SlideShare a Scribd company logo

Trust in the Virtual World

S
Sadegh Dorri N.

امروزه با پیشرفت فناوری‌های ارتباطی، خصوصاً شبکه‌های کامپیوتری و اینترنت، تعاملات و فعالیت‌ها در محیط‌های مجازی فزونی یافته است. در تعاملات فیزیکی، اعتماد نقش مهمی را در شرایط نایقینی بازی می‌کند. در فضاهای مجازی تعاملی نیز هنگام تصمیم‌گیری در مورد ارتباطات، و انتخاب از میان محتواهای ارائه شده می‌توان با ارائه تعریف مناسبی از اعتماد و به کارگیری آن، سیستم‌های کاراتر و پویاتری طراحی کرد. در این ارائه به بررسی نحوه تعریف و محاسبه اعتماد در حوزه‌های کاربردی مختلف می‌پردازیم. سپس با برخی کاربردهای این مباحث در ایجاد سامانه‌های کارا و پویا (نظیر سیستم‌های توصیه، جمع‌آوری اخبار، فیلترکردن ایمیل و مسیریابی همتا به همتا) آشنا می‌شویم.

Engineering
1 of 32
Download to read offline
Trust in the Virtual World By: Sadegh Dorri Nogoorani http://ce.sharif.edu/~dorri 1390/8/2 – 2011/10/24 (ISC Monthly Seminar) In the Name of Allah
Who Knows on the Net...? A notion of trust similar to real world trust is needed in the virtual world… Coordinating Agent Interactions without Strict Control Mechanisms Fig. by Peter Steiner (The New Yorker, 5 July 1993) 1390/8/2 - 2011/10/24 2Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Outline  Concepts Definitions and basic terminology  Trust and Reputation in Action Applications Attacks  Trust Engines Probabilistic, logic, …  Trust in CROWDS A detailed example 1390/8/2 - 2011/10/24 3Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
CONCEPTS 4
Trust (‫)اعتماد‬  Definition [CF10] The expectation/belief that… … trustee will perform actions designed to produce positive results in the future for the trustor… … in situations of consistent perceived risk.  Properties Subjective, context dependent, asymmetric, transitive, dynamic  Calculation Structural: organizational, category-membership Relational: history-based, using trust transitivity Cognitive: dispositional, trustee attributes 1390/8/2 - 2011/10/24 5Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Trust Scenario Trustor (‫اعتمادگر‬) Trustee (‫معتمد‬) Direct Trust (‫مستقیم‬ ‫)اعتماد‬ Functional (‫عملکردی‬) Referential (‫ارجاعی‬) Functional Functional Indirect Trust (Inference) ‫مستقیم‬ ‫غیر‬ ‫اعتماد‬(‫استنتاج‬) 1390/8/2 - 2011/10/24 6Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) Recommenders (‫گران‬‫)توصیه‬
Reputation ( ‫شهرت‬/‫وجهه‬ )  Definition (Concise Oxford Dictionary) A widespread belief that someone or something has a particular characteristic. Common belief  Relationship with Trust Trust is subjective and has more weight “I trust you because of your good reputation” “I trust you despite your bad reputation” 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 7
TRUST AND REPUTATION IN ACTION 8
Aspects of a Trust System [HZN09] 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 9
Applications of Trust  Soft Security Mechanism against Low quality services Misrepresentation of services Incorrect information Fraud  Others Recommender and filtering systems  Targets Content, services, people 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 10
Attacks on a Trust-Based System  Self-Promotion Falsely increase the trust on the attacker(s)  Whitewashing (‫)الپوشانی‬ Restoring the broken trust  Slandering (‫کردن‬ ‫)الغر‬ Falsely reduce the trust on other nodes  Other Hybrid of the above attacks, DoS, … 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 11
Example: Reputation in a P2P System ● Nodes have no information about most others ● Fake or virus infected content ● Free riders ● Challenges ● Anonymity -> selfish users ● Highly distributed ● Unreliable network connections ● Partial information (in unstructured topologies) ● Untrustworthiness of storage peers 1390/8/2 - 2011/10/24 12Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Example: Email Filtering ● Blind delivery of messages ● In Jan.of 2008, 75% of Internet email was spam. ● Detecting spam after delivery wastes a lot of resources and is error-prone. ● KarmaNET [SXMW09] ● Messages are routed through social paths ● Trust is defined in three aspects: – Routing (against free-riders) – Forwarding (distinguish malicious nodes from careless forwarders) – Initiation ● Bad messages penalize all related peers, so they (automatically) tune their behavior 1390/8/2 - 2011/10/24 13Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Example: Social Routing ● Blind routing ● Has inherent security problems such as DDoS and Spam ● No separation between routing addr. & identity ● Lack of msg. receiver control ● Solutions are not scalable and/or inefficient ● DSL [BYHW09] ● Messages are routed through social paths between sender and receiver, and based on the keywords describing the intention of the message. 1390/8/2 - 2011/10/24 14Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Example: Security and Privacy with Trust  Probabilistic Security Security is not definite in many cases Hard-to-break security: birthday attack Trust can be used to tune the desired security  Access control User levels are determined using trust metrics (Advogato, StackExchange) Hybrid security policy: super computer example  Privacy in Anonymity Networks 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 15
Other Applications ● News syndication ● Using trust in order to resolve contradictions in information ● Discard the statements from the least trusted sources ● Recommender systems ● To use trust in place of similarity ● Users are significantly more similar to their trusted peers than to the population as a whole 1390/8/2 - 2011/10/24 16Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
TRUST ENGINES 17
