trust and reputation

8/6/2019 Trust and Reputation

1/21

Trust & Reputation Models

Carles Figuerola, Raul Daz & Vctor Arino

May 2011

1


2/21

Contents

1 The importance of trust 3

1.1 Formal trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

1.2 Informal trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

2 Reputation 4

2.1 Online Reputation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

3 Trust by reputation 5

4 Trust & Reputation Tools 6

4.1 Ratings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

4.2 Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74.3 Institutional . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

4.4 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

5 Models 8

5.1 Number of hits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

5.2 PageRank . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

5.3 eBay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

5.4 Amazon.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

5.5 Paypal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

5.6 Facebook, a reality approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

5.7 OpenPGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

5.8 Trust Net . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

5.9 Slashdot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

6 Security, consistency and attacks 17

6.1 Sybil Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

6.2 Bootstrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

6.3 Whirlwind effect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

6.4 The downfall of digg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

2


3/21

Abstract

This essay tries to explain what is trust and reputation in a computational context, particularly in social

networks scenarios. Additionally several trust and reputation models will be discussed and analyzed.

1 The importance of trust

Before starting our discourse we should ask ourselves: is there something more important than trust? Is

the interaction among humans beings remotely possible without it? We arent just talking about social life,

business or love. As Rosseau thought it, the modern society establishes a social contract by which their

members accept tacitly rules for the coexistence and try to find the compromise between the self and common

benefit. How could we live peacefully without knowing if others will respect or not this contract as much as

we will? Every indication says that we couldnt. Human being is, to a greater or lesser extent, a gregarious

mammal. Practically all his activities are developed in conjunction with the other fellows of his social group,

turning trust, then, into the only bridge to lead a normal life.

Hence we are able to say that life in society entails an inherent state of trust. More or less, we all assume

that we can trust our parents, that nobody is going to hurt us when we walk to our job or that the violation

of our rights will be punished by the law. Without this initial trust situation only the hysterical suspicion

remains, the impossibility of human relation, in short, the most absolutely ostracism.

In a hypothetical situation where we know everything about the world and people, we wouldnt need trust.

Trust begins from the necessity of dealing with uncertainty, the future complex circumstances, to fulfill our

interests. In the middle of this non guarantee position, achieving our satisfaction depends on the evaluation of

the environment. No matter if we are talking about the mutual trust between a couple of lovers to obtain an

emotional stability, or the trust we pin on a leather company when we buy a new shoes.

Anyway, trust is about bringing different interests together. This can bring a lot of problems, if we think

about social or friendship issues, for example. In economics, on the other hand, this point is easier to describe.

If a businessman wants to earn money selling a product, it needs to have a bidirectional relation of trust with

its clients. Here, the terms of trust are quite clear, because they consist mainly on the combination of material

interests: businessmen earn money and clients get a product. The first one will care about the clients ability

to pay. Clients will do the same about the quality of the product and the good correspondence between the

quality and the price, which can be contrasted with similar products from other producers, but only to a certain

extend. And again, the idea that relates the unknown and trust, position where clients need some references to

make the right choice. This references, called reputation, is defined by several factors, like historical prestige of

the brand or the opinion of other clients (friends, specialized websites,etc).

Before dealing with reputation, its necessary to distinguish two kinds of trust: formal trust and informal

trust.

3


4/21

1.1 Formal trust

Institutionalized mechanisms destined to guarantee mutual cooperation in trust process. There are a lot of

these mechanisms, like legislations, civil and penal law, in the way to formalize the mentioned social contract.

Another can example can be credit card systems, which protect shoppers against fraud. Contracts are a good

example as well. Parties establish conditions, rules by which the trust relation is going to be carried out.

Another case of formal trust could be marriage, document that formalizes the couple status and the promise of

financial and emotional stability (at least, that is what it is expected to be).

This trust systems have some problems. As we said, trust consist in bringing interests together and the

institutionalization sometimes makes a good compromise difficult. For instance, government legislations usually

find the solution relevant to the majority of people, but often they are unfavorable for a certain group of citizens.

Unfavorable and, above all, inflexible. And thats the point. Once the conditions are in a signed document, is

difficult to change it, whether interest and needs are going to change or not in the near future.

1.2 Informal trust

Obviously, most of the social activities cant have its own explicit contract. For this reason, there are

subjective factors almost always that configure the level of trust. Firmness of a handshake or body language

can be important signs to trust somebody or not. A presidential candidate can lose the support of voters

because a tremulous voice or an excessive perspiration, like, for example, in 1960 with the well-known television

debates between EEUU presidential candidates, Richard Nixon and John F. Kennedy.

Therefore informal trust is more variable than formal trust. It involves more risk and, obviously, lots ofdisappointments. Not in vain, as in hope, we live in trust. And the society, that precisely stigmatized distrust,

always knows to recognize trust as the engine of civilization.

2 Reputation

Reputation is a social evaluation of a group of entities toward another entity based on certain criteria. It is

an important factor in many fields, such as education, business, online communities or social status. Reputation

can be considered as a component of the identity as defined by others, i.e. reputation is then a meta-belief (a

belief about another persons belief)

A very important role of reputation is its transmission in the form of advice. This can be an educated

advice, based on facts and both historical and current events, or just gossip, which doesnt mean it isnt useful.

