agent technology for e-commerce chapter 12: trust, security and legal issues maria fasli

Agent Technology for e-Commerce

Chapter 12: Trust, Security and Legal Issues

Maria Faslihttp://cswww.essex.ac.uk/staff/mfasli/ATe-Commerce.htm

2Chapter 12


Challenges

Despite the excitement and the immense potential of software agents there are serious concerns about the associated trust, security and legal issues

Users need to: Trust that agents do what they say they do Be confident that their privacy is protected and that the

security risks involved in entrusting agents to perform transactions on their behalf are minimized

Be assured that any legal issues relating to agents trading electronically are fully covered, as they are in traditional trading practices

3Chapter 12


Perceived risks

Agents represent their users in negotiating for contracts, transactions etc. and act on their behalf, hence a number of risks:

Agents have to interact with other entities apart from the user (agents, humans, services), perhaps not trustworthy

Mobility increases risk: hostile platform, attacks, etc. An agent runs the risk that other entities will access, copy, or

modify its code and data, either by mistake or design Information can be stolen while on transit or in storage

4Chapter 12


The agent’s identity can be hijacked and misused Nonrepudiation An agent may disappear temporarily or permanently causing

loss of revenue – valuable results and data may be lost Users are uncomfortable with the idea of software agents

dealing with nonroutine or exceptional situations Reputation

5Chapter 12


Using agent platforms also presents risks The validity, reliability and trustworthiness of an agent’s code

and data cannot be easily determined automatically Malicious agents may succeed in migrating to a platform Information on management and access policies may be altered Denial of service attacks

6Chapter 12


Trust

If there is no risk, the question of trust does not arise The act of delegation presupposes trust as it allows passing

responsibility for a task to another entity (agent/human)

Personal trust: subjective and formed by an individual based on beliefs, observations, reasoning, social stereotypes and past experiences

Develops following a positive experience, reduces otherwise Different dispositions towards trust

7Chapter 12


Impersonal trust: derived from information or experiences as reported by third parties

Trusted third parties Rule-based trust (institutions) Reputation mechanisms

Trust in e-commerce: Trust in the agent as one’s representative Trust in the marketplace infrastructure

8Chapter 12


Trust in agent technology

A trusting relationship between user and agent must develop There is always reluctance to adopt new technologies, especially

technologies that carry high risks As agents are entrusted with private and sensitive information,

they need to have built-in mechanisms to protect this information Agents as ‘faceless strangers’ ‘Twice removed from the interface’ tasks Agents need to have mechanisms to enable them to decide who to

trust and interact with

9Chapter 12


Gradual building of trust: control vs trust Agent’s behaviour can be controlled in three stages

Pre-activity Real-time Post-activity

As trust increases, control can be relinquished, until the user completely trusts the agent

10Chapter 12


Trust in the marketplace

Trust in the protocol, marketplace and other participants Trust management and security need to be addressed Electronic marketplaces

must address how they intend to provide trust, security, enforce contracts and establish a legal framework

Provide safeguards and guarantees against breaches of the protocol

Impose sanctions on those who deviate from the rules

11Chapter 12


Electronic institutions

Human societies have dealt with issues of trust through developing norms which guide, monitor and regulate behaviour

Institutions: consist of norms and social constraints Interaction protocols can be augmented with norms

12Chapter 12


Norms, institutions and organizations

The relationship between norms, institutions and organizations

13Chapter 12


From norms to institutions

Norms that govern electronic institutions can be distinguished into: Ontological and communication norms: enable clear and

unambiguous communication Social interaction norms: dictate interaction protocols and

describe correct sequences of activities Norms that impose restrictions on the behaviour of individual

agents: normative rules that dictate permissible and acceptable behaviour within the institution, i.e. describe an agent’s obligations and rights

14Chapter 12


Norms act as deterrents, disincentives or preventative measures against unwanted behaviour

Norms that indicate prohibitions can be translated into regulations

Norms that indicate desirable behaviour, whenever possible, are translated into restrictions on unwanted behaviour