Simple Summation or Average of Ratings ● More advanced: weighted average ● Trustworthiness/reputation ● Age of the rating ● Distance between rating and current score 1390/8/2 - 2011/10/24 18Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)     i ii w wr 
Probabilistic Engines  Trust: Expected Probability of Success  Bayesian Approach [JI02] Use the Bayes rule to update p  HMM Approach [ElS10] Use a Hidden Markov Model to calculate p 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 19 },{ xxR  ),,|Pr( ,, 1 ,, tetr tn tetr t tetr t tetr t OOxOp  ][ ,, tetr t tetr t pE 2 1    sr r 
Trust Inference ● Trust in an unknown peer can be inferred according to paths in social networks ● Strongest path ● Weighted paths ● BFS-like (TidalTrust) ● Probabilistic and Bayesian methods ● Subjective logic operators 1390/8/2 - 2011/10/24 20Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Subjective Logic [JHP06] 1390/8/2 - 2011/10/24 21Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) ),,,( audbA B  B C A B BA C  : B C A B BA C  
Other Engines  Fuzzy Inference Engines Direct trust: multi-criteria decision making Trust inference: fuzzy aggregation operators  Game Theoretic Approaches Try to defend strategic attacks  Many Proposals:  or  ? Evaluation: human-based vs. utility-based Must be related to human notion of trust 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 22
A DETAILED EXAMPLE Trust in CROWDS 23
The CROWDS Protocol [RR98]  Provides Anonymous Web Transactions A user is either completely honest or dishonest The originator passes the message to a randomly selected path of users to reach destination (the reverse for reply).  Probability of Forwarding 1-pf: forward to the end server pf: forward to a random user  Privacy (Anonymity) Level: Probable Innocence … the sender appears no more likely to be the originator than to not be. 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 24
CROWDS + Trust  Extended Protocol [SEH10] The users may switch between honest and dishonest. Trust (reputation) info + forwarding policy  ti (in [0,1]): The Reputation of a User Robustness of user i to becoming corrupt (probability)  {q1,…,qn}: The Forwarding Policy Common to all users qi: The probability of forwarding to user i 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 25
Anonymity in CROWDS + Trust 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 26  Guaranteeing Probable Innocence Idea: adjust the forwarding policy according to reputation values Solve the following system of linear inequalities to find the desired forwarding policy(ies): 2 1
Anonymity in CROWDS + Trust (cont.)  Example with Three Principles The equations yield two solutions: A possible choice: 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 27
Comparing with the Original CROWDS  Forwarding Policy of the original protocol: Does not satisfy the innocence inequalities  Consequence: If the users are partially honest, the CROWDS may not provide probable innocence. Trust information can be used to provide the required anonymity. 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 28
Conclusions ● Trust in the VW ● Translating social concepts to computational methods ● Many applications ● Sound mathematical basis ● Trust as a Soft Security Mechanism ● Access control ● Probabilistic security ● … ● A Long Way in Front! 1390/8/2 - 2011/10/24 29Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
THANKS! More Info. on My Homepage: http://ce.sharif.edu/~dorri 30
References [BYHW09] L. Banks, S. Ye, Y. Huang, and S. F. Wu, “Davis social links: integrating social networks with internet routing,” in Proceedings of the 2007 Workshop on Large Scale Attack Defense (LSAD’07), New York, NY, USA, 2007, pp. 121–128. [CF10] C. Castelfranchi and R. Falcone, Trust theory: a socio-cognitive and computational model. Chichester, West Sussex, England: Wiley, 2010. [ElS10] E. ElSalamouny, “HMM-based trust model,” Revised Selected Papers of the 6th International Workshop on Formal Aspects in Security and Trust (FAST), Eindhoven, The Netherlands, Nov. 2009, vol. 5983, pp. 21-35, 2010. [Gol06] J. Golbeck, “Trust on the World Wide Web: A Survey”, Foundation and Trends in Web Science, vol. 1, no. 2, pp. 131–197, 2006. [HZN09] K. Hoffman, D. Zage, and C. Nita-Rotaru, “A survey of attack and defense techniques for reputation systems,” ACM Computing Surveys, vol. 42, no. 1, pp. 1- 31, Dec. 2009. [JHP06] A. Jøsang, R. Hayward, and S. Pope, “Trust network analysis with subjective logic,” in Proceedings of the 29th Australasian Computer Science Conference - Volume 48, Hobart, Australia, 2006, pp. 85-94. [JI02] A. Jøsang and R. Ismail, “The Beta Reputation System,” in Proceedings of the 15th Bled Conference on Electronic Commerce, Bled, Slovenia, 2002. 1390/8/2 - 2011/10/24 31Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
References (cont’d) [SEH10] V. Sassone, E. ElSalamouny, and S. Hamadou, “Trust in Crowds: Probabilistic Behaviour in Anonymity Protocols,” in Trustworthly Global Computing, vol. 6084, M. Wirsing, M. Hofmann, and A. Rauschmayer, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 88-102. [SXMW09] M. Spear, Xiaoming Lu, N. Matloff, and S. F. Wu, “KarmaNET: Leveraging trusted social paths to create judicious forwarders,” in Proceedings of the 1st International Conference on Future Information Networks (ICFIN), Beinjin, China, 2009, pp. 218-223. [RR98] M. K. Reiter and A. D. Rubin, “Crowds: anonymity for Web transactions,” ACM Transactions on Information Systems Security, vol. 1, no. 1, pp. 66–92, Nov. 1998. 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 32