Gossip, although vague, may contain precious hints both to actual facts (Ive been told this physician has

shown questionable behavior) and to conflicts taking place at the information level (if a candidate for a role

spreads defamatory about another candidate, who should you trust?).

Moreover, the expression it is said that... is a reputation spreading act because it refers to a (possibly

fake) common opinion and, on the other hand, the part of it is said is self-assessing because it is at least true

just because the person saying it has just said it.

4


5/21

Reputation-based decisions

There are three kinds of ways reputation can affect the opinion we have about something:

Epistemic acknowledge a given reputation. This implies a believed evaluation prevails to ones direct evalu-ation. Lets imagine the friend I mostly admire has a good opinion of Mr. Berlusconi. However puzzled

I may be by this dissonance-inducing news, I may be convinced due to my friendship to accept this

evaluation and share it.

Pragmatic-Strategic use reputation to decide whether and how to interact with the target. Once I have my

own opinion (perhaps resulting from acceptance of others evaluations) about a target, I will use it to make

decisions about my future actions concerning that target. Perhaps, I may abstain from participating in

political activity against Mr. Berlusconi.

Memetic transmit my (or others) evaluative beliefs about a given target to others. Whether or not I act in

conformity with a propagating evaluation, I may decide to spread the news to others.

2.1 Online Reputation

Online reputation is a factor in any online community where trust is important. It affects a pseudonym

rather than a person. Online reputation is the perception that one has on the Internet based on their digital

footprint.

Digital footprints accumulate through all of the content shared, feedback provided and information that

created online. People aspire to have a positive online reputation. If someone has a bad online reputation, he

can easily change his pseudonym. This is why new accounts on e-commerce reputation-based webs are usually

untrusted. If a person or a company want to manage his web reputation, he will have many more difficulties.

This is why a merchant on the web having a physical shop (with real name, real address) is usually more

trusted. Building and maintaining a good reputation can be a significant motivation for contributing to online

communities.

3 Trust by reputation

During the last years, Computer Science has moved from centralised computer systems to distributed com-

puting. This evolution has several implications on the security models, the policies and the mechanisms needed

to protect users information and resources in an increasingly interconnected computing infrastructure

The multi-agent system paradigm and the huge evolution of e-commerce are factors that contributed to the

increase of interest on trust and reputation, even recognising them as key factors for a successful e-commerce

adoption.

Within these scenarios, Trust and Reputation Models are used as an incentive in decision-making, when

deciding whether or not to honor contracts (buy products, ask for advice, accept and agreement, etc.), and as

5


6/21

a mechanism to search trustworthy exchange partners. In particular, reputation is used in electronic markets

as a trust-enforcing mechanism or as a method to avoid cheaters and frauds.

Trust and Reputation both have a social value. When someone is trustworthy, that person may be expected

to perform in a beneficial or at least not in a suspicious way that assure others, with high probability, goodcollaborations with him. On the contrary, when someone appears not to be trustworthy, others refrain from

collaborating since there is a lower level of probability that these collaborations will be successful. However,

trust is strongly connected to confidence and it implies some degrees of uncertainty.

Therefore, there is a relation between both the concepts that should be considered in depth: reputation is

a concept that helps to build trust on others, in order to decrease the uncertainty level.

A reputation system computes and publishes reputation scores for a set of objects (e.g. services or entities)

within a certain community, based on a collection of opinions that other entities hold about the objects. The

opinions are typically passed as ratings to a reputation center which uses a specific reputation algorithm to

dynamically compute the reputation scores based on the received ratings.

Entities in a community use reputation scores for decision making, e.g. whether or not to buy a specific

service or good. An object with a high reputation score will normally attract more business that an object with

a low reputation score. It is therefore in the interest of objects to have a high reputation score.

Nowadays, game theory is the predominant paradigm considered to design computational trust and reputa-

tion models. In all likelihood, this theory is taken into account because a significant number of economists and

computer scientists, with a strong background in game theory and artificial intelligence techniques, are working

in multi-agent and e-commerce contexts.

An individuals success in making choices depends on the choices of others. [1]

4 Trust & Reputation Tools

There are four main methods or tendencies in order to mathematically evaluate Trust and Reputation.

Actual Trust and Reputation models combine two or more of these tools in order to enforce the security and

reliability of a T&R system.

4.1 Ratings

One of the main and most seen tools used in reputation based trust models are the ratings. This enables

a user (that has had a formal or informal interaction with another user) to give a rating in form of a numeric

rating (or its counterpart, the typical 5-star system) or just a negative or positive point.

Numeric rating system

The numeric ratings describe the opinion of the user or one of its submissions or both. It is then averaged

among all its ratings and the result is shown to all the subsequent users that want to interact with him/her.

When the user base is large and the majority of the users the numeric rating works well because the opinion of

6


7/21

any particular user is averaged out. This means that if a rogue user starts giving out bad ratings to every user

it doesnt show much on their ratings. On the other hand, when the user base is small, a mischievous user with

a lot of real life friends can change its numeric rating easily.

