribution

Trust Models (2)

  • CORE [8]
  • Decentralized Trust Management for Ad-hoc Peer-to-Peer Networks [9]

- Global ratings stored by each user's neighbours

  • Decentralized Trust Management in Peer-to-Peer Systems [10]

- Hierarchical trust system: Nodes in tree structure,

  parents more trustworthy than children

- Suitable for collaborating hardware and software with

  variable specifications and no central coordinator

Trust Models (3)

  • Walking the web of trust [11]
  • An integrative model of organizational trust [12]

- Trust from A to B factors:

  A's Propensity and B's Ability, Benevolence and Integrity

  • Bartercast [13]

- BitTorrent peer trust calculation using maximum flows

- Explicitly assigned trust percentages pertaining to

  responsible use of PGP tools, web of trust is created

  • Beaver [14]

- Decentralized marketplace

- Single review per purchase - global rankings

- Fees to discourage fraud by rational players

Frameworks

  • Pace [16]
  • Decentralized Reputation Management for Cooperating Software Agents in Open Multi-Agent Systems [15]

- Global rankings generated per transaction

  • Open Reputation [17]

- Decentralized rating system for IoT appliances

- Requires trust value assignment per incoming message

  • A Generic Framework for Modeling Decentralized Reputation-Based Trust Models [18]

- 4C's: Content, Communication, Computation and Counteraction

Quotes from sociological works

  • "Willingness to take risks may be one of the few characteristics common to all trust situations" [19]
  • "Trust is not taking risk per se, but rather it is a willingness to take risk." [20]

Trust and social collateral [21] (1)

  • Sociological work
  • Creates a trust network using known trust values between aquaintances
  • Trust between unknown parties is calculated as the maximum flow between those parties

Trust and social collateral [21] (2)

  • Dynamics in job recommendation networks can be successfully explained intuitively with this model
  • Informal borrowing data from two shantytowns in Peru confirms theory

- The weight of the edge (Alice, Bob) is the time Alice and

  Bob have spent together

- Actual borrowing between unknown parties predicted

  very accurately through maximum flow calculation

The Risk-based view of Trust: A conceptual framework [22]

Trust

Propensity

Risk

Propensity

Subjective

Trust

Goodwill Trust

Competence Trust

Perceived

Risk

Relational Risk

Performance Risk

-1

-1

Behavioural

Trust

Risk

Taking

Money as IOUs in Social Trust Networks & A Proposal for a Decentralized Currency Network Protocol [23] (1)

  • IOU-based economy
  • Each player transacts by giving her personal IOUs to players ready to accept them
  • Each player's IOU is considered a different currency
  • Conventional currencies are IOUs issued by the government
  • Each player maintains a custom list of acceptable IOUs
  • A player can choose to accept limited IOUs from another player
  • If Alice wants to buy from Bob, but Bob does not accept her IOUs, they can search for a trust path from Bob to Alice so that Bob gets IOUs he trusts and Alice gives IOUs to someone that trusts her.
  • Used by Ripple [24] and Stellar [25] payment networks

Money as IOUs in Social Trust Networks & A Proposal for a Decentralized Currency Network Protocol [23] (2)

A

B

C

2

4

1) Initially

2) Trust path found. C buys a product of value 1 from D

3) Finally

A

B

C

1

3

Example:

  • D does not accept C's IOUs but
  • B accepts A's IOUs and initially has 2 of A's IOUs
  • C accepts B's IOUs and initially has 4 of B's IOUs
  • D accepts A's IOUs
  • C wants to buy a product of value 1 from D

D

D

1

A, B are even, D gained 1 and C lost 1

TrustDavis [26]

  • Reference/insurance decentralized network
  • Each player can publish an insurance statement for others
  • Insurance costs a certain premium so that the insurer has gains
  • A player insured/referred to by many other well-insured players inspires greater confidence to third parties for business

A Survey of Trust and Reputation Systems for
Online Service Provision [27]

  • Bibliographic research
  • Discussion on notions of trust and reputation
  • Security implications
  • Trust semantics
  • Presentation of the results of various works from technical and sociological backgrounds
  • Centralized and decentralized settings
  • Trust models analysis
  • Implementations
  • Thorough related work