Recommended

Uncertainty in Probabilistic Trust Models
Uncertainty in Probabilistic Trust ModelsUncertainty in Probabilistic Trust Models
Uncertainty in Probabilistic Trust Models
Sadegh Dorri N.
 
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear PairingsID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
CSCJournals
 
Meetup 22/2/2018 - Artificiële Intelligentie & Human Resources
Meetup 22/2/2018 - Artificiële Intelligentie & Human ResourcesMeetup 22/2/2018 - Artificiële Intelligentie & Human Resources
Meetup 22/2/2018 - Artificiële Intelligentie & Human Resources
Digipolis Antwerpen
 
How the Context Matters Language and Interaction in Dialogues
How the Context Matters Language and Interaction in DialoguesHow the Context Matters Language and Interaction in Dialogues
How the Context Matters Language and Interaction in Dialogues
Yun-Nung (Vivian) Chen
 
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
csandit
 
حریم خصوصی در دنیای مدرن: خواسته‌ها، چالش‌ها، و راه‌حل‌ها
حریم خصوصی در دنیای مدرن: خواسته‌ها، چالش‌ها، و راه‌حل‌هاحریم خصوصی در دنیای مدرن: خواسته‌ها، چالش‌ها، و راه‌حل‌ها
حریم خصوصی در دنیای مدرن: خواسته‌ها، چالش‌ها، و راه‌حل‌ها
Sadegh Dorri N.
 
ارزیابی سامانه‌های رایانه‌ای با کمک شبیه‌سازی
ارزیابی سامانه‌های رایانه‌ای با کمک شبیه‌سازیارزیابی سامانه‌های رایانه‌ای با کمک شبیه‌سازی
ارزیابی سامانه‌های رایانه‌ای با کمک شبیه‌سازی
Sadegh Dorri N.
 
Logic Programming and Prolog
Logic Programming and PrologLogic Programming and Prolog
Logic Programming and Prolog
Sadegh Dorri N.
 

Recommended

Uncertainty in Probabilistic Trust Models
Uncertainty in Probabilistic Trust ModelsUncertainty in Probabilistic Trust Models
Uncertainty in Probabilistic Trust Models
Sadegh Dorri N.
 
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear PairingsID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
CSCJournals
 
Meetup 22/2/2018 - Artificiële Intelligentie & Human Resources
Meetup 22/2/2018 - Artificiële Intelligentie & Human ResourcesMeetup 22/2/2018 - Artificiële Intelligentie & Human Resources
Meetup 22/2/2018 - Artificiële Intelligentie & Human Resources
Digipolis Antwerpen
 
How the Context Matters Language and Interaction in Dialogues
How the Context Matters Language and Interaction in DialoguesHow the Context Matters Language and Interaction in Dialogues
How the Context Matters Language and Interaction in Dialogues
Yun-Nung (Vivian) Chen
 
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
csandit
 
حریم خصوصی در دنیای مدرن: خواسته‌ها، چالش‌ها، و راه‌حل‌ها
حریم خصوصی در دنیای مدرن: خواسته‌ها، چالش‌ها، و راه‌حل‌هاحریم خصوصی در دنیای مدرن: خواسته‌ها، چالش‌ها، و راه‌حل‌ها
حریم خصوصی در دنیای مدرن: خواسته‌ها، چالش‌ها، و راه‌حل‌ها
Sadegh Dorri N.
 