Often, the algorithms to average these ratings become more complex and give greater ponderation to trustedmembers or members with a good standing on the web to avoid having new users (usually created just for this

purpose) overthrow a trusted old member.

One of the main problems of the numeric rating system is when there are similar items on comparison but

some of them have a rating based on very few users. If these users voted high, this rating is then averaged and

it reflects highly on the item, even though these users may be mischievous or friends of the submitter. This has

been easily solved on some pages by showing the number of reviews the rating is averaged on. This combination

of numeric rating and the users its based on is one of the most widely used and trusted rating system.

This rating system is one of the oldest ones, based on numeric reviews like the movie reviewers before the

Internet.

Positive/Negative rating system

The other main rating used in web pages is the +1, -1. When a user is thinks a user or one of its

submissions to the community is relevant, it approves it. On the other hand, when it thinks it isnt appropiate,

it disapproves and the submission may be held back for revision by a higher level user. These these ratings

arent averaged but added up, the higher the result the better. This way, bad submissions are given a negative

rating and are often discarded or kept in a separate section of the page.

Theres benefits for the user with this system because its very obvious when a user is not to be trusted.

Some pages even give the percentage of positive/negative ratings which form to a kind of numeric rating out of

100.

This rating system is the most adopted by web pages because its easy to understand for the end user and

easy to manage by administrators.

4.2 Feedback

The other major tool there is to create reputation is feedback. Feedback is a written opinion from peer to

peer. Unlike the ratings, a feedback can be more elaborate and tell detailed opinions and not just an impersonal

number. It gives security and credibility to other users who can form an opinion of the opinion giver.

The downside of this system is that users seek to get the most positive feedbacks from their peers so they are

very positive on their own feedbacks. This creates a feedback loop and means that the majority of the reviews

arent 100% true.

4.3 Institutional

Trust and Reputation can also be Institutional, this is, to base the trust to entity on the name of the

entity or a third party which verifies the quality of a certain product or service.

7


8/21

There are institutions which seal/verify some services and products and whose seal makes the user (e.g.

an interested buyer) feel trustful. A clear example on this is Paypal which online payment service ensures

confidentiality and correct money exchange between parties (Paypal will be further described b elow). A user

who is interested in buying something in an not trusted online shop may be more trustful whenever it knowsthat a secure payment by a third party like paypal can be done. There exist other Paypal-like services, the

trust or not on them depends on the reputation that the companies hold during their lifetime, so a user may

accept one but may be doubtful of another which services had been once security compromised.

Another example of Institutional Trust is a Certificate Authority. Whenever a user visits a website or uses

a data-sensitive online service, it must be sure that the communication cannot be seen by anybody else. This

can be ensured by (e.g.) an SSL certificate, however some certificates are also signed (even double-signed) by

a third party authority which ensures that the certificate belongs to the named company. This provides the

consumer a higher degree of trust than using a self-signed certificate which also depends on the reputation of

the third party shareholder.

4.4 Security

The trust through Security is sometimes close to Institutional Trust. This mechanism bases the trust that

an entity has to another on the fact that the first really knows that the second is who says it is and the messages

and data-exchange cannot be altered while the communication process. Thus, can be summarized as:

Agent Validation

Integrity and authenticity of messages

Trust to Security approach ensures a certain information is valid and can be trusted if both of the upper

premises are successful.

5 Models

5.1 Number of hits

Description This is the most simple model of the ones we are commenting, it only computes the number

hits an entity receives. Examples are:

Number of views of a website.

Number of reads of a Blog post.

Number of given opinions of a certain forum member.

Number of users of a certain service.

8


9/21

The higher these numbers are, the most relevant (or even trustful) their services are considered by this

model.

There is also an algorithm named HITS (Hyperlink-Induced Topic Search) precursor to PageRank, but it

has no relation with this one. We explain this Number of hits as an introduction to Trust And Reputationmodels. PageRank will be described in section 5.2 as well as more advanced algorithms.

Reputation The Reputation is proportional to the number of hits an entity receives.

R = k Nhits

Trust Trust is usually proportional to the reputation of a certain entity. Thus, in the case of a search engine

the most visited entities will appear first in the search results (which is a common practice in many search

engines), this is because the S.E. trusts more the results that have higher reputation, which means a larger

number of hits.

T = c R = mNhits

Troubles In most cases the user tends to visit the first results of a search query however they might not be

the right ones. Despite that, these receive the most number of hits, so the wrong results might keep appearing

at the top of the charts for some time.

5.2 PageRank

Description PageRank is a link analysis algorithm, named after Larry Page, used by the Google Internet

search engine that assigns a numerical weighting to each element of a hyperlinked set of documents with the

purpose of measuring its relative importance within the set. The algorithm may be applied to any collection

of entities with reciprocal quotations and references. The numerical weight that it assigns to any given element

E is also called the PageRank of the page i and denoted by P R(pi).

The name PageRank is a Google trademark, and the PageRank process has been patented (U.S. Patent

6,285,999). However,even though the patent is assigned to Stanford University and not to Google, Google has

exclusive license rights on the patent.

