Academia.eduAcademia.edu

Outline

Title
Abstract
Chapter 1 Introduction
Structures and Objectives of the Thesis
Published Material
Background of Reputation Systems
Participants
Comparison: A Case Study
Results
Comparison of Design
Discussions
Protocol of the Proposed Scheme
Analysis of the Scheme
Protocol
Analysis
Related Work
Analysis of the FL Scheme
Protocol of the Token Based Scheme
Protocol Using Ring Signature Scheme
Protocol of the Aggregate Signature Based Scheme
Introduction
Related Certificates
Protocol of the Articulated Certificate Scheme
Discussion
Future Improvements
Conclusion
References
All Topics
Computer Science
Information Systems

Security of reputation systems

Profile image of roslan ismailroslan ismail

2004

Abstract

Reputation systems have the potential of improving the quality of on-line markets by identifying fraudulent users and subsequently dealing with these users can be prevented. The behaviour of participants involved in e-commerce can be recorded and then this information made available to potential transaction partners to make decisions to choose a suitable counterpart. Unfortunately current reputation systems suffer from various vulnerabilities. Solutions for many of these problems will be discussed. One of the major threats is that of unfair feedback. A large number of negative or positive feedbacks could be submitted to a particular user with the aim to either downgrade or upgrade the user's reputation. As a result the produced reputation does not reflect the user's true trustworthiness. To overcome this threat a variation of Bayesian Reputation system is proposed. The proposed scheme is based on the subjective logic framework proposed Josang et al. [65]. The impact of unfair feedback is countered through some systematic approaches proposed in the scheme. Lack of anonymity for participants leads to reluctance to provide negative feedback. A novel solution for anonymity of feedback providers is proposed to allow participants to provide negative feedback when appropriate without fear of retaliation. The solution is based on several primitive cryptographic mechanisms; e-cash, designated verifier proof and knowledge proof. In some settings it is desirable for the reputation owner to control the distribution of its own reputation and to disclose this at its discretion to the intended parties. To realize this, a solution based on a certificate mechanism is proposed. This solution allows the reputation owner to keep the certificate and to distribute its reputation while not being able to alter that information without detection. The proposed solutions cater for two modes of reputation systems: centralised and decentralised. The provision of an off-line reputation system is discussed by proposing a new solution using certificates. This is achieved through the delegation concept and a variant of digital signature schemes known as proxy signatures. v The thesis presents a security architecture of reputation systems which consists of different elements to safeguard reputation systems from malicious activities. Elements incorporated into this architecture include privacy, verifiability and availability. The architecture also introduces Bayesian approach to counter security threat posed by reputation systems. This means the proposed security architecture in the thesis is a combination of two prominent approaches, namely, Bayesian and cryptographic, to provide security for reputation systems. The proposed security architecture can be used as a basic framework for further development in identifying and incorporating required elements so that a total security solution for reputation systems can be achieved. vi Declaration The work contained in this thesis has not been previously submitted for a degree or diploma at any higher education institution. To the best of my knowledge and belief, the thesis contains no material previously published or written by another person except where due reference is made.

Related papers

Reputation systems: A survey and taxonomy
Kris Bubendorfer, Ferry Hendrikx

Journal of Parallel and Distributed Computing, 2015

h i g h l i g h t s

View PDFchevron_right
A framework for building reputation systems
Phillip Windley

This paper introduces a set of principles for governing the design and operation of online reputation systems. We also introduce the design, architecture, and implementation of a flexible, general-purpose framework, called Pythia, for building reputation systems. We give a sample application of our framework to illustrate its use.

View PDFchevron_right
A framework to provide anonymity in reputation systems
Luis Rodrigues

2006

Abstract In ubiquitous networks, the multiple devices carried by an user may unintentionally expose information about her habits or preferences. This information leakage can compromise the users' right to privacy. A common approach to increase privacy is to hide the user real identity under a pseudonym. Unfortunately, pseudonyms may interfere with the reputation systems that are often used to assert the reliability of the information provided by the participants in the network.