ارزیابی سامانه‌های رایانه‌ای با کمک شبیه‌سازی
ارزیابی سامانه‌های رایانه‌ای با کمک شبیه‌سازیارزیابی سامانه‌های رایانه‌ای با کمک شبیه‌سازی
ارزیابی سامانه‌های رایانه‌ای با کمک شبیه‌سازی
Sadegh Dorri N.
 
Logic Programming and Prolog
Logic Programming and PrologLogic Programming and Prolog
Logic Programming and Prolog
Sadegh Dorri N.
 
Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5
RMK ENGINEERING COLLEGE, CHENNAI
 
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
1crore projects
 
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONS
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONSA CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONS
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONS
IJNSA Journal
 
Towards Statistical Queries over Distributed Private User Data
Towards Statistical Queries over Distributed Private User Data Towards Statistical Queries over Distributed Private User Data
Towards Statistical Queries over Distributed Private User Data
Serafeim Chatzopoulos
 
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORK
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORKTRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORK
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORK
cscpconf
 
A cryptographic mutual authentication scheme for web applications
A cryptographic mutual authentication scheme for web applicationsA cryptographic mutual authentication scheme for web applications
A cryptographic mutual authentication scheme for web applications
IJNSA Journal
 
SelCSP: A Framework to Facilitate Selection of Cloud Service Providers
SelCSP: A Framework to Facilitate Selection of Cloud Service ProvidersSelCSP: A Framework to Facilitate Selection of Cloud Service Providers
SelCSP: A Framework to Facilitate Selection of Cloud Service Providers
1crore projects
 
In this paper we present a necessary and sufficient condition for Hamiltonian...
In this paper we present a necessary and sufficient condition for Hamiltonian...In this paper we present a necessary and sufficient condition for Hamiltonian...
In this paper we present a necessary and sufficient condition for Hamiltonian...
graphhoc
 
An exaustive survey of trust models in p2 p network
An exaustive survey of trust models in p2 p networkAn exaustive survey of trust models in p2 p network
An exaustive survey of trust models in p2 p network
ijwscjournal
 
DDNFS: a Distributed Digital Notary File System
DDNFS: a Distributed Digital Notary File SystemDDNFS: a Distributed Digital Notary File System
DDNFS: a Distributed Digital Notary File System
IJNSA Journal
 
Implementation_of_User_Authentication_as
Implementation_of_User_Authentication_asImplementation_of_User_Authentication_as
Implementation_of_User_Authentication_as
Masood Shah
 
Implementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud networkImplementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud network
Salam Shah
 
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
CREST @ University of Adelaide
 
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRID
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRIDPURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRID
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRID
ijngnjournal
 
Adhoc and Sensor Networks - Chapter 10
Adhoc and Sensor Networks - Chapter 10Adhoc and Sensor Networks - Chapter 10
Adhoc and Sensor Networks - Chapter 10
Ali Habeeb
 
Vinod Rebello
Vinod RebelloVinod Rebello
Vinod Rebello
prensacespi
 
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
Lal Chandran
 
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORKAN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
ijwscjournal
 
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORKAN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
ijwscjournal
 
International journal of computer science and innovation vol 2015-n2-paper4
International journal of computer science and innovation vol 2015-n2-paper4International journal of computer science and innovation vol 2015-n2-paper4
International journal of computer science and innovation vol 2015-n2-paper4
sophiabelthome
 
فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین (شانزدهمین کنفرانس مهندسی ص...
فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین (شانزدهمین کنفرانس مهندسی ص...فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین (شانزدهمین کنفرانس مهندسی ص...
فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین (شانزدهمین کنفرانس مهندسی ص...
Sadegh Dorri N.
 
معرفی آزمایشگاه زنجیره بلوک و زمینه‌های پژوهشی
معرفی آزمایشگاه زنجیره بلوک و زمینه‌های پژوهشیمعرفی آزمایشگاه زنجیره بلوک و زمینه‌های پژوهشی
معرفی آزمایشگاه زنجیره بلوک و زمینه‌های پژوهشی
Sadegh Dorri N.
 

