trust and reputation

Author: arrowsama

Post on 07-Apr-2018




0 download

Embed Size (px)


  • 8/6/2019 Trust and Reputation


    Trust & Reputation Models

    Carles Figuerola, Raul Daz & Vctor Arino

    May 2011


  • 8/6/2019 Trust and Reputation



    1 The importance of trust 3

    1.1 Formal trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

    1.2 Informal trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

    2 Reputation 4

    2.1 Online Reputation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

    3 Trust by reputation 5

    4 Trust & Reputation Tools 6

    4.1 Ratings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

    4.2 Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74.3 Institutional . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

    4.4 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

    5 Models 8

    5.1 Number of hits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

    5.2 PageRank . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

    5.3 eBay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

    5.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

    5.5 Paypal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

    5.6 Facebook, a reality approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

    5.7 OpenPGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

    5.8 Trust Net . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

    5.9 Slashdot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

    6 Security, consistency and attacks 17

    6.1 Sybil Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

    6.2 Bootstrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

    6.3 Whirlwind effect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

    6.4 The downfall of digg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19


  • 8/6/2019 Trust and Reputation



    This essay tries to explain what is trust and reputation in a computational context, particularly in social

    networks scenarios. Additionally several trust and reputation models will be discussed and analyzed.

    1 The importance of trust

    Before starting our discourse we should ask ourselves: is there something more important than trust? Is

    the interaction among humans beings remotely possible without it? We arent just talking about social life,

    business or love. As Rosseau thought it, the modern society establishes a social contract by which their

    members accept tacitly rules for the coexistence and try to find the compromise between the self and common

    benefit. How could we live peacefully without knowing if others will respect or not this contract as much as

    we will? Every indication says that we couldnt. Human being is, to a greater or lesser extent, a gregarious

    mammal. Practically all his activities are developed in conjunction with the other fellows of his social group,

    turning trust, then, into the only bridge to lead a normal life.

    Hence we are able to say that life in society entails an inherent state of trust. More or less, we all assume

    that we can trust our parents, that nobody is going to hurt us when we walk to our job or that the violation

    of our rights will be punished by the law. Without this initial trust situation only the hysterical suspicion

    remains, the impossibility of human relation, in short, the most absolutely ostracism.

    In a hypothetical situation where we know everything about the world and people, we wouldnt need trust.

    Trust begins from the necessity of dealing with uncertainty, the future complex circumstances, to fulfill our

    interests. In the middle of this non guarantee position, achieving our satisfaction depends on the evaluation of

    the environment. No matter if we are talking about the mutual trust between a couple of lovers to obtain an

    emotional stability, or the trust we pin on a leather company when we buy a new shoes.

    Anyway, trust is about bringing different interests together. This can bring a lot of problems, if we think

    about social or friendship issues, for example. In economics, on the other hand, this point is easier to describe.

    If a businessman wants to earn money selling a product, it needs to have a bidirectional relation of trust with

    its clients. Here, the terms of trust are quite clear, because they consist mainly on the combination of material

    interests: businessmen earn money and clients get a product. The first one will care about the clients ability

    to pay. Clients will do the same about the quality of the product and the good correspondence between the

    quality and the price, which can be contrasted with similar products from other producers, but only to a certain

    extend. And again, the idea that relates the unknown and trust, position where clients need some references to

    make the right choice. This references, called reputation, is defined by several factors, like historical prestige of

    the brand or the opinion of other clients (friends, specialized websites,etc).

    Before dealing with reputation, its necessary to distinguish two kinds of trust: formal trust and informal



  • 8/6/2019 Trust and Reputation


    1.1 Formal trust

    Institutionalized mechanisms destined to guarantee mutual cooperation in trust process. There are a lot of

    these mechanisms, like legislations, civil and penal law, in the way to formalize the mentioned social contract.

    Another can example can be credit card systems, which protect shoppers against fraud. Contracts are a good

    example as well. Parties establish conditions, rules by which the trust relation is going to be carried out.

    Another case of formal trust could be marriage, document that formalizes the couple status and the promise of

    financial and emotional stability (at least, that is what it is expected to be).

    This trust systems have some problems. As we said, trust consist in bringing interests together and the

    institutionalization sometimes makes a good compromise difficult. For instance, government legislations usually

    find the solution relevant to the majority of people, but often they are unfavorable for a certain group of citizens.

    Unfavorable and, above all, inflexible. And thats the point. Once the conditions are in a signed document, is

    difficult to change it, whether interest and needs are going to change or not in the near future.

    1.2 Informal trust

    Obviously, most of the social activities cant have its own explicit contract. For this reason, there are

    subjective factors almost always that configure the level of trust. Firmness of a handshake or body language

    can be important signs to trust somebody or not. A presidential candidate can lose the support of voters

    because a tremulous voice or an excessive perspiration, like, for example, in 1960 with the well-known television

    debates between EEUU presidential candidates, Richard Nixon and John F. Kennedy.

