Taking Trust Management to the Next Level

Taking Trust Management to the Next Level

Rehab Alnemr, Matthias Quasthoff, Christoph Meinel
DOI: 10.4018/978-1-61520-686-5.ch034
(Individual Chapters)
No Current Special Offers


Business often develop proprietary reputation systems for their community, with the side effect of locking users into that service if they wish to maintain their reputation (Bonawitz, Chandrasekhar, & Viana, 2004). Reputation is used in multi-agent models like e-commerce, and distributed computation and reasoning. Currently, virtual communities are using their own reputation values only without exchanging knowledge. Reputation transfer or portability is a controversial subject that is considered either not applicable or of high potentials. Trust is used to carry out decisions in case of uncertainty. In that sense it is used in peer-to-peer (P2P) networks to facilitate its interactions. In P2P networks, peers’ willingness to share the content they have and forward the queries plays an important role during the content search process. Using reputation in P2P systems can be an incentive for peers to cooperate. The goal is to have dynamic social networks that work on acquiring, processing, establishing, analyzing, exchanging and evolving of knowledge. In this chapter, the authors are focusing on the use of one of the trust management approaches, namely the reputation-based approach. The connections of trust management to the classic IT security disciplines authorization, trust, and identity management will be laid out. With this background, a generic architecture for context-aware reputation systems, which can interact with identity-related services like identity providers and policy decision or enforcement points, is presented. More specialized architectures for different environments—business- or consumer-oriented—will be derived from the generic architecture.
Chapter Preview


Since the rise of the so-called Web 2.0, many social Web sites focusing on people and their relationships have attracted large number of users, and became a marketplace for various business interactions. In these Web communities, reputation related to different contexts needs to be exchanged. The perception, calculation and interpretation of this reputation differ from one community to the other creating the belief that reputation transfer is a matter of fiction. By taking a closer look at the actual difficulties of reputation transfer, we can identify the crucial points of a working reputation transfer system and finally present a means of implementing such framework.

The simplicity of current reputation systems resembles the simplicity of early identity management solutions, which basically consisted of simple databases containing usernames and passwords. Existing work on reputation systems focuses on improving the calculation of reputation values, preventing malicious actions, and deployment into the business world. The achievements in other domains, among them decentralization, standardization, and opening datasets for future enhancements, have not been considered for reputation systems. Reputation models should be capable of including and processing information that cannot be foreseen when developing or implementing the model. This will also make it possible to combine reputation information from independent sources into a more comprehensive view on the reputation of users, services, or agents. Here, a framework is proposed that facilitates the transfer of an agent’s reputation from one community to the other by introducing:

  • A new representation for the reputation value or profile; Reputation object

  • The development of reference models to diminish the distance between multi-perceptions of different communities and platforms.

  • The use of reputation centers to facilitate reputation transfer and highlight the importance of their role in analyzing attacks.

  • Defining the knowledge domain and the candidate systems that could work with the proposed model.

We are analyzing some of the existing reputation-based communities, categorizing them, and identifying reputation tools that are used. Following that, we are providing guidelines to define the most suitable ontologies to be used in order to build the knowledge base used by the model. The goal is to formalize the proposed model to facilitate integration into real life applications and problems, and to finally develop the standardized reputation reference models.

The chapter is organized as follows; first, the meaning of trust, the use of the reputation-based approach in Web communities, and the role of identity management are being discussed. Afterwards, new concepts and models that add up to form the future vision for reputation based systems and the use of new identity management approaches to ensure the development of these systems are introduced.

Key Terms in this Chapter

Reputation Reference Trust Models (RRTM): Models that explain how particular trust values have been obtained and how they can be interpreted. They are used to refer to a set of measures that each person based his opinion on.

Service-Oriented Architecture: Service-oriented architecture (SOA) is an architectural style encapsulating business functionality into separate services, which can be freely composed to realize higher-level business processes. One main argument for SOA is to achieve software components which can easily be reused in other contexts.

Trust Management: A prediction of reliance based on what a party knows about the other party, to create a framework in which two unrelated parties may establish the trust sufficient to perform sensitive transactions. The processes that include making assessments and decisions regarding trust relationships are called trust management.

Digital Identity: Digital identity is required to describe an entity in the physical world within a digital information system. Besides carrying some identifier, the digital identity will be described with the help of attributes or so-called claims.

Identity Management: Identity Management refers to establishing, describing, and eventually destroying identities. In this chapter, the term mainly refers to managing digital identities, whereas it could generally be used in broader senses as, e.g., for national identity management

Trust Reputation Center (TRC): A center that acts as a trusted third party. It is a pool of user reputation gathered from different platforms

Reputation-Based Management: Reputation is typically computed from local experiences together with the feedback given by other entities in the network.

Reputation Object: An object that contains a matrix, which represents the reputation linked with its context and the Reputation Reference Trust Model (RRTM) used to calculate this value.

Complete Chapter List

Search this Book: