You are on page 1of 30

Trust Management Survey

Sini Ruohomaa , Lea Kutvonen University of Helsinki, Finland iTrust 2005 Presented by Wen-Yuan Zhu

• Introduction • On the Nature of Trust • The Tasks of a Trust Management System • Conclusions

• to provide an overview of trust management research • without going too deeply into any implementation specifics

On the Nature of Trust
• Concepts for Trust Management • The Trust Management Model • The Trust Information Model

Concepts for Trust Management
• Trust is quite a complicated phenomenon • Humans do not seem to always make fully rational trust decisions

Concepts for Trust Management(2)
• Trustor - service provider • Trustee - an identifiable agent in the network - cannot directly be controlled by outsiders

Concepts for Trust Management(3)
• Trust “the extent to which one party is willing to participate in a given action with a given partner, considering the risks and incentives involved” - a means for people to deal with uncertainty about the future and their interaction partners

Concepts for Trust Management(4)
• A trust decision - binary - based on the balance between trust and risk • Actions - using services provided by the trustor

Concepts for Trust Management(5)
• Risks - the effect of trust - tied to assets • Action importance - business value - it affects trust similarly to good reputation

Concepts for Trust Management(6)
• Reputation “a perception a party creates through past actions about its intentions and norms” - exists only in a community which is observing its members in one way or another

Concepts for Trust Management(7)
• Recommendation “an attempt at communicating a party’s reputation from one community context to another”

The Trust Management Model
• trust management research has its roots in authentication and authorisation • in the context of authentication, trust is established by means such as digital certificates

The Trust Management Model(2)
• certificates are proof of either identity directly or membership in a group of good reputation • policy languages are used to determine whether certain credentials are sufficient for performing a certain action

The Trust Management Model(3)
• credentials are sufficient when the system is either convinced of the trustee’s identity or knows her to be a member of some sufficiently trusted group - policy languages are static

The Trust Management Model(4)
• to make trust more dynamic, the behaviour of the trustee should be considered as well - intrusion detection systems - to monitor users - behaviour information can be gathered - locally - third-party observations

The Trust Management Model(5)
• newcomers create a problem for a trust management system based on behaviour history alone - initial level of trust

The Trust Information Model
• reciprocity is the mutual exchange of deeds - favor or revenge • research on trust can be divided into three groups - fundamental level - service level - highest level

The Tasks of a Trust Management System
• Initializing a Trust Relationship • Observation • Evolving Reputation and Trust

Initializing a Trust Relationship
• discovery service - a plethora of potential partners - may be incompetent or even malicious - a reputation system may aid in locating the most trustworthy one

Initializing a Trust Relationship(2)
• a reputation system aggregates information - the past behaviour • experience or reputation information gathering and storage - be organized centrally - be distributed across peers

Initializing a Trust Relationship(3)
• a user is trustworthy by “3 on a scale from 1 to 5” - it is a reputation statement - what does it mean - difficulties for porting ratings from one system to another as well

Initializing a Trust Relationship(4)
• requirements for a successful reputation system - Resnick et al. - three requirements

Initializing a Trust Relationship(5)
• three requirements - the entities must be long-lived and have use for reputation - feedback must be captured, distributed and made available in the future - the feedback must be used to guide trust decisions

• observation can be done in two different roles - an active participant of a collaboration - through a personal context - more depth to the analysis - an outsider

• intrusion detection system - observing users or partners in a trust management system - traditional approach - system calls - network traffic

• approaches of intrusion detection system - attempts to model normal behaviour - learning from experience - misuse detection - constructs models to match the attacks - specification-based

• observation ties up resources - it is impossible to keep close track of what every user is doing at all times • suspicious activity - not actual misbehaviour

Evolving Reputation and Trust
• mathematical models - dealing with experience - “cooperated” or “defected” - scalars

Evolving Reputation and Trust(2)
• information about user's reputation can be distributed using recommendations - representation of user's identity in different communities - not necessary the truth

• trust as a concept has many very different applications • it is difficult to find a satisfactory representation of trust for computer systems