2. 2 Consideraciones para el diseño de bombeo mecánico

To explore possible ways to identify good communication requests, we review how people trust each other in real life. People establish interpersonal relationships based on how they have interacted with each other, physically or electronically. Especially, if a party has “the willingness to be vulnerable to the actions of another party based on the expectation that the other will perform a particular action important to the trustor, irrespective of the ability to monitor or control the other party” [Mayer et al., 1995], a trust relationship is established. Thus, trust relationships between individuals are established based on both interactions between them and the expected risk of the peer’s actions.

In most cases, two parties in a trust relationship have previously interacted directly with each other. However, in some cases, they have had no prior direct interaction with each other. Instead, the party may have had indirect interactions that involved an organization or a third-party individual in order to determine the trustworthiness of the other party. Since the risk of accepting communication requests is usually low, a relatively lower level of trust is often sufficient to identify desirable communication requests.

The following sections focus respectively on the case where a trust relationship is the result of a direct interaction, and on the case where the trust relationship is not the result of a direct interaction. In each, we discuss how these relationships can be represented electronically and how they can be used to determine the trustworthiness of communication requests.

6.3.1 Trust Relationships Based on Direct Interactions

In the simplest case, trust relationships are based on direct social interactions, which can be divided into two groups based on how often people communicate with each other.

The first group of individuals, which is typically of limited size, consists of those who regularly communicate with each other. In most cases, these people know each other per- sonally and are connected by strong social ties, which are determined by “a combination of the amount of time, the emotional intensity, the intimacy, and the reciprocal services which characterize the tie” [Granovetter, 1973]. Examples of people connected by strong

social ties include family members, friends, and close colleagues. The second group, which is much larger, consists of people who occasionally interact with each other. This group includes casual acquaintances, colleagues, and business contacts. The social ties for people in this group are weaker and the trustworthiness may be lower than for those in the first group.

People in either group are electronically represented as contact addresses stored in the address book of the person under consideration. While the likelihood of a member of the second group appearing in the address book is lower, they are often listed in social media services as friends within one degree of separation. To identify communication requests from people in these two groups, filtering based on origin ID (i.e., caller ID or sender ID) has been widely used. This filtering requires origin ID authentication. In addition, origin- ID-based filtering is used for detecting and blocking unwanted calls or messages, so-called black-listing.

This thesis analyzes the limitations of caller-ID-based filtering using address books (Sec- tion 6.7). This thesis also proposes easier ways of collecting contact addresses from the second group using cross-media relations (Section 7.5).

6.3.2 Trust Relationships without Direct Interactions

It is also possible for trust relationships to be established without the existence of prior direct personal communication (i.e., one-on-one communication). In this case, trust rela- tionships are established using transitive trust through a trusted individual or organization, and/or on their own experience. We divide these trust relationships into the following, often overlapping, categories: using extended social graphs, experience-based, affiliation- based, credential-based, based on evaluation by a trusted third party, behavior-based or appearance-based, and location-based. We also describe how people limit the potential risk of the other’s actions. Although our analysis is based on separate categories, it is worth noting that, in practice, people trust each other in one or more ways.

Using extended social graphs

A person often trust persons whom his trusted person trusts, for example, friends of a friend or colleagues of a colleague. These people are listed in social media services as friends with two degree of separation in the extended social graphs. Additionally, they might be found in the destination IDs of email or SMS messages that are received from their friends or from the mailing list they subscribe to.

Section 7.5.1 proposes a way of encouraging users to publish their addresses in social media without privacy concerns. Friends of a friend based on the destination IDs of email messages are examined in our user study of incoming email messages described in Sec- tion 7.10.

Based on experience

People determine the trustworthiness of others based on their own experience. For example, customers who have had good shopping experiences with shops (e.g., online shopping sites or local grocery stores) trust the owners or sales persons, even though the customers do not personally know them. This type of trust is the basis of reputation services, such as customer rating system.

This thesis discusses how individuals can use their experience on online activities, such as online shopping via a Web transaction, as cross-media relations described in Chapter7, in order to determine whether a communication request is sufficiently important to answer. This thesis, however, does not discuss how to use a reputation service since it is difficult to determine the trustworthiness of the provider of the reputation service and the reviewers.

Based on affiliation

People often trust employees or students who belong to a trusted enterprise, school, or organization based on their affiliations. The trust relationship beween a person and an organization is based on the organization’s reputation or based on the person’s experience. In the latter case, the trust relationship can be regarded as a form of experience-based trust relationship.