Norms that indicate that certain actions can be performed under certain conditions, can be translated into checking that the conditions have been satisfied prior to allowing the action

15Chapter 12


But, there are types of unwanted behaviour that cannot be translated into rules which can be easily enforced – react to violations of norms

For each norm that an institution would like to enforce, a rule is required that specifies either:

The procedure within the institution that enforces the norm; or The conditions that constitute violations of the norm and the

consequences, or sanctions imposed by the institution

16Chapter 12


Acting within electronic institutions

Agents assume roles and commit to adhere to the institutions norms, namely policies

Commitments may take the form of contracts Private contracts: drawn between two or more agents Social contracts: a commitment on behalf of an agent towards

the institution

17Chapter 12


Agents can be designed to conform to norms They may be able to perceive and reason about the norms of

each different institution and act accordingly They may be designed so that they conform to a wide range of

principles and not exhibit malicious behaviour, without being aware of the norms that different institutions impose

Inevitably institutions and norms restrict an agent’s autonomy

18Chapter 12


Reputation systems

Reputation encapsulates the distribute knowledge of a set of entities about another and is used to predict future behaviour

Reputation systems attempt to create the ‘shadow of the future’ A reputation system collects, aggregates and distributes

information about the participants’ past behaviour Example: eBay feedback forum

19Chapter 12


For a reputation system to operate effectively: Participants must be long-lived entities The cost of submitting and distributing feedback must be low Feedback information must be aggregated and presented in a way

that enables and guides trusting decisions Clear guidelines on how the rating system operates and how

conflicts are resolved The reputation system itself must be reputable and trustworthy

20Chapter 12


Issues in reputation systems

Eliciting feedback Users may be reluctant to provide feedback Honest reporting is difficult to ensure Unfair ratings

Unfairly high ratings (ballot stuffing) Unfairly low ratings (bad-mouthing)

Sellers’ discriminatory behaviour towards buyers Negative discrimination Positive discrimination

Difficult to elicit negative feedback

21Chapter 12


Aggregating feedback How is feedback aggregated so that it is useful to participants? Usually simple numerical ratings fail to convey important

information about the reported transactions: Did the feedback come from low or high-value transactions? Were the evaluators themselves trustworthy?

22Chapter 12


Distributing feedback Who has access to the reputation ratings? Problem with the portability of ratings Name changes (or the use of pseudonyms) present a problem Ratings and reports can be easily falsified in centralized

reputation systems – use of decentralized systems

23Chapter 12


Security

Security encompasses mechanisms to ensure: Confidentiality Integrity Authentication Access control Availability Nonrepudiation Logging and auditing

24Chapter 12


Cryptography

Modern day cryptography the science of information security Cryptology: finding ways to encrypt a piece of information into a

ciphertext in a secure way Cryptanalysis: discovering either the plaintext, the algorithm for

encrypting it, or the secret key from the ciphertext

Cryptography is used in communications, digital signatures, electronic voting, digital cash

Cryptosystem: a package of protocols and cryptographic algorithms including the instructions for encoding and decoding messages

25Chapter 12


Symmetric cryptosystems

Rely on the use of a secret key to encrypt and decrypt messages A system remains secure provided that:

The encryption algorithm should be hard to break The key is secret

An encryption scheme is said to be computationally secure if the ciphertext generated meets one or both conditions:

The cost of breaking the cipher exceeds the value of the encrypted information

The time required to break the cipher exceeds the useful lifetime of the information

The larger the key, the better its ability to withstand an exhaustion attack

26Chapter 12


How do you transport the secret key from the sender to the recipient in a secure way?