More Related Content

Similar to Trust in the Virtual World

A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
1crore projects
 
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONS
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONSA CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONS
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONS
IJNSA Journal
 
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORK
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORKTRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORK
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORK
cscpconf
 
A cryptographic mutual authentication scheme for web applications
A cryptographic mutual authentication scheme for web applicationsA cryptographic mutual authentication scheme for web applications
A cryptographic mutual authentication scheme for web applications
IJNSA Journal
 
SelCSP: A Framework to Facilitate Selection of Cloud Service Providers
SelCSP: A Framework to Facilitate Selection of Cloud Service ProvidersSelCSP: A Framework to Facilitate Selection of Cloud Service Providers
SelCSP: A Framework to Facilitate Selection of Cloud Service Providers
1crore projects
 
An exaustive survey of trust models in p2 p network
An exaustive survey of trust models in p2 p networkAn exaustive survey of trust models in p2 p network
An exaustive survey of trust models in p2 p network
ijwscjournal
 
DDNFS: a Distributed Digital Notary File System
DDNFS: a Distributed Digital Notary File SystemDDNFS: a Distributed Digital Notary File System
DDNFS: a Distributed Digital Notary File System
IJNSA Journal
 
Implementation_of_User_Authentication_as
Implementation_of_User_Authentication_asImplementation_of_User_Authentication_as
Implementation_of_User_Authentication_as
Masood Shah
 
Implementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud networkImplementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud network
Salam Shah
 
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRID
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRIDPURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRID
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRID
ijngnjournal
 
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
Lal Chandran
 
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORKAN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
ijwscjournal
 
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORKAN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
ijwscjournal
 

Similar to Trust in the Virtual World (20)

Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5Cs6703 grid and cloud computing unit 5
Cs6703 grid and cloud computing unit 5
 
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
 
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONS
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONSA CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONS
A CRYPTOGRAPHIC MUTUAL AUTHENTICATION SCHEME FOR WEB APPLICATIONS
 
Towards Statistical Queries over Distributed Private User Data
Towards Statistical Queries over Distributed Private User Data Towards Statistical Queries over Distributed Private User Data
Towards Statistical Queries over Distributed Private User Data
 
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORK
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORKTRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORK
TRUST ORIENTED SECURITY FRAMEWORK FOR AD HOC NETWORK
 
A cryptographic mutual authentication scheme for web applications
A cryptographic mutual authentication scheme for web applicationsA cryptographic mutual authentication scheme for web applications
A cryptographic mutual authentication scheme for web applications
 
SelCSP: A Framework to Facilitate Selection of Cloud Service Providers
SelCSP: A Framework to Facilitate Selection of Cloud Service ProvidersSelCSP: A Framework to Facilitate Selection of Cloud Service Providers
SelCSP: A Framework to Facilitate Selection of Cloud Service Providers
 
In this paper we present a necessary and sufficient condition for Hamiltonian...
In this paper we present a necessary and sufficient condition for Hamiltonian...In this paper we present a necessary and sufficient condition for Hamiltonian...
In this paper we present a necessary and sufficient condition for Hamiltonian...
 
An exaustive survey of trust models in p2 p network
An exaustive survey of trust models in p2 p networkAn exaustive survey of trust models in p2 p network
An exaustive survey of trust models in p2 p network
 
DDNFS: a Distributed Digital Notary File System
DDNFS: a Distributed Digital Notary File SystemDDNFS: a Distributed Digital Notary File System
DDNFS: a Distributed Digital Notary File System
 
Implementation_of_User_Authentication_as
Implementation_of_User_Authentication_asImplementation_of_User_Authentication_as
Implementation_of_User_Authentication_as
 
Implementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud networkImplementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud network
 
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
Privacy Engineering: Enabling Mobility of Mental Health Services with Data Pr...
 
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRID
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRIDPURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRID
PURGING OF UNTRUSTWORTHY RECOMMENDATIONS FROM A GRID
 
Adhoc and Sensor Networks - Chapter 10
Adhoc and Sensor Networks - Chapter 10Adhoc and Sensor Networks - Chapter 10
Adhoc and Sensor Networks - Chapter 10
 
Vinod Rebello
Vinod RebelloVinod Rebello
Vinod Rebello
 
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
 
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORKAN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
 
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORKAN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
AN EXAUSTIVE SURVEY OF TRUST MODELS IN P2P NETWORK
 
International journal of computer science and innovation vol 2015-n2-paper4
International journal of computer science and innovation vol 2015-n2-paper4International journal of computer science and innovation vol 2015-n2-paper4
International journal of computer science and innovation vol 2015-n2-paper4
 

More from Sadegh Dorri N.

Lightweight Virtualization in Linux
Lightweight Virtualization in LinuxLightweight Virtualization in Linux
Lightweight Virtualization in Linux
Sadegh Dorri N.
 
کنترل دسترسی بر مبنای اعتماد و آگاه از مخاطره در توری
کنترل دسترسی بر مبنای اعتماد و آگاه از مخاطره در توریکنترل دسترسی بر مبنای اعتماد و آگاه از مخاطره در توری
کنترل دسترسی بر مبنای اعتماد و آگاه از مخاطره در توری
Sadegh Dorri N.
 
مهندسی حریم خصوصی
مهندسی حریم خصوصیمهندسی حریم خصوصی
مهندسی حریم خصوصی
Sadegh Dorri N.
 

