In this chapter, the notions of trust and reputation have been introduced. We discussed how RTMs have been found useful in domains that rely on the cooperation of a network of participants. The models aid the collaboration required and the effectiveness of trust-reliant domains.
The use of reputation and trust management however, introduces an additional overhead, giving an adversary a vector to attack the system which is the reputation system itself. Intoxication, collusion, brainwashing, identity spoofing are some of the attacks that the models are exposed to. Without countermeasures, the effects of these attacks have been shown to dramatically affect the security and performance at runtime [BLB02] as evidenced in poor reliability and quality of service, higher overhead and throughput degradation. In order to address the problems of intoxication and collusion attack in reputation management, this thesis proposes a novel semi-distributed, predictive and dynamic data-driven framework that is described in Chapter 5.
2.4 Summary 31
Part II
That men do not learn very much from the lessons of history is the most important
of all the lessons of history.
Chapter 3
Computational Reputation and
Trust Models
3.1
Introduction
Generally, RTMs [BVLT07, BLB02, CWHG08, GBS08, HWK04, MM02, QHC06] provide the mechanism to monitor, gather the behaviour of members in a network and compute reputations of nodes based on the information obtained by monitoring. They also coordinate approaches to storing and exchanging of reputation information among nodes within the domain. RTMs are described as systems that provide mechanisms to produce RVs or trust ratings for each identity in the domain. Generally, RTMs aim to provide information to distinguish between trustworthy and untrustworthy members. As stated in Chapter 1, the trust models encourage members to cooperate by providing incentives and discourage maliciousness by punishment schemes such as isolation and service denial.
Normally, RTMs rely on recommendations provided by entities in the domain to
determine the reputation of others. Each model addresses some of the trust issues but not all of the problems or in the process of solving one issue, other issues are introduced. An example of the problems that arise from the reliance on these recommendations is collusion. Incentive policies that are used in P2P networks to ensure cooperation between peers are also generally susceptible to collusion attack [LZY+07].
In this section, a comparative literature review is conducted on models that have contributed to reputation and trust management in literature and give insights to developing the framework proposed in this thesis. Researchers proposed trust models to solve trust related issues and they have shown positive results. Foundational distributed frameworks were already based on social trust considerations, in that they evolved trust based on first- hand experiences and recommendations, and they integrated some trust properties: context, subjectivity, and (only later) time. The general concept of trust in Computer Science was proposed by Marsh [Mar94]. Abdul-Rahman and Hailes [ARH00] later proposed the use of recommendations for managing context-dependent and subjective trust, based on Marsh’s approach [Que09]. Their model is based on a word-of-mouth mechanism, which allows agents to decide which other agents’ opinion they trust more. They use direct and indirect (recommendations) trust and they introduced the semantic distance of the ratings in their model [Mom10].This work was foundational but was architectural in style and for example lacked a process for trust evolution [QHC06]. A notable literature by Riegelsberger et al [RSM05], although targeted at the Human Computer Interaction (HCI) community suggests basic requirements in designing a trust system. We will not go into reviewing these papers as the scope of our work is on the infrastructure level. However, 3 of the requirements stated by Riegelsberger et al that are relevant to our work include: stable
3.1 Introduction 35
identity, which we refer to as identity persistence in this thesis, traceability accountability, that involves the capability of tracing outcomes from actions, group membership and group identity.
We are specifically searching for the way design decisions are made in infrastructure related models. The design decisions include: 1) susceptibility to collusion, 2) predictive capability, and 3) architecture of the system which serves as the taxonomy for comparison. A number of literature have focused on the problem collusion and one that is noteworthy amongst them is the work of Liu and Issarny [LI04]; they proposed a (reputation-based) trust framework that is robust to both defamation and collusion attacks. [MM02, KSGM03, BLB02] are some other models that are susceptible to the attack as a result of the inherent properties of their approach and assumptions in their work. In terms of prediction, there are only a few literatures on trust management that focus on predictive accuracy. Prominent amongst them is the lightweight distributed trust propagation [Que09] that shows high predictive accuracy on a large real-world dataset, and, in contrast to existing approaches, it is fully decentralised. Other relevant work on reputation predictions include: [HCH08, LC10]. The architecture of trust models determines how information can be gathered, processed and disseminated in the domain; these and related literatures are discussed in Sections 3.10 and 3.11.3 of this chapter.
The selection of the RTMs in subsequent sections is based on the objective that each system is applicable in a one unique network domain and/or work that has been built on by other research. The architectural design is another factor that was put into consideration for our selection. Each system is chosen to provide insights into the assortment of reputation and trust management applications and to show the adaptation
of the components of reputation management systems. The models reviewed are those that are infrastructure based with the following design decisions and issues: Information gathering, Monitoring, Information representation, Recommendations and Information sharing, Scalability, Prediction & Dynamism, and Reputation metric. These serve as criteria for comparison between the RTMs; the extent to which the systems meets or fails to meet each criterion is discussed.
Additionally, this chapter describes the problem of the corruption of trust decisions resulting from recommendations made by members with interest in the domain. A gap analysis of pending problems and comparative analysis are given and these serve as the motivation of this research.