    Therefore informal trust is more variable than formal trust. It involves more risk and, obviously, lots ofdisappointments. Not in vain, as in hope, we live in trust. And the society, that precisely stigmatized distrust,

    always knows to recognize trust as the engine of civilization.

    2 Reputation

    Reputation is a social evaluation of a group of entities toward another entity based on certain criteria. It is

    an important factor in many fields, such as education, business, online communities or social status. Reputation

    can be considered as a component of the identity as defined by others, i.e. reputation is then a meta-belief (a

    belief about another persons belief)

    A very important role of reputation is its transmission in the form of advice. This can be an educated

    advice, based on facts and both historical and current events, or just gossip, which doesnt mean it isnt useful.

    Gossip, although vague, may contain precious hints both to actual facts (Ive been told this physician has

    shown questionable behavior) and to conflicts taking place at the information level (if a candidate for a role

    spreads defamatory about another candidate, who should you trust?).

    Moreover, the expression it is said that... is a reputation spreading act because it refers to a (possibly

    fake) common opinion and, on the other hand, the part of it is said is self-assessing because it is at least true

    just because the person saying it has just said it.


  • 8/6/2019 Trust and Reputation


    Reputation-based decisions

    There are three kinds of ways reputation can affect the opinion we have about something:

    Epistemic acknowledge a given reputation. This implies a believed evaluation prevails to ones direct evalu-ation. Lets imagine the friend I mostly admire has a good opinion of Mr. Berlusconi. However puzzled

    I may be by this dissonance-inducing news, I may be convinced due to my friendship to accept this

    evaluation and share it.

    Pragmatic-Strategic use reputation to decide whether and how to interact with the target. Once I have my

    own opinion (perhaps resulting from acceptance of others evaluations) about a target, I will use it to make

    decisions about my future actions concerning that target. Perhaps, I may abstain from participating in

    political activity against Mr. Berlusconi.

    Memetic transmit my (or others) evaluative beliefs about a given target to others. Whether or not I act in

    conformity with a propagating evaluation, I may decide to spread the news to others.

    2.1 Online Reputation

    Online reputation is a factor in any online community where trust is important. It affects a pseudonym

    rather than a person. Online reputation is the perception that one has on the Internet based on their digital


    Digital footprints accumulate through all of the content shared, feedback provided and information that

    created online. People aspire to have a positive online reputation. If someone has a bad online reputation, he

    can easily change his pseudonym. This is why new accounts on e-commerce reputation-based webs are usually

    untrusted. If a person or a company want to manage his web reputation, he will have many more difficulties.

    This is why a merchant on the web having a physical shop (with real name, real address) is usually more

    trusted. Building and maintaining a good reputation can be a significant motivation for contributing to online


    3 Trust by reputation

    During the last years, Computer Science has moved from centralised computer systems to distributed com-

    puting. This evolution has several implications on the security models, the policies and the mechanisms needed

    to protect users information and resources in an increasingly interconnected computing infrastructure

    The multi-agent system paradigm and the huge evolution of e-commerce are factors that contributed to the

    increase of interest on trust and reputation, even recognising them as key factors for a successful e-commerce


    Within these scenarios, Trust and Reputation Models are used as an incentive in decision-making, when

    deciding whether or not to honor contracts (buy products, ask for advice, accept and agreement, etc.), and as


  • 8/6/2019 Trust and Reputation


    a mechanism to search trustworthy exchange partners. In particular, reputation is used in electronic markets

    as a trust-enforcing mechanism or as a method to avoid cheaters and frauds.

    Trust and Reputation both have a social value. When someone is trustworthy, that person may be expected

    to perform in a beneficial or at least not in a suspicious way that assure others, with high probability, goodcollaborations with him. On the contrary, when someone appears not to be trustworthy, others refrain from

    collaborating since there is a lower level of probability that these collaborations will be successful. However,

    trust is strongly connected to confidence and it implies some degrees of uncertainty.

    Therefore, there is a relation between both the concepts that should be considered in depth: reputation is

    a concept that helps to build trust on others, in order to decrease the uncertainty level.

    A reputation system computes and publishes reputation scores for a set of objects (e.g. services or entities)

    within a certain community, based on a collection of opinions that other entities hold about the objects. The

    opinions are typically passed as ratings to a reputation center which uses a specific reputation algorithm to

    dynamically compute the reputation scores based on the received ratings.

    Entities in a community use reputation scores for decision making, e.g. whether or not to buy a specific

    service or good. An object with a high reputation score will normally attract more business that an object with

    a low reputation score. It is therefore in the interest of objects to have a high reputation score.

    Nowadays, game theory is the predominant paradigm considered to design computational trust and reputa-

    tion models. In all likelihood, this theory is taken into account because a significant number of economists and

    computer scientists, with a strong background in game theory and artificial intelligence techniques, are working

    in multi-agent and e-commerce contexts.

    An individuals success in making choices depends on the choices of others. [1]

    4 Trust & Reputation Tools

    There are four main methods or tendencies in order to mathematically evaluate Trust and Reputation.