More from Sadegh Dorri N. (11)

فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین (شانزدهمین کنفرانس مهندسی ص...
فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین (شانزدهمین کنفرانس مهندسی ص...فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین (شانزدهمین کنفرانس مهندسی ص...
فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین (شانزدهمین کنفرانس مهندسی ص...
 
معرفی آزمایشگاه زنجیره بلوک و زمینه‌های پژوهشی
معرفی آزمایشگاه زنجیره بلوک و زمینه‌های پژوهشیمعرفی آزمایشگاه زنجیره بلوک و زمینه‌های پژوهشی
معرفی آزمایشگاه زنجیره بلوک و زمینه‌های پژوهشی
 
فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین
فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمینفناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین
فناوری زنجیره بلوک و کاربردهای آن در زنجیره تأمین
 
Smart Contract Security
Smart Contract SecuritySmart Contract Security
Smart Contract Security
 
Blockchain-based Applications
Blockchain-based ApplicationsBlockchain-based Applications
Blockchain-based Applications
 
Varieties of Blockchains
Varieties of BlockchainsVarieties of Blockchains
Varieties of Blockchains
 
Bitcoin Mechanics
Bitcoin MechanicsBitcoin Mechanics
Bitcoin Mechanics
 
Introduction to Bitcoin
Introduction to BitcoinIntroduction to Bitcoin
Introduction to Bitcoin
 
Lightweight Virtualization in Linux
Lightweight Virtualization in LinuxLightweight Virtualization in Linux
Lightweight Virtualization in Linux
 
کنترل دسترسی بر مبنای اعتماد و آگاه از مخاطره در توری
کنترل دسترسی بر مبنای اعتماد و آگاه از مخاطره در توریکنترل دسترسی بر مبنای اعتماد و آگاه از مخاطره در توری
کنترل دسترسی بر مبنای اعتماد و آگاه از مخاطره در توری
 
مهندسی حریم خصوصی
مهندسی حریم خصوصیمهندسی حریم خصوصی
مهندسی حریم خصوصی
 

Recently uploaded

"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
mphochane1998
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
Kamal Acharya
 
Electromagnetic relays used for power system .pptx
Electromagnetic relays used for power system .pptxElectromagnetic relays used for power system .pptx
Electromagnetic relays used for power system .pptx
NANDHAKUMARA10
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ssuser89054b
 
Online food ordering system project report.pdf
Online food ordering system project report.pdfOnline food ordering system project report.pdf
Online food ordering system project report.pdf
Kamal Acharya
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Kandungan 087776558899
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
Neometrix_Engineering_Pvt_Ltd
 

Recently uploaded (20)

Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network Devices
 
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
 
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxHOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdf
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
Electromagnetic relays used for power system .pptx
Electromagnetic relays used for power system .pptxElectromagnetic relays used for power system .pptx
Electromagnetic relays used for power system .pptx
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
 
PE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiesPE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and properties
 
Online food ordering system project report.pdf
Online food ordering system project report.pdfOnline food ordering system project report.pdf
Online food ordering system project report.pdf
 
Worksharing and 3D Modeling with Revit.pptx
Worksharing and 3D Modeling with Revit.pptxWorksharing and 3D Modeling with Revit.pptx
Worksharing and 3D Modeling with Revit.pptx
 
Introduction to Artificial Intelligence ( AI)
Introduction to Artificial Intelligence ( AI)Introduction to Artificial Intelligence ( AI)
Introduction to Artificial Intelligence ( AI)
 
Convergence of Robotics and Gen AI offers excellent opportunities for Entrepr...
Convergence of Robotics and Gen AI offers excellent opportunities for Entrepr...Convergence of Robotics and Gen AI offers excellent opportunities for Entrepr...
Convergence of Robotics and Gen AI offers excellent opportunities for Entrepr...
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
 
Signal Processing and Linear System Analysis
Signal Processing and Linear System AnalysisSignal Processing and Linear System Analysis
Signal Processing and Linear System Analysis
 
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKARHAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
 
Post office management system project ..pdf
Post office management system project ..pdfPost office management system project ..pdf
Post office management system project ..pdf
 