Nowadays this is not the only algorithm Google is using to rate the websites or documents, though. They

combine more than 200 algorithms (including PageRank) which they update on a weekly basis in order to reach

the most accurate page rating, and consequently the best and most relevant search results.

9


10/21

Figure 1: PageRank example

Google describes PageRank as:

PageRank relies on the uniquely democratic nature of the web by using its vast link structure

as an indicator of an individual pages value. In essence, Google interprets a link from page A to

page B as a vote, by page A, for page B. But, Google looks at more than the sheer volume of votes,

or links a page receives; it also analyzes the page that cast the vote. Votes cast by pages that are

themselves important weigh more heavily and help to make other pages important. [8]

In other words, a PageRank results from a ballot among all the other pages on the World Wide Web about

how important a page is.

Relevance (Reputation) The relevance or reputation is the PageRank itself, defined recursively and depends

on the number and PageRank metric of all pages that link to it (incoming links). A page that is linked to

by many pages with high PageRank receives a high rank itself. If there are no links to a web page there is no

support for that page.

Originally the PageRank was defined as:

P R(pi) =1 d

N+ d

pjM(pi)

P R(pj)

C(pj)

where:

P R(pi) is the PageRank of the page i.

d is the damping factor, usually set to 0.85.

C(pj) is the number of links going out of the page j.

M(pi) is the set of pages linking to page i.

N is the total number of pages linking to page i.

10


11/21

Trust The trust is usually proportional to the reputation of a certain entity. Thus, the most rated pages will

appear first in the search results. And users will trust the search engine as it shows on top of the search results

the more likely results for a certain query.

Troubles Numerous academic papers concerning PageRank have been published since Page and Brins original

paper. In practice, the PageRank concept has proven to be vulnerable to manipulation, and extensive research

has been devoted to identifying falsely inflated PageRank and ways to ignore links from documents with falsely

inflated PageRank. This is one of the reasons Google combines the use of PageRank with about 200 other

algorithms.

Spoofing A previous flaw was that any low PageRank page that was redirected, via a HTTP 302 response

or a Refresh meta tag, to a high PageRank page caused the lower PageRank page to acquire the PageRank

of the destination page. In theory a new, PR 0 page with no incoming links could have been redirected to the

Google home pagewhich is a PR 10and then the PR of the new page would be upgraded to a PR10. This

spoofing technique, also known as 302 Google Jacking, was a known failing or bug in the system. Any pages

PageRank could have been spoofed to a higher or lower number of the webmasters choice and only Google has

access to the real PageRank of the page.

Manipulation For search engine optimization purposes, some companies offer to sell high PageRank links to

webmasters. As links from higher-PR pages are believed to be more valuable, they tend to be more expensive.

It can be an effective and viable marketing strategy to buy link advertisements on content pages of quality and

relevant sites to drive traffic and increase a webmasters link popularity.

5.3 eBay

Description eBay is an American internet company devoted to e-commerce. All kinds of users buy and sell

a great variety of products using its online auction system.

Theres three different kinds of auction in eBay:

1. Typical auction: sellers offer one or more items for sale. It sets the initial price and the length of the

offer. Then registered users can bid for the product. At the end of the previously established period bythe seller, the highest bidder gets the product, paying not his last bid, but the second-highest bid.

2. Buy it now: sellers offer the product at a fixed prize. If theres a buyer who agrees to pay this prize, it

obtains the product immediately.

3. Best offer: the possible buyer submits a best offer. If the best offer is not satisfactory, the seller presents

a counter offer to the buyer. It ends when seller and buyer agree to a final price.

Its important to have in mind that the buyer has no physical access to the product and usually only has a

picture and a brief description of the product written by the seller. To mend this, eBay proposes several trust

and reputation solutions.

11


12/21

Trust eBay gives several guarantees of trust to the buyer and seller. Firstly, sellers can choose the type of

payment (credit card, bank transfer, PayPal, etc), which helps prevent a possible fraud. Besides, eBay offers

buyer protection, a service that covers a certain amount of the buying price in case of fraud. Each claim

addressed to eBay for this reason costs 30 euros.Also seller and buyer may decide not to commit the transaction, if one of them is not satisfied with the

conditions. To facilitate all this mechanisms, all the information remains on eBay servers.

Reputation eBay provides an easy system of reputation. Although its not mandatory, buyers and sellers

evaluate each other after transactions. This evaluation consists in a short comment and a rating. There are three

kind of ratings: positive (+1), neutral (0) and negative (-1). This tool gives each eBay member a reputation,

that is the sum of all the numerical evaluations. In the next sales and from the reputation of the seller, buyers

will be able to know if the offer is to be trusted or not.

Advantages and Troubles Some positive points of eBay are the simplicity of the whole process and the

great capacity to receive millions of users. In addition, the more users, the more robustness the system will

have.

Even so, reputation and its rating procedures are quite manipulable. Weakness lies also in the interpretation

of the reputation. It is difficult to define exactly what is a high or low reputation and the textual comments

become, most of the times, indispensable to know if the seller is trustful or not.