    Actual Trust and Reputation models combine two or more of these tools in order to enforce the security and

    reliability of a T&R system.

    4.1 Ratings

    One of the main and most seen tools used in reputation based trust models are the ratings. This enables

    a user (that has had a formal or informal interaction with another user) to give a rating in form of a numeric

    rating (or its counterpart, the typical 5-star system) or just a negative or positive point.

    Numeric rating system

    The numeric ratings describe the opinion of the user or one of its submissions or both. It is then averaged

    among all its ratings and the result is shown to all the subsequent users that want to interact with him/her.

    When the user base is large and the majority of the users the numeric rating works well because the opinion of


  • 8/6/2019 Trust and Reputation


    any particular user is averaged out. This means that if a rogue user starts giving out bad ratings to every user

    it doesnt show much on their ratings. On the other hand, when the user base is small, a mischievous user with

    a lot of real life friends can change its numeric rating easily.

    Often, the algorithms to average these ratings become more complex and give greater ponderation to trustedmembers or members with a good standing on the web to avoid having new users (usually created just for this

    purpose) overthrow a trusted old member.

    One of the main problems of the numeric rating system is when there are similar items on comparison but

    some of them have a rating based on very few users. If these users voted high, this rating is then averaged and

    it reflects highly on the item, even though these users may be mischievous or friends of the submitter. This has

    been easily solved on some pages by showing the number of reviews the rating is averaged on. This combination

    of numeric rating and the users its based on is one of the most widely used and trusted rating system.

    This rating system is one of the oldest ones, based on numeric reviews like the movie reviewers before the


    Positive/Negative rating system

    The other main rating used in web pages is the +1, -1. When a user is thinks a user or one of its

    submissions to the community is relevant, it approves it. On the other hand, when it thinks it isnt appropiate,

    it disapproves and the submission may be held back for revision by a higher level user. These these ratings

    arent averaged but added up, the higher the result the better. This way, bad submissions are given a negative

    rating and are often discarded or kept in a separate section of the page.

    Theres benefits for the user with this system because its very obvious when a user is not to be trusted.

    Some pages even give the percentage of positive/negative ratings which form to a kind of numeric rating out of


    This rating system is the most adopted by web pages because its easy to understand for the end user and

    easy to manage by administrators.

    4.2 Feedback

    The other major tool there is to create reputation is feedback. Feedback is a written opinion from peer to

    peer. Unlike the ratings, a feedback can be more elaborate and tell detailed opinions and not just an impersonal

    number. It gives security and credibility to other users who can form an opinion of the opinion giver.

    The downside of this system is that users seek to get the most positive feedbacks from their peers so they are

    very positive on their own feedbacks. This creates a feedback loop and means that the majority of the reviews

    arent 100% true.

    4.3 Institutional

    Trust and Reputation can also be Institutional, this is, to base the trust to entity on the name of the

    entity or a third party which verifies the quality of a certain product or service.


  • 8/6/2019 Trust and Reputation


    There are institutions which seal/verify some services and products and whose seal makes the user (e.g.

    an interested buyer) feel trustful. A clear example on this is Paypal which online payment service ensures

    confidentiality and correct money exchange between parties (Paypal will be further described b elow). A user

    who is interested in buying something in an not trusted online shop may be more trustful whenever it knowsthat a secure payment by a third party like paypal can be done. There exist other Paypal-like services, the

    trust or not on them depends on the reputation that the companies hold during their lifetime, so a user may

    accept one but may be doubtful of another which services had been once security compromised.

    Another example of Institutional Trust is a Certificate Authority. Whenever a user visits a website or uses

    a data-sensitive online service, it must be sure that the communication cannot be seen by anybody else. This

    can be ensured by (e.g.) an SSL certificate, however some certificates are also signed (even double-signed) by

    a third party authority which ensures that the certificate belongs to the named company. This provides the

    consumer a higher degree of trust than using a self-signed certificate which also depends on the reputation of

    the third party shareholder.

    4.4 Security

    The trust through Security is sometimes close to Institutional Trust. This mechanism bases the trust that

    an entity has to another on the fact that the first really knows that the second is who says it is and the messages

    and data-exchange cannot be altered while the communication process. Thus, can be summarized as:

    Agent Validation

    Integrity and authenticity of messages

    Trust to Security approach ensures a certain information is valid and can be trusted if both of the upper

    premises are successful.

    5 Models

    5.1 Number of hits

    Description This is the most simple model of the ones we are commenting, it only computes the number

    hits an entity receives. Examples are:

    Number of views of a website.

    Number of reads of a Blog post.

    Number of given opinions of a certain forum member.

    Number of users of a certain service.


  • 8/6/2019 Trust and Reputation


    The higher these numbers are, the most relevant (or even trustful) their services are considered by this


    There is also an algorithm named HITS (Hyperlink-Induced Topic Search) precursor to PageRank, but it

    has no relation with this one. We explain this Number of hits as an introduction to Trust And Reputationmodels. PageRank will be described in section 5.2 as well as more advanced algorithms.

    Reputation The Reputation is proportional to the number of hits an entity receives.

