Figure 2 - uploaded by Krzysztof Rzadca
Content may be subject to copyright.
Source publication
In the future, trust management may become yet another, standard ser-vice of information security, such as authentication, authorization, privacy or integrity. For this to happen, it is necessary to define standard primi-tives of trust management, and agree about what is in common among the many different applications of trust management studied to...
Contexts in source publication
Context 1
... library of universal trust management services must be designed so that many different applications could use common primitives and data. It should be able to incorporate diverse methods, various algorithms and protocols of trust management. The challenge in the design of a library of universal TM services is therefore the discovery of a common basis for the largest possible set of TM methods . This section and a class diagram on Figure 2 describes the basic building blocks required to design various trust management services . We start with an Encounter and a Proof , already introduced in the previous section. An Encounter includes information about Context , about the participating Agents , and about the available Actions and their outcomes. A set of template encounter definitions can be created in the TM library when a service is developed for a specific application. Yet, the instance of an Encounter will be received during service invocation. In the previous section, two examples of encounters were described. In the Internet auction, an Encounter represents a transaction between a buyer and a seller. In the Web service, an Encounter is a Web service invocation or an attempt to obtain ”security tokens” from a TM authority. Note that an Encounter can also be used to model an interaction between two agents who exchange Proofs. The treatment of exchange of Proofs (for example, during reporting in an auction service, during trust negotiation, or during gossiping of opinions in a P2P application) as an Encounter emphasizes that TM methods can be used to decide whether to trust the received Proofs . This form of trust is sometimes referred to as credibility [5], which is modeled on Figure 2 as a class that inherits from Trust. A Proof represents any information that can ...
Context 2
... library of universal trust management services must be designed so that many different applications could use common primitives and data. It should be able to incorporate diverse methods, various algorithms and protocols of trust management. The challenge in the design of a library of universal TM services is therefore the discovery of a common basis for the largest possible set of TM methods . This section and a class diagram on Figure 2 describes the basic building blocks required to design various trust management services . We start with an Encounter and a Proof , already introduced in the previous section. An Encounter includes information about Context , about the participating Agents , and about the available Actions and their outcomes. A set of template encounter definitions can be created in the TM library when a service is developed for a specific application. Yet, the instance of an Encounter will be received during service invocation. In the previous section, two examples of encounters were described. In the Internet auction, an Encounter represents a transaction between a buyer and a seller. In the Web service, an Encounter is a Web service invocation or an attempt to obtain ”security tokens” from a TM authority. Note that an Encounter can also be used to model an interaction between two agents who exchange Proofs. The treatment of exchange of Proofs (for example, during reporting in an auction service, during trust negotiation, or during gossiping of opinions in a P2P application) as an Encounter emphasizes that TM methods can be used to decide whether to trust the received Proofs . This form of trust is sometimes referred to as credibility [5], which is modeled on Figure 2 as a class that inherits from Trust. A Proof represents any information that can ...
Similar publications
Internet of Things (IoT) is going to create a world where physical objects are seamlessly integrated into information networks in order to provide advanced and intelligent services for human-beings. Trust management plays an important role in IoT for reliable data fusion and mining, qualified services with context-awareness, and enhanced user priva...
We are witnessing increasing penetration of pervasive computing into business and personal environments. Its advances, among other things, enable new opportunities for better health services but, as a side effect, it introduces new threats to privacy. If anywhere, it is in the health care sector that privacy is of utmost importance. Knowing further...
![Fig. 3 Hierarchy of computer companies [36]](profile/Samira-Sadaoui/publication/259931977/figure/fig3/AS:670015300841474@1536755504443/Hierarchy-of-computer-companies-36_Q320.jpg)
link.springer.com/article/10.1007%2Fs10489-013-0495-8#page-1
Nowadays, there is a growing need to manage trust in open systems as they may contain untrustworthy service providers. Agent Trust Management (ATM) tries to address the problem of finding a set of the most trusted agents in multi agent systems. This paper presents ScubAA, a novel generic...
There is an urgent need to an effective trust management for vehicular ad-hoc networks (VANETs), given the dreadful consequences of acting on false information sent out by malicious peers in this context. In the absence of trust authorities, the trust management is a difficult task. We are interested in this paper to propose a new approach to verif...
Wireless sensor networks are vulnerable to a wide set of security attacks, including those targeting the routing protocol functionality. The applicability of legacy security solutions is disputable (if not infeasible), due to severe restrictions in node and network resources. Although confidentiality, integrity and authentication measures assist in...