View PDFchevron_right
A novel reputation-based model for e-commerce
Panayotis Fouliras

Operational Research, 2000

Reputation systems are very important in e-markets, where they help buyers to decide whether to purchase a product. Since a higher reputation often represents higher profit, malicious users may try to deceive them to increase their reputation. This may be aggravated through fear of retaliation to bad ratings or collusion of multiple users so that they can perform a fraud

View PDFchevron_right
A Reference Model for Reputation Systems
Sokratis Vavilis, Nicola Zannone

A Reference Model for Reputation Systems, 2014

Recent advances in ICT have led to a vast and expeditious development of e-services and technology. Trust is a fundamental aspect for the acceptance and adoption of these new services. Reputation is commonly employed as the measure of the trustworthiness of users in on-line communities. However, to facilitate their acceptance, reputation systems should be able to deal with the trust challenges and needs of those services. The aim of this survey is to propose a framework for the analysis of reputation systems. We elicit the requirements for reputations metrics along with the features necessary to achieve such requirements. The identified requirements and features form a reference framework which allows an objective evaluation and comparison of reputation systems. We demonstrate its applicability by analyzing and classifying a number of existing reputation systems. Our framework can serve as a reference model for the analysis of reputation systems. It is also helpful for the design of new reputation systems as it provides an analysis of the implications of design choices.

View PDFchevron_right
Reputation Systems: A framework for attacks and frauds classification
Rui Pereira

Journal of Information Systems Engineering and Management

Reputation and recommending systems have been widely used in e-commerce, as well as online collaborative networks, P2P networks and many other contexts, in order to provide trust to the participants involved in the online interaction. Based on a reputation score, the e-commerce user feels a sense of security, leading the person to trust or not when buying or selling. However, these systems may give the user a false sense of security due to their gaps. This article discusses the limitations of the current reputation systems in terms of models to determine the reputation score of the users. We intend to contribute to the knowledge in this field by providing a systematic overview of the main types of attack and fraud found in those systems, proposing a novel framework of classification based on a matrix of attributes. We believe such a framework could help analyse new types of attacks and fraud. Our work was based on a systematic literature review methodology.

View PDFchevron_right
A survey of attack and defense techniques for reputation systems
David Zage

ACM Computing Surveys, 2009

Reputation systems provide mechanisms to produce a metric encapsulating reputation for a given domain for each identity within the system. These systems seek to generate an accurate assessment in the face of various factors including but not limited to unprecedented community size and potentially adversarial environments. We focus on attacks and defense mechanisms in reputation systems. We present an analysis framework that allows for general decomposition of existing reputation systems. We classify attacks against reputation systems by identifying which system components and design choices are the target of attacks. We survey defense mechanisms employed by existing reputation systems. Finally, we analyze several landmark systems in the peer-to-peer domain, characterizing their individual strengths and weaknesses. Our work contributes to understanding 1) which design components of reputation systems are most vulnerable, 2) what are the most appropriate defense mechanisms and 3) how these defense mechanisms can be integrated into existing or future reputation systems to make them resilient to attacks.

View PDFchevron_right
Practical, Anonymous, and Publicly Linkable Universally-Composable Reputation Systems
Johannes Blomer

Lecture Notes in Computer Science, 2018

We consider reputation systems in the Universal Composability Framework where users can anonymously rate each others products that they purchased previously. To obtain trustworthy, reliable, and honest ratings, users are allowed to rate products only once. Everybody is able to detect users that rate products multiple times. In this paper we present an ideal functionality for such reputation systems and give an efficient realization that is usable in practical applications.

View PDFchevron_right
Evidence processing and privacy issues in evidence-based reputation systems
D. Cvrček

Computer Standards & Interfaces, 2005

Issues related to processing of evidence in evidence-based reputation systems, with a particular concern for user privacy, are discussed in our paper. The novel idea of evidence-based reputation (or trust) systems is that such systems do not rely on an objective knowledge of user identity. One has instead to consider possible privacy infringements based on the use of data (evidence) about the previous behaviour of entities in the systems. We provide a brief introduction to evidence-based trust/ reputation systems, as well as to the privacy issues, addressing the common problem of many papers that narrow the considerations of privacy to anonymity only. We elaborate on the concept of pseudonymity through aspects of evidence storing and processing. This, together with a consideration of current work on trust models, leads to our specification of requirements for the trust model for evidence-based systems supporting pseudonymity.

View PDFchevron_right
A privacy-preserving reputation system with user rewards
Núria Busom Figueres

Journal of Network and Computer Applications, 2017

Reputation systems are useful to assess the trustworthiness of potential transaction partners, but also a potential threat to privacy since rating profiles reveal users' preferences. Anonymous reputation systems resolve this issue, but make it difficult to assess the trustworthiness of a rating. We introduce a privacypreserving reputation system that enables anonymous ratings while making sure that only authorized users can issue ratings. In addition, ratings can be endorsed by other users. A user who has received a pre-defined number of endorsements can prove this fact, and be rewarded e.g. by receiving a "Premium member" status. The system is based on advanced cryptographic primitives such as Chaum-Pedersen blind signatures, verifiable secret sharing and oblivious transfer.