    R = k Nhits

    Trust Trust is usually proportional to the reputation of a certain entity. Thus, in the case of a search engine

    the most visited entities will appear first in the search results (which is a common practice in many search

    engines), this is because the S.E. trusts more the results that have higher reputation, which means a larger

    number of hits.

    T = c R = mNhits

    Troubles In most cases the user tends to visit the first results of a search query however they might not be

    the right ones. Despite that, these receive the most number of hits, so the wrong results might keep appearing

    at the top of the charts for some time.

    5.2 PageRank

    Description PageRank is a link analysis algorithm, named after Larry Page, used by the Google Internet

    search engine that assigns a numerical weighting to each element of a hyperlinked set of documents with the

    purpose of measuring its relative importance within the set. The algorithm may be applied to any collection

    of entities with reciprocal quotations and references. The numerical weight that it assigns to any given element

    E is also called the PageRank of the page i and denoted by P R(pi).

    The name PageRank is a Google trademark, and the PageRank process has been patented (U.S. Patent

    6,285,999). However,even though the patent is assigned to Stanford University and not to Google, Google has

    exclusive license rights on the patent.

    Nowadays this is not the only algorithm Google is using to rate the websites or documents, though. They

    combine more than 200 algorithms (including PageRank) which they update on a weekly basis in order to reach

    the most accurate page rating, and consequently the best and most relevant search results.


  • 8/6/2019 Trust and Reputation


    Figure 1: PageRank example

    Google describes PageRank as:

    PageRank relies on the uniquely democratic nature of the web by using its vast link structure

    as an indicator of an individual pages value. In essence, Google interprets a link from page A to

    page B as a vote, by page A, for page B. But, Google looks at more than the sheer volume of votes,

    or links a page receives; it also analyzes the page that cast the vote. Votes cast by pages that are

    themselves important weigh more heavily and help to make other pages important. [8]

    In other words, a PageRank results from a ballot among all the other pages on the World Wide Web about

    how important a page is.

    Relevance (Reputation) The relevance or reputation is the PageRank itself, defined recursively and depends

    on the number and PageRank metric of all pages that link to it (incoming links). A page that is linked to

    by many pages with high PageRank receives a high rank itself. If there are no links to a web page there is no

    support for that page.

    Originally the PageRank was defined as:

    P R(pi) =1 d

    N+ d


    P R(pj)



    P R(pi) is the PageRank of the page i.

    d is the damping factor, usually set to 0.85.

    C(pj) is the number of links going out of the page j.

    M(pi) is the set of pages linking to page i.

    N is the total number of pages linking to page i.


  • 8/6/2019 Trust and Reputation


    Trust The trust is usually proportional to the reputation of a certain entity. Thus, the most rated pages will

    appear first in the search results. And users will trust the search engine as it shows on top of the search results

    the more likely results for a certain query.

    Troubles Numerous academic papers concerning PageRank have been published since Page and Brins original

    paper. In practice, the PageRank concept has proven to be vulnerable to manipulation, and extensive research

    has been devoted to identifying falsely inflated PageRank and ways to ignore links from documents with falsely

    inflated PageRank. This is one of the reasons Google combines the use of PageRank with about 200 other


    Spoofing A previous flaw was that any low PageRank page that was redirected, via a HTTP 302 response

    or a Refresh meta tag, to a high PageRank page caused the lower PageRank page to acquire the PageRank

    of the destination page. In theory a new, PR 0 page with no incoming links could have been redirected to the

    Google home pagewhich is a PR 10and then the PR of the new page would be upgraded to a PR10. This

    spoofing technique, also known as 302 Google Jacking, was a known failing or bug in the system. Any pages

    PageRank could have been spoofed to a higher or lower number of the webmasters choice and only Google has

    access to the real PageRank of the page.

    Manipulation For search engine optimization purposes, some companies offer to sell high PageRank links to

    webmasters. As links from higher-PR pages are believed to be more valuable, they tend to be more expensive.

    It can be an effective and viable marketing strategy to buy link advertisements on content pages of quality and

    relevant sites to drive traffic and increase a webmasters link popularity.

    5.3 eBay

    Description eBay is an American internet company devoted to e-commerce. All kinds of users buy and sell

    a great variety of products using its online auction system.

    Theres three different kinds of auction in eBay:

    1. Typical auction: sellers offer one or more items for sale. It sets the initial price and the length of the

    offer. Then registered users can bid for the product. At the end of the previously established period bythe seller, the highest bidder gets the product, paying not his last bid, but the second-highest bid.

    2. Buy it now: sellers offer the product at a fixed prize. If theres a buyer who agrees to pay this prize, it

    obtains the product immediately.

    3. Best offer: the possible buyer submits a best offer. If the best offer is not satisfactory, the seller presents

    a counter offer to the buyer. It ends when seller and buyer agree to a final price.

    Its important to have in mind that the buyer has no physical access to the product and usually only has a

    picture and a brief description of the product written by the seller. To mend this, eBay proposes several trust

    and reputation solutions.