Citations
... It does not require any modifications of current online auction sites. It is being integrated into a library of trust management tools developed in the Universal Trust project (uTrust) [10] whose aim is to create standard trust management services for distributed, open systems. Third, experiments conducted over a large-scale, real dataset shows that our approach is effective to detect auction frauds while avoiding missing successful transactions. ...
... The information found by Web crawler is stored locally for future use. After a fixed amount of time or when sufficient data is collected, ProtoTrust uses the uTrust library [10] to perform the desired trust management algorithms. When the computation is complete, ProtoTrust presents the results to the user. ...
Encountering unknown sellers is very common in online auction sites. In such a scenario, a buyer can not estimate trustworthiness of the unknown seller based on the seller's past behavior. The buyer is thus exposed to the risks of being cheated. In this paper we describe a stereotypes based mechanism to determine the risk of a potential transaction even if the seller is personally unknown to not only the buyer but also to the rest of the system. Specifically, our approach first identifies discriminating attributes which are capable of distinguishing successful transactions from unsuccessful ones. A buyer can use its own past transactions (with other sellers) to form such stereotypes. Alternatively, the community's collective knowledge can also be used to build such stereotypes. When posed to a potential transaction with an unknown seller, buyers can estimate trustworthiness (and thus the risk) by combining the corresponding stereotypes. We report experiments over real auction data collected from Allegro, a leading auction site in Eastern Europe. Data driven simulation results show that by setting suitable thresholds our approach can effectively detect (predict) frauds, i.e., has low false positive, with flagging very few successful transactions, that is, it has very low false negative. We also observe from these experiments that local knowledge derived stereotypes are the most accurate, since it is personalized for individual buyers. However, community knowledge derived stereotypes are particularly useful for inexperienced buyers that dominate online auction sites, though there is slight decrease in accuracy. We leverage such analytics to provide a browser (Firefox) based tool to guide buyers during live auctions.
... algorithms. The algorithms themselves are part of a library of trust management tools developed in the uTrust[6] project. The extension obtains its information by automatically performing the task that is performed by an auction user: by crawling parts of the auction site. ...
... Every information found by Web crawler is stored in locally in order to future use. After a fixed amount of time or when sufficient data is collected, ProtoTrust uses the uTrust library [6] of universal trust management methods to compute the desired TM algorithms. Results can be simple (like the amount of negative opinions or minimal price without fraud) or can depend on each other (for example to compute risk we need to compute respective probabilities first). ...
Internet auctions are used everyday by millions. However, despite frequent criticism, only the most simple reputation systems
are used by the most popular Internet auctions today. As a consequence of this, an experienced auction user is forced to undergo
the menial task of reading and judging comments about his potential transaction partners. While it is true that the human
mind is the best possible method of evaluating this information, the task is time-consuming and error-prone: the sheer number
of comments is sometimes an obstacle to making a good decision under uncertainty. An inexperienced auction user, on the other
hand, is often daunted by the task of understanding the information provided to him. It takes some learning to understand
the value of a negative feedback, to evaluate the contents of the comments, or to understand what it means that the auction
system has returned the handling fee. The reason for this situation may be the fact that the management of auction sites uses
other mechanisms, like auction insurance or escrow, to protect users against outright fraud. And, as has been argued by the
management of auctions sites when we have had an opportunity to discuss the issue, the simplicity of the presently used reputation
system is an added bonus: it creates the impression of a simple, easy-to-understand tool. The fact that this simple tool is
vulnerable to several adversary strategies [1,2,3] and that its design has an adverse impact on the reporting behavior of
users [4,5] is not a sufficient argument for a change.
This paper describes TRUSTPACK, a decentralized trust management framework that provides trust management as a generic service. TRUSTPACK is unique in that it does not provide a central service. Instead, it is run by many autonomous services. This design enables TRUSTPACK to alleviate privacy concerns, as well as potentially provide better personalization and scalability when compared with current centralized solutions. A major component of TRUSTPACK is a generic decentralized graph query processing framework called GRAPHPACK, which was also developed as part of this work. GRAPHPACK consists of a decentralized graph processing language as well as an execution engine, as elaborated in this paper. The paper also presents several examples and a case study showing how TRUSTPACK can be used to handle various trust management scenarios, as well as its incorporation in an existing third party P2P file sharing application. Prototypes of TRUSTPACK and GRAPHPACK are available as open source projects at http://code.google.com/p/trustpack/ and http://code.google.com/p/graphpack/, respectively. Copyright © 2013 John Wiley & Sons, Ltd.