A key could be selected by one party and then physically delivered to the other one

A trusted third party could select the key and physically deliver it to the other two interested parties

If the two parties have an entrusted connection to a third trusted party, then they could act as the intermediate

Use a public key cryptosystem

27Chapter 12


Asymmetric cryptosystems

Also known as public key cryptosystems No prior access to a secret key is required Depends on mathematical one-way functions; computations are

easy to do but very hard to reverse, e.g. factoring Two separate keys:

Private key: kept secret Public key: widely distributed

28Chapter 12


Each entity generates a pair of keys One of the two keys is placed in a public registry or is sent to the

other party, this now becomes the public key The second key remains private If B wants to communicate a message to A, it uses A’s public key

to encrypt the message and sends it over. A is the only one who can decrypt the message, having the private key

Depending on the application, the sender uses either its own private key, the recipient’s, or both, to perform some type of cryptographic function

29Chapter 12


Applications Encryption/decryption Digital signatures Key exchange

Cryptography for confidentiality and privacy Cryptography for authentication, data integrity and

nonrepudiation

30Chapter 12


Agents and privacy

Privacy denotes a condition or state in which a natural or legal person is more or less inaccessible to others, on the physical, psychological or informational plane

Here, privacy denotes a state of limited accessibility on the informational plane

Agent technology plays a mixed role: agents can render their users more vulnerable to loss of

privacy they can also be used as a means to safeguard privacy

31Chapter 12


Anonymity

Anonymity offers a form of privacy and is characterized by the fact that other parties do not know one’s identity

Anonymity may be desirable in certain situations Types of anonymity

Traceable anonymity Untraceable anonymity Untraceable pseudonymity Traceable pseudonymity

Successful anonymization may be difficult to achieve and usually relies on third parties

32Chapter 12


Techniques that facilitate anonymity, may incidentally facilitate and support illegal and criminal activities and even encourage and dishonest and antisocial behaviour

33Chapter 12


Protecting privacy

Protecting sensitive, confidential and private information is imperative

A number of approaches: Place only minimal confidential information in an agent Use cryptographic techniques Use secure protocols when interacting with others Provide the agent with appropriate protective strategies Use access control policies to restrict an agent’s access to

resources and information while at a host

34Chapter 12


Place no confidential information in the agent Use anonymizer servers that may help prevent traffic analysis of

the user’s actions and requests (and those of mobile agents) Use a new agent for each task Fit agents with privacy enhancing technologies such as an

identity protector

35Chapter 12


Agents and the law

Agents in e-commerce engage in a number of activities that are significant from a legal perspective:

They access computer systems, networks and data They retrieve and distribute information They mediate personal and business relations They negotiate for and buy and sell goods and services

The use of agents that conduct business on behalf of natural or legal persons raises issues with regard to accountability and liability

36Chapter 12


Interested parties

Parties that are involved in the use of agents whose interests are affected by any legal considerations

Agent designer/developer Agent supplier or provider User Third parties

37Chapter 12


Issues

Providing a legal framework for guiding and regulating agent-based interactions and exchanges is important to the success and wider adoption of the technology

Who can be held liable and on what grounds? Tort or wrongful acts Privacy and data protection Intellectual property rights Product liability Contractual liabilities Criminal responsibility

International nature of transactions also poses a problem

38Chapter 12


Current legal frameworks

United States: UCITA, UETA and E-sign

Canada UECA

Agents do not feature in any European initiatives or current legislation

39Chapter 12


Agents as legal persons

Legal systems recognize two kinds of persons: natural and legal Contracts are formed between these types of persons But agents do not have a legal status – this poses a problem:

Can agents close contracts? Only legal or natural persons can close contracts (they need to

have will and understand intentions) To act as one’s representative an agent needs to have

contractual capability Unless the will or intention to perform action is distinguished

from the action itself

40Chapter 12


Software agents as e-persons

Can they be considered as legal personas? e-persons? This would solve some problems regarding the validity of the

declarations and contracts But:

First we would have to answer what constitutes an agent Agents must have a residence or domicile (their users’?)

Agent registers could be set up and agents could have a unique id – this raises some privacy issues: who has access to the registry?

They could also be granted by their users a patrimony Their operations could be covered by insurance policies

agent technology for e-commerce chapter 12: trust, security and legal issues maria fasli

Documents

agent technology

trust slide

information agents

ecommerce chapter

user agents

agents code

associated trust

impersonal trust