  • 8/6/2019 Trust and Reputation


    Trust eBay gives several guarantees of trust to the buyer and seller. Firstly, sellers can choose the type of

    payment (credit card, bank transfer, PayPal, etc), which helps prevent a possible fraud. Besides, eBay offers

    buyer protection, a service that covers a certain amount of the buying price in case of fraud. Each claim

    addressed to eBay for this reason costs 30 euros.Also seller and buyer may decide not to commit the transaction, if one of them is not satisfied with the

    conditions. To facilitate all this mechanisms, all the information remains on eBay servers.

    Reputation eBay provides an easy system of reputation. Although its not mandatory, buyers and sellers

    evaluate each other after transactions. This evaluation consists in a short comment and a rating. There are three

    kind of ratings: positive (+1), neutral (0) and negative (-1). This tool gives each eBay member a reputation,

    that is the sum of all the numerical evaluations. In the next sales and from the reputation of the seller, buyers

    will be able to know if the offer is to be trusted or not.

    Advantages and Troubles Some positive points of eBay are the simplicity of the whole process and the

    great capacity to receive millions of users. In addition, the more users, the more robustness the system will


    Even so, reputation and its rating procedures are quite manipulable. Weakness lies also in the interpretation

    of the reputation. It is difficult to define exactly what is a high or low reputation and the textual comments

    become, most of the times, indispensable to know if the seller is trustful or not.


    Description is an online store and reseller of both new and used items. It uses its institutional

    reputation to sell items from less trusted or known online shops at a premium. Its trust model is based on the

    reputation its products gather on the form of ratings and feedback from its buyers.

    Reputation Theres two kinds of reputation on the first is the reputation of the item to be

    bought itself and then theres the reputation of the online shop (if the item cannot be sold directly by amazon

    or if the user chooses not to) from which the user may purchase the item.

    On every item page, theres a summary in the form of a numeric rating and the number of reviews its based

    on. Then, at the bottom, all the reviews can be found and read. It goes even deeper than that because each

    review can be marked as useful or not by potential customers. That last part is shown above every review in

    the form of 8 out of 10 people found the following review helpful. This doesnt change the numeric rating of

    the whole item, but helps the users know the reputation of each single review.

    When a user has chosen whichever item he or she wants to buy, it can go to a page showing all the potential

    sellers of this item, including amazon itself. This page has a list with the different prices and a percentage of

    users that have had previous positive transactions with the seller. Then if a user clicks on a particular rating

    is then brought to a detailed page showing the average based on the last 30, 60, 90 or 365 days and written

    feedback from its customers.


  • 8/6/2019 Trust and Reputation


    Trust The trust the user has of the whole page is based on the reputation of its items. Each item is trusted

    individually by its numeric rating, but its trust can be lost by a single bad review, as most of the time there

    are very similar products available and the user can choose freely one or another.

    Most of the seller ratings are pretty high so users usually choose depending on other aspects (such as shippingprice, availability, processing time, etc) provided the rating surpasses a minimum threshold.

    Troubles assures its neutrality saying that bad reviews arent and its mostly true but there

    have been cases in books about Scientology. This means that all opinions on the page could be superseded by if they dont follow its guidelines.

    There was a case in 2004 when a glitch in Amazon.cas review system temporarily revealed that some well-

    established authors were anonymously giving themselves glowing reviews and rival authors terrible reviews.

    5.5 Paypal

    PayPal is an e-commerce business, property of eBay, and constitutes a trust system by itself. Every day

    more people decide to do their shopping through the internet, which creates several doubts, not only about the

    state of products or services that they want to obtain, but also on the security of the payments. Many people

    still refuse internet shopping because of this reason. They fear fraud when the website asks for the credit card

    number or the account.

    This is why PayPal performs payment processing for online transactions, like auction sites, and charge a

    fee. In fact, the most part of its users come from eBay, its owner and one of the biggest e-commerce platforms.

    PayPal is used like an intermediary, an account where the user can deposit its money and from which it is able to

    do the transactions. For security, PayPal blocks the access to the incoming money during 21 days. However, it

    doesnt have any mechanism to control the success and legality of the transaction which represents a problem to

    security.It differs from credit cards -which charging similar fees-, who control and deal with transaction problems.

    Nevertheless recently this was in question, when Wikileaks revealed U.S. State department diplomatic cables

    and PayPal decided not to accept transactions to Assanges organization. It seems that in case of supposedly

    illegal procedures the company is perfectly capable to take part on it.

    This system could seem like a bank, but it really works quite differently. For example, the owner of the

    account doesnt receive any interest for the deposit and all the cash movements, like transactions to physical

    bank accounts or payments, are charged by the company. Actually, PayPal doesnt use its own money and

    doesnt back up the transactions either.

    5.6 Facebook, a reality approach

    Description Facebook model for Trust and Reputation is the most similar to reality, the user is able to see

    how many users are friends with other users, so the measure of reputation is how popular are they.