Trust in the Virtual World

  • 1. Trust in the Virtual World By: Sadegh Dorri Nogoorani http://ce.sharif.edu/~dorri 1390/8/2 – 2011/10/24 (ISC Monthly Seminar) In the Name of Allah
  • 2. Who Knows on the Net...? A notion of trust similar to real world trust is needed in the virtual world… Coordinating Agent Interactions without Strict Control Mechanisms Fig. by Peter Steiner (The New Yorker, 5 July 1993) 1390/8/2 - 2011/10/24 2Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
  • 3. Outline  Concepts Definitions and basic terminology  Trust and Reputation in Action Applications Attacks  Trust Engines Probabilistic, logic, …  Trust in CROWDS A detailed example 1390/8/2 - 2011/10/24 3Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
  • 5. Trust (‫)اعتماد‬  Definition [CF10] The expectation/belief that… … trustee will perform actions designed to produce positive results in the future for the trustor… … in situations of consistent perceived risk.  Properties Subjective, context dependent, asymmetric, transitive, dynamic  Calculation Structural: organizational, category-membership Relational: history-based, using trust transitivity Cognitive: dispositional, trustee attributes 1390/8/2 - 2011/10/24 5Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
  • 6. Trust Scenario Trustor (‫اعتمادگر‬) Trustee (‫معتمد‬) Direct Trust (‫مستقیم‬ ‫)اعتماد‬ Functional (‫عملکردی‬) Referential (‫ارجاعی‬) Functional Functional Indirect Trust (Inference) ‫مستقیم‬ ‫غیر‬ ‫اعتماد‬(‫استنتاج‬) 1390/8/2 - 2011/10/24 6Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) Recommenders (‫گران‬‫)توصیه‬
  • 7. Reputation ( ‫شهرت‬/‫وجهه‬ )  Definition (Concise Oxford Dictionary) A widespread belief that someone or something has a particular characteristic. Common belief  Relationship with Trust Trust is subjective and has more weight “I trust you because of your good reputation” “I trust you despite your bad reputation” 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 7
  • 9. Aspects of a Trust System [HZN09] 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 9
  • 10. Applications of Trust  Soft Security Mechanism against Low quality services Misrepresentation of services Incorrect information Fraud  Others Recommender and filtering systems  Targets Content, services, people 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 10
  • 11. Attacks on a Trust-Based System  Self-Promotion Falsely increase the trust on the attacker(s)  Whitewashing (‫)الپوشانی‬ Restoring the broken trust  Slandering (‫کردن‬ ‫)الغر‬ Falsely reduce the trust on other nodes  Other Hybrid of the above attacks, DoS, … 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 11
  • 12. Example: Reputation in a P2P System ● Nodes have no information about most others ● Fake or virus infected content ● Free riders ● Challenges ● Anonymity -> selfish users ● Highly distributed ● Unreliable network connections ● Partial information (in unstructured topologies) ● Untrustworthiness of storage peers 1390/8/2 - 2011/10/24 12Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
  • 13. Example: Email Filtering ● Blind delivery of messages ● In Jan.of 2008, 75% of Internet email was spam. ● Detecting spam after delivery wastes a lot of resources and is error-prone. ● KarmaNET [SXMW09] ● Messages are routed through social paths ● Trust is defined in three aspects: – Routing (against free-riders) – Forwarding (distinguish malicious nodes from careless forwarders) – Initiation ● Bad messages penalize all related peers, so they (automatically) tune their behavior 1390/8/2 - 2011/10/24 13Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
  • 14. Example: Social Routing ● Blind routing ● Has inherent security problems such as DDoS and Spam ● No separation between routing addr. & identity ● Lack of msg. receiver control ● Solutions are not scalable and/or inefficient ● DSL [BYHW09] ● Messages are routed through social paths between sender and receiver, and based on the keywords describing the intention of the message. 1390/8/2 - 2011/10/24 14Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
  • 15. Example: Security and Privacy with Trust  Probabilistic Security Security is not definite in many cases Hard-to-break security: birthday attack Trust can be used to tune the desired security  Access control User levels are determined using trust metrics (Advogato, StackExchange) Hybrid security policy: super computer example  Privacy in Anonymity Networks 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 15
  • 16. Other Applications ● News syndication ● Using trust in order to resolve contradictions in information ● Discard the statements from the least trusted sources ● Recommender systems ● To use trust in place of similarity ● Users are significantly more similar to their trusted peers than to the population as a whole 1390/8/2 - 2011/10/24 16Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
  • 18. Simple Summation or Average of Ratings ● More advanced: weighted average ● Trustworthiness/reputation ● Age of the rating ● Distance between rating and current score 1390/8/2 - 2011/10/24 18Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)     i ii w wr 