5.4 Amazon.com

Description Amazon.com is an online store and reseller of both new and used items. It uses its institutional

reputation to sell items from less trusted or known online shops at a premium. Its trust model is based on the

reputation its products gather on the form of ratings and feedback from its buyers.

Reputation Theres two kinds of reputation on Amazon.com the first is the reputation of the item to be

bought itself and then theres the reputation of the online shop (if the item cannot be sold directly by amazon

or if the user chooses not to) from which the user may purchase the item.

On every item page, theres a summary in the form of a numeric rating and the number of reviews its based

on. Then, at the bottom, all the reviews can be found and read. It goes even deeper than that because each

review can be marked as useful or not by potential customers. That last part is shown above every review in

the form of 8 out of 10 people found the following review helpful. This doesnt change the numeric rating of

the whole item, but helps the users know the reputation of each single review.

When a user has chosen whichever item he or she wants to buy, it can go to a page showing all the potential

sellers of this item, including amazon itself. This page has a list with the different prices and a percentage of

users that have had previous positive transactions with the seller. Then if a user clicks on a particular rating

is then brought to a detailed page showing the average based on the last 30, 60, 90 or 365 days and written

feedback from its customers.

12


13/21

Trust The trust the user has of the whole page is based on the reputation of its items. Each item is trusted

individually by its numeric rating, but its trust can be lost by a single bad review, as most of the time there

are very similar products available and the user can choose freely one or another.

Most of the seller ratings are pretty high so users usually choose depending on other aspects (such as shippingprice, availability, processing time, etc) provided the rating surpasses a minimum threshold.

Troubles Amazon.com assures its neutrality saying that bad reviews arent and its mostly true but there

have been cases in books about Scientology. This means that all opinions on the page could be superseded by

Amazon.com if they dont follow its guidelines.

There was a case in 2004 when a glitch in Amazon.cas review system temporarily revealed that some well-

established authors were anonymously giving themselves glowing reviews and rival authors terrible reviews.

5.5 Paypal

PayPal is an e-commerce business, property of eBay, and constitutes a trust system by itself. Every day

more people decide to do their shopping through the internet, which creates several doubts, not only about the

state of products or services that they want to obtain, but also on the security of the payments. Many people

still refuse internet shopping because of this reason. They fear fraud when the website asks for the credit card

number or the account.

This is why PayPal performs payment processing for online transactions, like auction sites, and charge a

fee. In fact, the most part of its users come from eBay, its owner and one of the biggest e-commerce platforms.

PayPal is used like an intermediary, an account where the user can deposit its money and from which it is able to

do the transactions. For security, PayPal blocks the access to the incoming money during 21 days. However, it

doesnt have any mechanism to control the success and legality of the transaction which represents a problem to

security.It differs from credit cards -which charging similar fees-, who control and deal with transaction problems.

Nevertheless recently this was in question, when Wikileaks revealed U.S. State department diplomatic cables

and PayPal decided not to accept transactions to Assanges organization. It seems that in case of supposedly

illegal procedures the company is perfectly capable to take part on it.

This system could seem like a bank, but it really works quite differently. For example, the owner of the

account doesnt receive any interest for the deposit and all the cash movements, like transactions to physical

bank accounts or payments, are charged by the company. Actually, PayPal doesnt use its own money and

doesnt back up the transactions either.

5.6 Facebook, a reality approach

Description Facebook model for Trust and Reputation is the most similar to reality, the user is able to see

how many users are friends with other users, so the measure of reputation is how popular are they.

13


14/21

Reputation The Reputation is, in this approach, the number of friends a user has. So the higher the

number of friends, the higher the weight of its reputation. However, it is not directly linked to Trust, as we

will see in the next paragraph. This is the only mathematically computed value we can have figured out of a

certain entity.

Trust The trust in facebook, relies in many variables. The reputation (number of friends) is one of them and

maybe the most important for many users (people tend to trust the ones that look cool or trendy), however the

grade of mutual friendship or particular opinions might also compute in the equation.

Troubles Social troubles such as hypotheses like the ones who have more friends are the ones who deserve

to be trusted, and prejudices.

5.7 OpenPGP

Description OpenPGP is an encryption standard defined on RFC 4880, an open implementation of Phil Zim-

mermanns original PGP. It is then a non-proprietary protocol for encrypting email using public key cryptogra-

phy, actually based on PGP, and defines standard formats for encrypted messages, signatures, and certificates

for exchanging public keys.

Like PGP, it uses a serial combination of hashing, data compression, symmetric-key cryptography, and

public-key cryptography, where each key is bound to a user name and/or an e-mail address.

The procedure is the following: The message is encrypted using a symmetric encryption algorithm, which

requires a symmetric key (session key) which will be used only once. The session key is encrypted with the

receivers public key thus ensuring that only the receiver can decrypt the session key. The encrypted message

along with the encrypted session key is sent to the receiver.

PGP also supports message authentication and integrity checking. The sender uses PGP to create a digital

signature for the message with either the RSA or DSA signature algorithms. To do so, PGP computes a hash

(message digest) from the plaintext, and then creates the digital signature from that hash using the senders

private key.

Reputation The Reputation of the Protocol is pretty wide. Its well known for being a secure encryption

method though. On the other hand, it has some weaknesses on the public key exchange methods (like the

most of public-key encryption methods). This can be solved through what is called Web of Trust and Trust

Signatures.

Web of Trust Users must ensure by some means that the public key in a certificate actually does belong to

the person/entity claiming it. PGP products have an internal certificate vetting scheme a trust model which

named Web of Trust.

Mr. Zimmermann was aware of this issue:

14


15/21

As time goes on, you will accumulate keys from other people that you may want to designate as

trusted introducers. Everyone else will each choose their own trusted introducers. And everyone will

gradually accumulate and distribute with their key a collection of certifying signatures from other

people, with the expectation that anyone receiving it will trust at least one or two of the signatures.This will cause the emergence of a decentralized fault-tolerant web of confidence for all public keys.

[9]

Web of Trust is a decentralized trust model of a public key infrastructure (PKI), which relies exclusively on

a certificate authority (or a hierarchy of such). As with computer networks, there are many independent webs

of trust, and any user (through their identity certificate) can be a part of, and a link between, multiple webs.

In the web of trust you have a key ring with a group of peoples public keys.

The web of trust mechanism has advantages over a centrally managed public key infrastructure scheme but

has not been universally used. Users have been willing to accept certificates and check their validity manually

or to simply accept them. No satisfactory solution has been found for the underlying problem.

In contrast, a typical PKI permits each certificate to be signed only by a single party: a certificate authority

(CA). The CAs certificate may itself be signed by a different CA, all the way up to a self-signed root certificate.

Trust signatures In the (more recent) OpenPGP specification, trust signatures can be used to support

creation of certificate authorities. A trust signature indicates both that the key belongs to its claimed owner

and that the owner of the key is trustworthy to sign other keys at one level below their own.

A level 0 signature is comparable to a web of trust signature since only the validity of the key is certified.

A level 1 signature is similar to the trust one has in a certificate authority. It is able to issue an unlimited

number of level 0 signatures.

A level 2 signature is highly analogous to the trust assumption users must rely on whenever they use the

default certificate authority list (like those included in web browsers); it allows the owner of the key to

make other keys certificate authorities.

Revokation What if a user loses its private key or its access is compromised? PGP versions have always

included a way to cancel (revoke) identity certificates. A lost or compromised private key will require this

if communication security is to be retained by that user. This is, more or less, equivalent to the certificate

revocation lists of centralized PKI schemes. Recent PGP versions have also supported certificate expiration

dates, which ensure that a fake identify will not use the certificate for a very long time. (See Troubles).

A key owner may designate a third party that has permission to revoke the key owners key (in case the key

owner loses his own private key and thus loses the ability to revoke his own public key).

Mean Shortest Distance In statistical analysis of the PGP Web Of Trust the mean shortest distance (MSD)

is one measurement of how trusted a given PGP key is within the strongly connected set of PGP keys that

make up the Web of trust.

15


16/21

MSD has become a common metric for analysis of sets of PGP keys. Very often you will see the MSD being

calculated for a given subset of keys and compared with the global MSD which generally refers to the keys

ranking within one of the larger key analyses of the global Web of trust.

Final Trust According to the previous description of OpenPGP systems, the trust level a user experiences

mostly depends on:

How sure is the user that the certificate used to encrypt the message belongs to other end. This is

how trustworthy is the certificate itself, and the Web of Trust ring it is part of.

Troubles The OpenPGP web of trust is essentially unaffected by company failures, and has continued to

function with little change. However, a related problem does occur. Users, whether individuals or organizations,

who lose track of a private key can no longer decrypt messages sent to them produced using the matching public

key found in an OpenPGP certificate.

Early PGP certificates did not include expiry dates, and those certificates had unlimited lives. Users had to

prepare a signed cancellation certificate against the time when the matching private key was lost or compromised.

Later PGP, and all OpenPGP compliant certificates included expiry dates which automatically preclude such

troubles when used sensibly.

5.8 Trust Net

Description A Trust Net is a decentralized and iterative trust model that relies on the relation of what a

user says and does.

Reputation Reputation can be gained by fulfilling promises made. When a users is promised something but

it isnt then carried out, the reputation on the eyes of the receiving end is decreased. This reputation can be

then passed on to other users which can make the process quicker.

A practical example of this model can be in game theory. In a semi-competitive game, its players can share

their planned strategies with its rivals but if they arent carried out, their rivals (who may have planned their

strategies accordingly) might not trust the next announced strategy.

Trust The trust value of a user A towards B is:

T(A, B) =number of honest rounds

number of total rounds

But the aggregated trust based on both the direct experience and the reputation shared by fellow users

depends on probabilistic functions based on the lying factor.

Troubles As it has been just said, the system depends on a certain degree on the lying factor. If a large

enough user base lies about a certain user, he or she can deceive others because the trust model isnt working.

16


17/21

After a decent amount of time, the direct experience should even out this particular problem and the users

reputation should fall accordingly, but a proactive protection system can be difficult to maintain.

5.9 Slashdot

Description Slashdot is a news web page that relies heavily on the reputation of its users and to sort and

make visible relevant comments about news.

Reputation Slashdots reputation system is based on a threaded comments section tied to each news item

that the site editors have posted. These comments have a reputation system based on the +1, -1 ratings

but are comprehended from -1 to +5. These votes can only be cast by moderators and each vote can have a

short comment attached to it such as normal, offtopic, flamebait, troll, redundant, interesting, informative or

funny.

These comment votes are then aggregated to a personal reputation, resulting in a user level of high, normal

or low karma. Higher karma means that the users comments start off with a higher default score.

When a user has had high reputation for a period of time, it can randomly gain access to a limited number of

moderation points. These are then used to vote on other users comments. Users cannot comment and moderate

in the same discussion so as to maintain objectivity on the matter.

Trust Trust is based on the moderators rating of a given comment and its written feedback. Default options

on the page automatically hide comments below a configurable threshold meaning that in the moderators point

of view, that comment isnt relevant to the discussion but it isnt deleted to allow users to see and judge by

itself.

Troubles Paid staff editors on the page have an infinite amount of moderation points which means that the

reputation is basically based on the opinion of a handful of people and can be biased.

6 Security, consistency and attacks

6.1 Sybil Attack

A Sybil attack consists in an attacker who subverts the reputation system of a trust network by creating a

large number of online entities, using them to gain a disproportionately large influence. A reputation systems

vulnerability to a Sybil attack depends on how cheaply identities can be generated, the degree to which the

reputation system accepts inputs from entities that do not have a chain of trust linking them to a trusted entity,

and whether the reputation system treats all entities identically.

The Sybil attack takes its name after a book written about the subject of the book Sybil, a case study

of a woman with dissociative personality disorder. This case is notorious because it involved 16 personalities

(counting the main one) ranging from auto-critical to very emotional personalities and even including two male

17


18/21

personalities. Sybils selves gradually became co-conscious of their counterparts and were able to communicate

between each other and even published material under their own names.

In the context of human online communities, such multiple identities are known as sockpuppets. One of

the most recent sockpuppets of an online celebrity is plannedchaos. plannedchaos is a sockpuppet of ScottAdams, writer of one of the oldest webcomics (its been running daily since 1990) called Dilbert. He used the

sockpuppet to talk high about himself and was his so called biggest fan on pages like metafilter, tumblr or

reddit.

Protection against Sybil attacks

Validation techniques can be used to prevent Sybil attacks and dismiss masquerading hostile identities. Two

types of validation can be used, direct and indirect validation. The first one relies on a central authority, which

takes queries and ensures a one-to-one correspondence between an identity and its counterpart. It may even

provide reverse lookup, which consists on querying for the counterpart and looking if it matches the identity to

be validated. Indirect validation relies on already accepted identities which then vouch for the validity of the

new identity in question.

Identity-based validation techniques generally provide accountability at the expense of anonymity, which can

be an undesirable tradeoff especially in online forums that wish to permit censorship-free information exchange

and open discussion of sensitive topics. One of such examples might be the Blizzard Real Name Forum Policy

initiative that wanted to tie every World of Warcraft account holder to a real life person. This caused a huge

uproar on the forums and on the whole video games blogosphere. Blizzard backed off on its proposition and

the policy was never mandatory.

A validation authority can also attempt to preserve users anonymity by refusing to perform reverse lookups,

but this approach makes the validation authority a prime target for attack. Alternatively, the authority can

use some mechanism other than knowledge of a users real identity - such as verification of an unidentified

persons physical presence at a particular place and time - to enforce a one-to-one correspondence between

online identities and real-world users.

6.2 Bootstrap

One characteristic of the rating systems is the importance of participation. The example to explain how this

can be a problem has been taken from filmaffinity.com. There, registered users are able to evaluate all kind of

movies, premieres, classical films, etc. The rating system is based on a ten level scale, each one tied to a textual

expression:

10 Excellent

9 Great

8 Very Good

7 Good

18


19/21

6 Interesting

5 Decent

4 Regular

3 Poor

2 Bad

1 Awful

Automatically, the system calculates the average with all rating, which is the main indicator to know what

is the opinion of the other users. Lets imagine a particular case: website administrators add a new film by

John Smith. There is a low participation, because people havent seen it yet. Besides, practically all the initial

rates are from loyal fans to John Smith and his amazing thrillers. The average rating is, in this case, 8,7.Are these results trustful? The answer is clearly not. The problem of this rating system is that when there

is low participation (a new film or one that appeals only to a minority group) the results presented are false,

thats to say, theres a considerable bias of the information. This means that the more participation, the more

reliability the reputation value will have. Filmaffinity has a reviews section, where users can write at length

their considerations about the movies, which is, at the end, the best tool to find the nuances of the opinions

and their references.

6.3 Whirlwind effect

The Whirlwind Effect is a common issue in rating systems, where users vote each others behaviour or

actions.

In these scenarios user reputation is usually linear with the number of votes it receives for certain actions.

Thus, usually the rest of users trust the ones with higher reputation as it seems that more people voted for

them and trusted them. So if a group of malicious users manage to be able to vote one another in a circular

order, their reputation will increase easily and in a genuine manner.

Albeit this attack is more difficult to detect when the group of implied users is bigger, a way to try to stop

it may be to limit the number of user ballots an user can cast in order to judge a peer. However it is really

difficult to detect without an specific algorithm.

6.4 The downfall of digg

Digg is a news aggregation website that is based on a community model to vote and comment on news to

show the most relevant articles to its users. It is based on Slashdots model although more elaborated and less

based on appointed moderators. Digg was launched by Kevin Rose on 2004, when the Web 2.0 was getting

popular and the site grew in users, which submitted new content and made the website very popular.

The number of users involved on the sites was so large that when a little but interesting website, which

usually ran on underpowered servers as bigger ones were unneeded for its everyday traffic, was linked and dugg

19


20/21

to the front page, its servers were knocked over by the influx of traffic. This was quite common because its

large user base searched for unknown content to gain reputation on the site and it was commonly called the

Digg Effect.

As the site grew, online companies saw the potential of Digg as a way to have a large number of visitors.Several social media professionals sold its services that included having a customer section of a website dugg to

the frontpage of Digg. This was done by a large-scale Sybil attack often in the range of thousands of different

identities controlled by algorithms to vote and comment to make a submission grow in reputation to the eyes of

its users. This game was outed by its users on the website but the administrators wouldnt (or couldnt) stop

entirely this attacks.

In this state, users couldnt trust entirely new submissions as the reputation it had reaped might be false,

and the only way to sort real submissions was to look the comment history of the commenters and decide if the

comments were by a real and honest person or were semi-automated and only directed to certain domains or

certain kind of content.

This scenario trailed on until it became clear of the owners preferences when on August 2010 a new design

restyle of the site, Digg v4, was launched. This redesign treated company sponsored submissions differently to

user submissions and most of the front page content was from popular websites, differing from the core Digg idea

which was based on its distinctiveness from the popular. This led people to not trust anymore the reputation

system instated and fled the website to similar social news aggregators.

Figure 2: Visitor decline on the launch of Digg v4

The CEO Kevin Rose was replaced within a week of the Digg v4 update and resigned from its position

entirely a year later.

This example shows that users have to trust the reputation method that has been established. Reputation

was being forged a lot of time before the release of Digg v4, but it then surpassed thresholds that its users

would not tolerate.

20


21/21

References

[1] Myerson, 1991.

[2] Cryptography and Network Security, Principles and Practices, William Stallings, International Edition (0-13-111502-2).

[3] Wikipedia.org, http://en.wikipedia.org/wiki/Reputation

[4] Wikipedia.org, http://en.wikipedia.org/wiki/Reputation_system

[5] Wikipedia.org, http://en.wikipedia.org/wiki/Computational_trust

[6] Wikipedia.org, http://en.wikipedia.org/wiki/Trust_law

[7] Wikipedia.org, http://en.wikipedia.org/wiki/Game_theory

[8] Google Inc., http://www.google.com/corporate/tech.html

[9] Wikipedia.org, http://en.wikipedia.org/wiki/Web_of_trust

[10] Wikipedia.org, http://en.wikipedia.org/wiki/Pretty_Good_Privacy

[11] Wikipedia.org, http://en.wikipedia.org/wiki/EBay

[12] Wikipedia.org, http://en.wikipedia.org/wiki/PayPal

[13] Thenextweb.com, http://thenextweb.com/socialmedia/2010/09/23/diggs-traffic-is-collapsing-at-home-an

[14] Metafilter.com, http://www.metafilter.com/102472/How-to-Get-a-Real-Education-by-Scott-Adams#

3639512

21
http://en.wikipedia.org/wiki/Reputationhttp://en.wikipedia.org/wiki/Reputation_systemhttp://en.wikipedia.org/wiki/Computational_trusthttp://en.wikipedia.org/wiki/Trust_lawhttp://en.wikipedia.org/wiki/Game_theoryhttp://www.google.com/corporate/tech.htmlhttp://en.wikipedia.org/wiki/Web_of_trusthttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/EBayhttp://en.wikipedia.org/wiki/PayPalhttp://thenextweb.com/socialmedia/2010/09/23/diggs-traffic-is-collapsing-at-home-and-abroad/http://www.metafilter.com/102472/How-to-Get-a-Real-Education-by-Scott-Adams#3639512http://www.metafilter.com/102472/How-to-Get-a-Real-Education-by-Scott-Adams#3639512http://www.metafilter.com/102472/How-to-Get-a-Real-Education-by-Scott-Adams#3639512http://www.metafilter.com/102472/How-to-Get-a-Real-Education-by-Scott-Adams#3639512http://thenextweb.com/socialmedia/2010/09/23/diggs-traffic-is-collapsing-at-home-and-abroad/http://en.wikipedia.org/wiki/PayPalhttp://en.wikipedia.org/wiki/EBayhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Web_of_trusthttp://www.google.com/corporate/tech.htmlhttp://en.wikipedia.org/wiki/Game_theoryhttp://en.wikipedia.org/wiki/Trust_lawhttp://en.wikipedia.org/wiki/Computational_trusthttp://en.wikipedia.org/wiki/Reputation_systemhttp://en.wikipedia.org/wiki/Reputation

trust and reputation

Documents