  • 8/6/2019 Trust and Reputation


    Reputation The Reputation is, in this approach, the number of friends a user has. So the higher the

    number of friends, the higher the weight of its reputation. However, it is not directly linked to Trust, as we

    will see in the next paragraph. This is the only mathematically computed value we can have figured out of a

    certain entity.

    Trust The trust in facebook, relies in many variables. The reputation (number of friends) is one of them and

    maybe the most important for many users (people tend to trust the ones that look cool or trendy), however the

    grade of mutual friendship or particular opinions might also compute in the equation.

    Troubles Social troubles such as hypotheses like the ones who have more friends are the ones who deserve

    to be trusted, and prejudices.

    5.7 OpenPGP

    Description OpenPGP is an encryption standard defined on RFC 4880, an open implementation of Phil Zim-

    mermanns original PGP. It is then a non-proprietary protocol for encrypting email using public key cryptogra-

    phy, actually based on PGP, and defines standard formats for encrypted messages, signatures, and certificates

    for exchanging public keys.

    Like PGP, it uses a serial combination of hashing, data compression, symmetric-key cryptography, and

    public-key cryptography, where each key is bound to a user name and/or an e-mail address.

    The procedure is the following: The message is encrypted using a symmetric encryption algorithm, which

    requires a symmetric key (session key) which will be used only once. The session key is encrypted with the

    receivers public key thus ensuring that only the receiver can decrypt the session key. The encrypted message

    along with the encrypted session key is sent to the receiver.

    PGP also supports message authentication and integrity checking. The sender uses PGP to create a digital

    signature for the message with either the RSA or DSA signature algorithms. To do so, PGP computes a hash

    (message digest) from the plaintext, and then creates the digital signature from that hash using the senders

    private key.

    Reputation The Reputation of the Protocol is pretty wide. Its well known for being a secure encryption

    method though. On the other hand, it has some weaknesses on the public key exchange methods (like the

    most of public-key encryption methods). This can be solved through what is called Web of Trust and Trust


    Web of Trust Users must ensure by some means that the public key in a certificate actually does belong to

    the person/entity claiming it. PGP products have an internal certificate vetting scheme a trust model which

    named Web of Trust.

    Mr. Zimmermann was aware of this issue:


  • 8/6/2019 Trust and Reputation


    As time goes on, you will accumulate keys from other people that you may want to designate as

    trusted introducers. Everyone else will each choose their own trusted introducers. And everyone will

    gradually accumulate and distribute with their key a collection of certifying signatures from other

    people, with the expectation that anyone receiving it will trust at least one or two of the signatures.This will cause the emergence of a decentralized fault-tolerant web of confidence for all public keys.


    Web of Trust is a decentralized trust model of a public key infrastructure (PKI), which relies exclusively on

    a certificate authority (or a hierarchy of such). As with computer networks, there are many independent webs

    of trust, and any user (through their identity certificate) can be a part of, and a link between, multiple webs.

    In the web of trust you have a key ring with a group of peoples public keys.

    The web of trust mechanism has advantages over a centrally managed public key infrastructure scheme but

    has not been universally used. Users have been willing to accept certificates and check their validity manually

    or to simply accept them. No satisfactory solution has been found for the underlying problem.

    In contrast, a typical PKI permits each certificate to be signed only by a single party: a certificate authority

    (CA). The CAs certificate may itself be signed by a different CA, all the way up to a self-signed root certificate.

    Trust signatures In the (more recent) OpenPGP specification, trust signatures can be used to support

    creation of certificate authorities. A trust signature indicates both that the key belongs to its claimed owner

    and that the owner of the key is trustworthy to sign other keys at one level below their own.

    A level 0 signature is comparable to a web of trust signature since only the validity of the key is certified.

    A level 1 signature is similar to the trust one has in a certificate authority. It is able to issue an unlimited

    number of level 0 signatures.

    A level 2 signature is highly analogous to the trust assumption users must rely on whenever they use the

    default certificate authority list (like those included in web browsers); it allows the owner of the key to

    make other keys certificate authorities.

    Revokation What if a user loses its private key or its access is compromised? PGP versions have always

    included a way to cancel (revoke) identity certificates. A lost or compromised private key will require this

    if communication security is to be retained by that user. This is, more or less, equivalent to the certificate

    revocation lists of centralized PKI schemes. Recent PGP versions have also supported certificate expiration

    dates, which ensure that a fake identify will not use the certificate for a very long time. (See Troubles).

    A key owner may designate a third party that has permission to revoke the key owners key (in case the key

    owner loses his own private key and thus loses the ability to revoke his own public key).

    Mean Shortest Distance In statistical analysis of the PGP Web Of Trust the mean shortest distance (MSD)

    is one measurement of how trusted a given PGP key is within the strongly connected set of PGP keys that

    make up the Web of trust.


  • 8/6/2019 Trust and Reputation


    MSD has become a common metric for analysis of sets of PGP keys. Very often you will see the MSD being

    calculated for a given subset of keys and compared with the global MSD which generally refers to the keys

    ranking within one of the larger key analyses of the global Web of trust.

    Final Trust According to the previous description of OpenPGP systems, the trust level a user experiences

    mostly depends on:

    How sure is the user that the certificate used to encrypt the message belongs to other end. This is

    how trustworthy is the certificate itself, and the Web of Trust ring it is part of.

    Troubles The OpenPGP web of trust is essentially unaffected by company failures, and has continued to

    function with little change. However, a related problem does occur. Users, whether individuals or organizations,

    who lose track of a private key can no longer decrypt messages sent to them produced using the matching public

    key found in an OpenPGP certificate.

    Early PGP certificates did not include expiry dates, and those certificates had unlimited lives. Users had to

    prepare a signed cancellation certificate against the time when the matching private key was lost or compromised.

    Later PGP, and all OpenPGP compliant certificates included expiry dates which automatically preclude such

    troubles when used sensibly.

    5.8 Trust Net

    Description A Trust Net is a decentralized and iterative trust model that relies on the relation of what a

    user says and does.

    Reputation Reputation can be gained by fulfilling promises made. When a users is promised something but

    it isnt then carried out, the reputation on the eyes of the receiving end is decreased. This reputation can be

    then passed on to other users which can make the process quicker.

    A practical example of this model can be in game theory. In a semi-competitive game, its players can share

    their planned strategies with its rivals but if they arent carried out, their rivals (who may have planned their

    strategies accordingly) might not trust the next announced strategy.

    Trust The trust value of a user A towards B is:

    T(A, B) =number of honest rounds

    number of total rounds

    But the aggregated trust based on both the direct experience and the reputation shared by fellow users

    depends on probabilistic functions based on the lying factor.

    Troubles As it has been just said, the system depends on a certain degree on the lying factor. If a large

    enough user base lies about a certain user, he or she can deceive others because the trust model isnt working.


  • 8/6/2019 Trust and Reputation


    After a decent amount of time, the direct experience should even out this particular problem and the users

    reputation should fall accordingly, but a proactive protection system can be difficult to maintain.

    5.9 Slashdot

    Description Slashdot is a news web page that relies heavily on the reputation of its users and to sort and

    make visible relevant comments about news.

    Reputation Slashdots reputation system is based on a threaded comments section tied to each news item

    that the site editors have posted. These comments have a reputation system based on the +1, -1 ratings

    but are comprehended from -1 to +5. These votes can only be cast by moderators and each vote can have a

    short comment attached to it such as normal, offtopic, flamebait, troll, redundant, interesting, informative or


    These comment votes are then aggregated to a personal reputation, resulting in a user level of high, normal

    or low karma. Higher karma means that the users comments start off with a higher default score.

    When a user has had high reputation for a period of time, it can randomly gain access to a limited number of

    moderation points. These are then used to vote on other users comments. Users cannot comment and moderate

    in the same discussion so as to maintain objectivity on the matter.

    Trust Trust is based on the moderators rating of a given comment and its written feedback. Default options

    on the page automatically hide comments below a configurable threshold meaning that in the moderators point

    of view, that comment isnt relevant to the discussion but it isnt deleted to allow users to see and judge by


    Troubles Paid staff editors on the page have an infinite amount of moderation points which means that the

    reputation is basically based on the opinion of a handful of people and can be biased.

    6 Security, consistency and attacks

    6.1 Sybil Attack

    A Sybil attack consists in an attacker who subverts the reputation system of a trust network by creating a

    large number of online entities, using them to gain a disproportionately large influence. A reputation systems

    vulnerability to a Sybil attack depends on how cheaply identities can be generated, the degree to which the

    reputation system accepts inputs from entities that do not have a chain of trust linking them to a trusted entity,

    and whether the reputation system treats all entities identically.

    The Sybil attack takes its name after a book written about the subject of the book Sybil, a case study

    of a woman with dissociative personality disorder. This case is notorious because it involved 16 personalities

    (counting the main one) ranging from auto-critical to very emotional personalities and even including two male


  • 8/6/2019 Trust and Reputation


    personalities. Sybils selves gradually became co-conscious of their counterparts and were able to communicate

    between each other and even published material under their own names.

    In the context of human online communities, such multiple identities are known as sockpuppets. One of

    the most recent sockpuppets of an online celebrity is plannedchaos. plannedchaos is a sockpuppet of ScottAdams, writer of one of the oldest webcomics (its been running daily since 1990) called Dilbert. He used the

    sockpuppet to talk high about himself and was his so called biggest fan on pages like metafilter, tumblr or


    Protection against Sybil attacks

    Validation techniques can be used to prevent Sybil attacks and dismiss masquerading hostile identities. Two

    types of validation can be used, direct and indirect validation. The first one relies on a central authority, which

    takes queries and ensures a one-to-one correspondence between an identity and its counterpart. It may even

    provide reverse lookup, which consists on querying for the counterpart and looking if it matches the identity to

    be validated. Indirect validation relies on already accepted identities which then vouch for the validity of the

    new identity in question.

    Identity-based validation techniques generally provide accountability at the expense of anonymity, which can

    be an undesirable tradeoff especially in online forums that wish to permit censorship-free information exchange

    and open discussion of sensitive topics. One of such examples might be the Blizzard Real Name Forum Policy

    initiative that wanted to tie every World of Warcraft account holder to a real life person. This caused a huge

    uproar on the forums and on the whole video games blogosphere. Blizzard backed off on its proposition and

    the policy was never mandatory.

    A validation authority can also attempt to preserve users anonymity by refusing to perform reverse lookups,

    but this approach makes the validation authority a prime target for attack. Alternatively, the authority can

    use some mechanism other than knowledge of a users real identity - such as verification of an unidentified

    persons physical presence at a particular place and time - to enforce a one-to-one correspondence between

    online identities and real-world users.

    6.2 Bootstrap

    One characteristic of the rating systems is the importance of participation. The example to explain how this

    can be a problem has been taken from There, registered users are able to evaluate all kind of

    movies, premieres, classical films, etc. The rating system is based on a ten level scale, each one tied to a textual


    10 Excellent

    9 Great

    8 Very Good

    7 Good


  • 8/6/2019 Trust and Reputation


    6 Interesting

    5 Decent

    4 Regular

    3 Poor

    2 Bad

    1 Awful

    Automatically, the system calculates the average with all rating, which is the main indicator to know what

    is the opinion of the other users. Lets imagine a particular case: website administrators add a new film by

    John Smith. There is a low participation, because people havent seen it yet. Besides, practically all the initial

    rates are from loyal fans to John Smith and his amazing thrillers. The average rating is, in this case, 8,7.Are these results trustful? The answer is clearly not. The problem of this rating system is that when there

    is low participation (a new film or one that appeals only to a minority group) the results presented are false,

    thats to say, theres a considerable bias of the information. This means that the more participation, the more

    reliability the reputation value will have. Filmaffinity has a reviews section, where users can write at length

    their considerations about the movies, which is, at the end, the best tool to find the nuances of the opinions

    and their references.

    6.3 Whirlwind effect

    The Whirlwind Effect is a common issue in rating systems, where users vote each others behaviour or


    In these scenarios user reputation is usually linear with the number of votes it receives for certain actions.

    Thus, usually the rest of users trust the ones with higher reputation as it seems that more people voted for

    them and trusted them. So if a group of malicious users manage to be able to vote one another in a circular

    order, their reputation will increase easily and in a genuine manner.

    Albeit this attack is more difficult to detect when the group of implied users is bigger, a way to try to stop

    it may be to limit the number of user ballots an user can cast in order to judge a peer. However it is really

    difficult to detect without an specific algorithm.

    6.4 The downfall of digg

    Digg is a news aggregation website that is based on a community model to vote and comment on news to

    show the most relevant articles to its users. It is based on Slashdots model although more elaborated and less

    based on appointed moderators. Digg was launched by Kevin Rose on 2004, when the Web 2.0 was getting

    popular and the site grew in users, which submitted new content and made the website very popular.

    The number of users involved on the sites was so large that when a little but interesting website, which

    usually ran on underpowered servers as bigger ones were unneeded for its everyday traffic, was linked and dugg


  • 8/6/2019 Trust and Reputation


    to the front page, its servers were knocked over by the influx of traffic. This was quite common because its

    large user base searched for unknown content to gain reputation on the site and it was commonly called the

    Digg Effect.

    As the site grew, online companies saw the potential of Digg as a way to have a large number of visitors.Several social media professionals sold its services that included having a customer section of a website dugg to

    the frontpage of Digg. This was done by a large-scale Sybil attack often in the range of thousands of different

    identities controlled by algorithms to vote and comment to make a submission grow in reputation to the eyes of

    its users. This game was outed by its users on the website but the administrators wouldnt (or couldnt) stop

    entirely this attacks.

    In this state, users couldnt trust entirely new submissions as the reputation it had reaped might be false,

    and the only way to sort real submissions was to look the comment history of the commenters and decide if the

    comments were by a real and honest person or were semi-automated and only directed to certain domains or

    certain kind of content.

    This scenario trailed on until it became clear of the owners preferences when on August 2010 a new design

    restyle of the site, Digg v4, was launched. This redesign treated company sponsored submissions differently to

    user submissions and most of the front page content was from popular websites, differing from the core Digg idea

    which was based on its distinctiveness from the popular. This led people to not trust anymore the reputation

    system instated and fled the website to similar social news aggregators.

    Figure 2: Visitor decline on the launch of Digg v4

    The CEO Kevin Rose was replaced within a week of the Digg v4 update and resigned from its position

    entirely a year later.

    This example shows that users have to trust the reputation method that has been established. Reputation

    was being forged a lot of time before the release of Digg v4, but it then surpassed thresholds that its users

    would not tolerate.


  • 8/6/2019 Trust and Reputation



    [1] Myerson, 1991.

    [2] Cryptography and Network Security, Principles and Practices, William Stallings, International Edition (0-13-111502-2).






    [8] Google Inc.,