Secure Trust Evaluation Using Multipath and Referral Chain Methods (original) (raw)

Methods for Computing Trust and Reputation While Preserving Privacy

Lecture Notes in Computer Science, 2009

Trust and Reputation systems in distributed environments attain widespread interest as online communities are becoming an inherent part of the daily routine of Internet users. Trust-based models enable safer operation within communities to which information exchange and peer to peer interaction are centric. Several models for trust based reputation have been suggested recently, among them the Knots model . In these models, the subjective reputation of a member is computed using information provided by a set of members trusted by the latter. The present paper discusses the computation of reputation in such models, while preserving members' private information. Three different schemes for the private computation of reputation are presented, and the advantages and disadvantages in terms of privacy and communication overhead are analyzed.

Efficient private multi-party computations of trust in the presence of curious and malicious users

Journal of Trust Management, 2014

Schemes for multi-party trust computation are presented. The schemes do not make use of a Trusted Authority. The schemes are more efficient than previous schemes in terms of the number of messages exchanged, which is proportional to the number of participants rather than to its square. We note that in our schemes the length of each message may be larger than the message length typically found in previously published schemes. The calculation of a trust, in a specific user by a group of community members starts following a request by an initiator. The trust computation is provided in a completely distributed manner, where each user calculates its trust value privately and independently. Given a community C and its members (users) U 1 ,. .. , U n , we present computationally secure schemes for trust computation. The first scheme, Accumulated Protocol AP computes the average trust attributed to a specific user, U t following a trust evaluation request initiated by a user U n. The exact trust values of each queried user are not disclosed to U n. The next scheme, Weighted Accumulated Protocol WAP generates the average weighted trust in a specific user U t taking into consideration the unrevealed trust that U n has in each user participating in the trust evaluation process. The Public Key Encryption Protocol PKEP outputs a set of the exact trust values given by the users without linking the user that contributed a specific trust value to the trust this user contributed. The obtained vector of trust values assists in removing outliers. Given the set of trust values, the outliers that provide extremely low or high trust values can be removed from the trust evaluation process. We extend our schemes to the case when the initiator, U n , can be compromised by the adversary, and we introduce the Multiple Private Keys and the Weighted protocols (MPKP and MPWP) for computing average unweighted and weighted trust, respectively. Moreover, the Commutative Encryption Based Protocol (CEBP) extends the PKEBP in this case. The computation of all our algorithms requires the transmission of O(n) (possibly large) messages.

Multi-Party Trust Computation in Decentralized Environments

In this paper, we describe a decentralized privacypreserving protocol for securely casting trust ratings in distributed reputation systems. Our protocol allows n participants to cast their votes in a way that preserves the privacy of individual values against both internal and external attacks. The protocol is coupled with an extensive theoretical analysis in which we formally prove that our protocol is resistant to collusion against as many as n − 1 corrupted nodes in the semi-honest model.

Schemes for Privately Computing Trust and Reputation

IFIP Advances in Information and Communication Technology, 2010

Trust and Reputation systems in distributed environments attain widespread interest as online communities are becoming an inherent part of the daily routine of Internet users. Several models for Trust and Reputation have been suggested recently, among them the Knots model . The Knots model provides a member of a community with a method to compute the reputation of other community members. Reputation in this model is subjective and tailored to the taste and choices of the computing member and those members that have similar views, i.e. the computing member's Trust-Set. A discussion on privately computing trust in the Knots model appears in . The present paper extends and improves [16] by presenting three efficient and private protocols to compute trust in trust based reputation systems that use any trust-sets based model. The protocols in the paper are rigorously proved to be private against a semi-honest adversary given standard assumptions on the existence of an homomorphic, semantically secure, public key encryption system. The protocols are analyzed and compared in terms of their privacy characteristics and communication complexity.

Routing with Confidence: A Model for Trustworthy Communication

2006

We present a model for trustworthy communication with respect to security and privacy in heterogeneous networks. In general, existing privacy protocols assume independently operated nodes spread over the Internet. Most of the analysis of these protocols has assumed a fraction of colluding nodes picked at random. While these approaches provide promising guarantees of anonymity for such attack models, we argue that trust relationships dominate threats to privacy at smaller scales, and such independence assumptions should not be made. For example, within an organization, all nodes along a chosen path may be physically collocated, making a collusion attack more likely. Users can have varying notions of threat to their privacy-users may not trust nodes located in a particular domain, or consider nodes with low physical security to be a particularly strong threat to their privacy. We present a model for trustworthy communication that addresses users' privacy needs in such environments. Our model also applies to peer-to-peer anonymizing networks such as Tor for finding more trustworthy routes. For example, users may consider nodes operating in a particular country to be untrustworthy. We recognize that users in the network will have different perceived threats and must be allowed to "route around" untrustworthy nodes based on these threats. Our research makes the following contributions: We present a formalization of trustworthy routing and examine its properties in an effort to understand the boundaries of attribute based trustworthy routing schemes. We propose a model that exposes trust relationships in the network to concerned users. Our policy language allows users to specify qualitative path policies based on their own perceived threat to security and privacy. We define a general quantitative measure of trust that is used to find routes that are most trustworthy based on this measure. We identify feasible and infeasible interpretations of trust by showing how trustworthy routes can be computed efficiently for certain semantic models of trust and by contributing several NP-hardness results for infeasible models of trust.

Multi-party trust computation in decentralized environments in the presence of malicious adversaries

In this paper, we describe a decentralized privacy-preserving protocol for securely casting trust ratings in distributed reputation systems. Our protocol allows n participants to cast their votes in a way that preserves the privacy of individual values against both internal and external attacks. The protocol is coupled with an extensive theoretical analysis in which we formally prove that our protocol is resistant to collusion against as many as n À 1 corrupted nodes in both the semi-honest and malicious adversarial models.

Survey of Trust Models in Different Network Domains

International Journal of Ad hoc, Sensor & Ubiquitous Computing, 2010

This paper introduces the security and trust concepts in wireless sensor networks and explains the difference between them, stating that even though both terms are used interchangeably when defining a secure system, they are not the same. The difference between reputation and trust is also explained, highlighting that reputation partially affects trust. A survey of trust and reputation systems in various domains is conducted, with more details given to models in ad-hoc and sensor networks as they are closely related to each other and to our research interests. The methodologies used to model trust and their references are presented. The factors affecting trust updating are summarised and some examples of the systems in which these factors have been implemented are given. The survey states that, even though researchers have started to explore the issue of trust in wireless sensor networks, they are still examining the trust associated with routing messages between nodes (binary events). However, wireless sensor networks are mainly deployed to monitor events and report data, both continuous and discrete. This leads to the development of new trust models addressing the continuous data issue and also to combine the data trust and the communication trust to infer the total trust.

Design of a Novel Trust Model and its Application in Trust based Routing to Defend against Dishonest Recommenders

International Journal of Computer Applications, 2015

Trust management frameworks play a very important role in securing the mobile ad hoc networks against various insider attacks that could occur during data forwarding. The success of a trust management framework greatly depends upon the proper design of each of its major components including the direct trust computation component as well as the indirect trust computation component. Specifically, the indirect trust computation component should be robust to handle the dishonest recommendations. The current paper shows the application of a trust model involving a robust indirect trust computation component called as RecommFilter which has been proposed in our earlier work. It can overcome the various attacks caused by dishonest recommenders. The application involves the integration of the trust model with a routing protocol based upon a reliability measure called as Path Allegiance metric (PAM) which is a cumulative value obtained through the trust values of the on-path nodes upon each other. Experimental results show that the proposed scheme along with PAM routing protocol is robust to different dishonest recommendation attacks and accurate in the detection of dishonest recommenders.

Measurement of Trust Transitivity in Trustworthy Networks

Journal of Emerging Technologies in Web Intelligence, 2010

In this paper, we abstract the trust network as a weighted digraph. A path from node A to node B represents a transitive trust relationship. Parallel paths between a source and a target are associated with parallel trusts respectively. We introduce two measurements for computing the derived trust degree from a source to a target: Maxmin trust degree and Max-mean trust degree. The Max operator formalizes the choice among parallel paths. The min and mean operators compute the transitive trust degree along a path. We focus on the analysis of the complexity of computing both kinds of trust degrees. We show that measuring the max-min trust degree is polynomial, however, measuring the max-mean one is NP-hard. Then we propose a matrix-based method to compute the max-mean trust degree, which can be done polynomially, but may produce non-simple paths. Finally, we give a simple example of a trust reputation network to illustrate the matrix-based method.

PATROL: a comprehensive reputation-based trust model

International Journal of Internet Technology and Secured Transactions, 2007

In this paper, we present PATROL, a general and comprehensive reputation-based trust model for distributed computing. The proposed model is an enhancement over our previous model, TRUMMAR, and aims at achieving a truly unique model that incorporates most concepts that are essential to determining trust-based decisions. Among the concepts upon which the trust model is based are reputation values, direct experiences, trust in the credibility of a host to give recommendations, decay of information with time based on a dynamic decay factor, first impressions, similarity, popularity, activity, cooperation between hosts, in addition to a hierarchy of host systems. The simulations performed on this model confirm its correctness and its adaptability to different environments and situations.