  • 19. Probabilistic Engines  Trust: Expected Probability of Success  Bayesian Approach [JI02] Use the Bayes rule to update p  HMM Approach [ElS10] Use a Hidden Markov Model to calculate p 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 19 },{ xxR  ),,|Pr( ,, 1 ,, tetr tn tetr t tetr t tetr t OOxOp  ][ ,, tetr t tetr t pE 2 1    sr r 
  • 20. Trust Inference ● Trust in an unknown peer can be inferred according to paths in social networks ● Strongest path ● Weighted paths ● BFS-like (TidalTrust) ● Probabilistic and Bayesian methods ● Subjective logic operators 1390/8/2 - 2011/10/24 20Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
  • 21. Subjective Logic [JHP06] 1390/8/2 - 2011/10/24 21Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) ),,,( audbA B  B C A B BA C  : B C A B BA C  
  • 22. Other Engines  Fuzzy Inference Engines Direct trust: multi-criteria decision making Trust inference: fuzzy aggregation operators  Game Theoretic Approaches Try to defend strategic attacks  Many Proposals:  or  ? Evaluation: human-based vs. utility-based Must be related to human notion of trust 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 22
  • 23. A DETAILED EXAMPLE Trust in CROWDS 23
  • 24. The CROWDS Protocol [RR98]  Provides Anonymous Web Transactions A user is either completely honest or dishonest The originator passes the message to a randomly selected path of users to reach destination (the reverse for reply).  Probability of Forwarding 1-pf: forward to the end server pf: forward to a random user  Privacy (Anonymity) Level: Probable Innocence … the sender appears no more likely to be the originator than to not be. 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 24
  • 25. CROWDS + Trust  Extended Protocol [SEH10] The users may switch between honest and dishonest. Trust (reputation) info + forwarding policy  ti (in [0,1]): The Reputation of a User Robustness of user i to becoming corrupt (probability)  {q1,…,qn}: The Forwarding Policy Common to all users qi: The probability of forwarding to user i 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 25
  • 26. Anonymity in CROWDS + Trust 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 26  Guaranteeing Probable Innocence Idea: adjust the forwarding policy according to reputation values Solve the following system of linear inequalities to find the desired forwarding policy(ies): 2 1
  • 27. Anonymity in CROWDS + Trust (cont.)  Example with Three Principles The equations yield two solutions: A possible choice: 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 27
  • 28. Comparing with the Original CROWDS  Forwarding Policy of the original protocol: Does not satisfy the innocence inequalities  Consequence: If the users are partially honest, the CROWDS may not provide probable innocence. Trust information can be used to provide the required anonymity. 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 28
  • 29. Conclusions ● Trust in the VW ● Translating social concepts to computational methods ● Many applications ● Sound mathematical basis ● Trust as a Soft Security Mechanism ● Access control ● Probabilistic security ● … ● A Long Way in Front! 1390/8/2 - 2011/10/24 29Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
  • 30. THANKS! More Info. on My Homepage: http://ce.sharif.edu/~dorri 30
  • 31. References [BYHW09] L. Banks, S. Ye, Y. Huang, and S. F. Wu, “Davis social links: integrating social networks with internet routing,” in Proceedings of the 2007 Workshop on Large Scale Attack Defense (LSAD’07), New York, NY, USA, 2007, pp. 121–128. [CF10] C. Castelfranchi and R. Falcone, Trust theory: a socio-cognitive and computational model. Chichester, West Sussex, England: Wiley, 2010. [ElS10] E. ElSalamouny, “HMM-based trust model,” Revised Selected Papers of the 6th International Workshop on Formal Aspects in Security and Trust (FAST), Eindhoven, The Netherlands, Nov. 2009, vol. 5983, pp. 21-35, 2010. [Gol06] J. Golbeck, “Trust on the World Wide Web: A Survey”, Foundation and Trends in Web Science, vol. 1, no. 2, pp. 131–197, 2006. [HZN09] K. Hoffman, D. Zage, and C. Nita-Rotaru, “A survey of attack and defense techniques for reputation systems,” ACM Computing Surveys, vol. 42, no. 1, pp. 1- 31, Dec. 2009. [JHP06] A. Jøsang, R. Hayward, and S. Pope, “Trust network analysis with subjective logic,” in Proceedings of the 29th Australasian Computer Science Conference - Volume 48, Hobart, Australia, 2006, pp. 85-94. [JI02] A. Jøsang and R. Ismail, “The Beta Reputation System,” in Proceedings of the 15th Bled Conference on Electronic Commerce, Bled, Slovenia, 2002. 1390/8/2 - 2011/10/24 31Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
  • 32. References (cont’d) [SEH10] V. Sassone, E. ElSalamouny, and S. Hamadou, “Trust in Crowds: Probabilistic Behaviour in Anonymity Protocols,” in Trustworthly Global Computing, vol. 6084, M. Wirsing, M. Hofmann, and A. Rauschmayer, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 88-102. [SXMW09] M. Spear, Xiaoming Lu, N. Matloff, and S. F. Wu, “KarmaNET: Leveraging trusted social paths to create judicious forwarders,” in Proceedings of the 1st International Conference on Future Information Networks (ICFIN), Beinjin, China, 2009, pp. 218-223. [RR98] M. K. Reiter and A. D. Rubin, “Crowds: anonymity for Web transactions,” ACM Transactions on Information Systems Security, vol. 1, no. 1, pp. 66–92, Nov. 1998. 1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 32