References

  1. Zimmermann P.: PGP Source Code and Internals. The MIT Press (1995)
  2. Clarke I., Sandberg O., Wiley B., Hong T. W.: Freenet: A Distributed Anonymous Information Storage and Retrieval System. H. Federrath, Designing Privacy Enhancing Technologies pp. 46-66, Berkeley, USA: Springer-Verlag Berlin Heidelberg (2001)
  3. Adams C., Lloyd S.: Understanding PKI: concepts, standards, and deployment considerations. Addison-Wesley Professional (2003)
  4. Post A., Shah V., Mislove A.: Bazaar: Strengthening User Reputations in Online Marketplaces. Proceedings of NSDI’11: 8th USENIX Symposium on Networked Systems Design and Implementation, p. 183 (2011)
  5. Mui L., Mohtashemi M., Halberstadt A.: A Computational Model of Trust and Reputation. System Sciences, 2002. HICSS. Proceedings of the 35th Annual Hawaii International Conference, pp. 2431-2439 IEEE (2002)
  6. Jøsang A., Ismail R.: The Beta Reputation System. Proceedings of the 15th Bled Electronic Commerce Conference (2002)
  7. Huynh T. D., Jennings N. R., Shadbolt N. R.: An Integrated Trust and Reputation Model for Open Multi-Agent Systems. Autonomous Agents and Multi-Agent Systems, 13(2), pp. 119-154 (2006)
  8. Michiardi P., Molva R.: Core: a Collaborative Reputation Mechanism to Enforce Node Cooperation in Mobile Ad-hoc Networks. Advanced Communications and Multimedia Security, pp. 107-121, Springer US (2002)
  9. Repantis T., Kalogeraki V.: Decentralized Trust Management for Ad-hoc Peer-to-Peer Networks. Proceedings of the 4th International Workshop on Middleware for Pervasive and Ad-hoc Computing, MPAC 2006, p. 6, ACM (2006)
  10. Visan A., Pop F., Cristea V.: Decentralized Trust Management in Peer-to-Peer Systems. 10th International Symposium on Parallel and Distributed Computing, pp. 232-239, IEEE (2011)
  11. Caronni G.: Walking the web of trust. Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE 2000, Proceedings, IEEE 9th International Workshops, pp. 153-158 (2000)
  12. Mayer R. C., Davis J. H., Schoorman, F. D.: An integrative model of organizational trust. Academy of management review, 20(3), 709-734 (1995)
  13. Meulpolder M., Pouwelse J., Epema D., Sips, H.: Bartercast: Fully distributed sharing-ratio enforcement in bittorrent. Delft University of Technology-Parallel and Distributed Systems Report Series (2008)
  14. Soska K., Kwon A., Christin N., Devadas S.: Beaver: A Decentralized Anonymous Marketplace with Secure Reputation (2016)
  15. Grünert A., Hudert S., König S., Kaffille S., Wirtz G.: Decentralized Reputation Management for Cooperating Software Agents in Open Multi-Agent Systems. ITSSA, 1(4), pp. 363-368 (2006)
  16. Suryanarayana G., Erenkrantz J. R., Taylor R. N.: An Architectural Approach for Decentralized Trust Management. IEEE Internet Computing, 9(6), pp. 16-23 (2005)
  17. Cannon L.: Open Reputation: the Decentralized Reputation Platform (2015)
  18. Suryanarayana G., Diallo M., Taylor R. N.: A Generic Framework for Modeling Decentralized Reputation-Based Trust Models. 14th ACM SigSoft Symposium on Foundations of Software Engineering (2006)
  19. Johnson-George C., Swap W. C.: Measurement of specific interpersonal trust: Construction and validation of a scale to assess trust in a specific other. Journal of personality and social psychology, 43(6), 1306 (1982)
  20. Mayer R. C., Davis J. H., Schoorman, F. D.: An integrative model of organizational trust. Academy of management review, 20(3), 709-734 (1995)
  21. Karlan D., Mobius M., Rosenblat T., Szeidl A.: Trust and social collateral. The Quarterly Journal of Economics, pp. 1307-1361 (2009)
  22. Das, T. K., Teng, B. S.: The risk-based view of trust: A conceptual framework. Journal of Business and Psychology, 19(1), 85-116 (2004)

  23. Fugger R.: Money as IOUs in Social Trust Networks & A Proposal for a Decentralized Currency Network Protocol (2004)

  24. Schwartz D., Youngs N., Britto, A.: The Ripple protocol consensus algorithm. Ripple Labs Inc White Paper, 5 (2014)

  25. Mazieres, D.: The stellar consensus protocol: A federated model for internet-level consensus. Stellar Development Foundation (2015)

  26. DeFigueiredo D. D. B., Barr E. T.: TrustDavis: A Non-Exploitable Online Reputation System. CEC, Vol. 5, pp. 274-283 (2005)

  27. Jøsang A., Ismail R., Boyd C.: A Survey of Trust and Reputation Systems for Online Service Provision. Decision Support Systems, 43(2), pp. 618-644 (2007)

Thank You!

Questions?

Trust bibliography

By orfeas

Trust bibliography

  • 689