A person’s affiliation is considered his attribute. Affiliations can be represented as attribute credentials, certificates, or assertions. Although a person’s affiliation is sometimes represented as an origin ID, such as the domain part of an email or SIP addresses, it is only useful when the user account management policy of a communication service provider is trusted.

Section 6.8 discusses the limitations on the use of origin ID as a user attribute, em- phasizing the difficulty in authenticating caller IDs. Chapter 8 proposes a simple way of validating a caller’s attributes without having to authenticate the caller’s identity or the caller ID, in order to identify good communication requests.

Based on credentials

Affiliation-based trust relationships can be generalized into credential-based trust relation- ships. People often trust each other based on credentials that are issued by an organization they trust.

Holding a credential, such as certificates or licenses, or the data on them, such as person’s age attested by a driver’s license is an attribute of the holder. Thus, similar to affiliation-based trust relationships, attribute credentials represent the concept of trust based on credentials.

Chapter 8 proposes a mechanism of validating a caller’s attributes without having to authenticate the caller’s identity or CEID.

Based on evaluation by a trusted third party

Similar to using extended social graphs, people often trust each other based on evaluation, such as rating or reputation, by a trusted third-party organization. For example, employers do background checks to confirm that prospect employees are not convicted criminals. An- other example is the case where landlords examine tenant applications based on their credit score. Other examples include the cases where people rate enterprises, such as restaurant ratings or the Better Business Bureau (BBB) ratings. These real-life examples indicate that the cost of determining trustworthiness increases with the risk caused by potential actions by the other party. Thus, this evaluation, together with affiliation-based or credential-based

examinations, is often used for determining trust worthiness.

To assess the sender domain of email messages, accreditation services have been pro- vided with the DomainKeys Identified Mail (DKIM) signature [Hansen et al., 2009]. As an extension of assessing the sender domain, vouching services for the content in the email message are being proposed [Hoffman et al., 2009]. Since ratings and the related context can be seen as a variation of a user’s attributes, they are represented as attribute certificates or assertions, similar to affiliations and credentials.

Based on behavior or appearance

People sometimes trust each other based on behavior or appearance especially when they do not have any other information about the other party. For example, people may trust neighbors who are well-dressed and greet them with a smile. They may trust those who are in the uniforms of police, safety guards, and even parking attendants. However, this type of trust is fraught with danger of mischaracterization in both directions. People subjectively judge other’s behavior or appearance by their values including prejudice, which are the outcome of their experiences. On the other hand, fraudsters and confidence tricksters who are well-dressed attempt to trick people. It is difficult to detect fraud only based on appearance when they pretend to be an official person to gain trust from people. Thus, the behavior or appearance of others is less helpful to trust others; rather, it is often useful for suspecting and distrusting others.

Statistical analysis of content or sender behavior for email messages or calls falls into this category. Similar to real-life examples, statistical analysis is useful for detecting unwanted communication requests rather than good requests.

As Section6.4explains, this thesis explores approaches to identifying good communica- tion requests, rather than detecting unwanted requests.

Based on location

People occasionally trust others based on a physical location. For example, people may trust others who live in the same neighborhood, or who work within the same building, by assessing what their social status or professions might be as a consequence. Additionally,

people may trust those who are waiting at a bus stop based on their immediate location since this location implies that they might be knowledgeable about a given bus’s schedule. Thus, location can be seen as a translation of the affiliation or the behavior of the other party. Unless physical location is certified by a trusted entity, location-based trust is prone to mischaracterization, similar to the previously explained behavior-based or appearance-based trust relationships. This is because the immediate location is often a transient attribute of a person that only provides indirect evidence for the person’s attributes, such as affiliations.

Limiting the risk by physical location or legal division

As explained above, physical location is, in general, insufficient information to take a high risk of another party’s actions. Nonetheless, it is useful for limiting the amount of risk taken, especially in the context of online transactions or communications. People may want to ensure that the involved parties or organizations are physically reachable and in their jurisdiction in case they need to be prosecuted.

Limiting the risk by involving a trusted third party

Typically when the predicted risk of other party’s action is high, people trust the other party by limiting the risk by involving a trusted third party. For example, people ask to open locks for their cars or homes, if needed, to a bonded locksmith, which is provided binding insurance. Rather than being used by itself, this limitation is usually used together with other trust relationships.

Although the outcome of a communication may expose recipients to financial or other types of loss, the risk of accepting a communication request itself is relatively low. Thus, limiting risks is usually not required for controlling unwanted communication requests.