View PDFchevron_right

References (135)

  1. Masayuki Abe, Miyako Ohkubo, and Koutarou Suzuki. 1-out-of-n signatures from a variety of keys. In Y.Zheng, editor, Advances in Cryptology -ASI- ACRYPT 2002, volume LNCS 2501, pages 415-432. Springer-Verlag Heidel- berg, December 1-5, 2002.
  2. Karl Abrerer and Zoran Despotovic. Managing Trust in a P2P Information System. In Proceedings of the tenth international conference on Information and knowledge management, pages 310-317. ACM Press, November 2001.
  3. Carlisle Adams and Robert Zuccherato. A global pmi for electronic content dis- tribution. In D.R. Stinson and S. Tavares, editors, Proceedings of Selected Ar- eas in Cryptography: 7th Annual International Workshop, volume LNCS 2012, pages 158-168. Springer-Verlag Heidelberg, August 14-15 2000.
  4. Dmitri Asonov, Markus Schaal, and Johann C. Freytag. Absolute privacy in voting. In Information Security: 4th International Conference, volume LNCS 2200, pages 95-109. Springer-Verlag Heidelberg, October 1-3 2001.
  5. Tuomas Aura. Distributed access-rights management with delegation certifi- cates. In Secure Internet Programming: Security Issues for Distributed and Mobile Objects, volume 1603 of LNCS, pages 211-235. Springer-Verlag, 1999.
  6. Sulin Ba. Establishing online trust through a community responsibility system. Decision Support Systems, 31(3):323-336, August 2001.
  7. Mihir Bellare, Juan A. Garay, and Tal Rabin. Fast batch verification for modular exponentiation and digital signatures. In K. Nyberg, editor, EUROCRYPT '98, volume LNCS 1403, pages 236-250. Springer-Verlag Heidelberg, 1998.
  8. W.W Bell. Special Functions for Scientists and Engineeers. D. Van Nostrand Company LTD, 1968.
  9. Vicente Benjumea, Javier Lopez, Jose A. Montenegro, and Jose M. Troya. A first approach to provide anonymity in attribute certificates. In Proceedings of Public Key Cryptography -PKC 2004: 7th International Workshop on Theory and Practice in Public Key Cryptography, volume LNCS 2947, pages 402-415. Springer-Verlag Heidelberg, March 1-4 2004.
  10. Shimshon Berkovits, Chokhani Santosh., Furlong A. Judith. A., Jisoo A. Geiter, and Jonathan C. Guild. Directive 1999/93/EC of the European Parliament and of the Council on a Community Framework for Electronic Signatures, April 1994.
  11. Bernd Blobel, Petra Hoepner, Robert Joop, Stamatis Karnouskos, Geert Klein- huis, and George I. Stassinopoulos. Using a privilege management infrastruc- ture for secure web-based e-health applications. Computer Communications, 26:1863-1872, 2003.
  12. Gary Bolton, Elena Katok, and Axel Ockenfels. How Effective are On- line Reputation Mechanisms? Discussion Papers on Strategic Interac- tion 25-2002, Max-Planxk-Institut, 2002. Available at ftp://papers.mpiew- jena.mpg.de/esi/discussionpapers/2002-25.pdf.
  13. Dan Boneh, Craig Gentry, Ben Lynn, and Hovav Shacham. Aggregate and verifiably encrypted signatures from bilinear maps. In Eurocrypt 2003, volume LNCS 2656, pages 416-432. Springer-Verlag, 2003.
  14. Fabrice Boudot. Efficient proofs that a committed number lies in an interval. In Proceedings of International Conference on the Theory and Application of Cryptographic Techniques -EUROCRYPT 2000, volume LNCS 1807, pages 431-444. Springer-Verlag, May 14-18 2000.
  15. Stefan Brands. Untraceable off-line cash in wallets with observers. In Dou- glas R. Stinson, editor, Advances in Cryptology -Crypto '93, volume LNCS 773, pages 302-318, Berlin, 1993. Springer-Verlag.
  16. Stefan Brands. Rethinking Public Key Infrastructure and Digital Certificates - building in Privacy. Ponsen & Looijen BV, 1999.
  17. Felix Brandt. Fully private auctions in a constant number of rounds. In Fi- nancial Cryptography, volume LNCS 2742, pages 223-238. Springer-Verlag Heidelberg, December 8-9 2000.
  18. Emmanuel Bresson, Jacques Stern, and Michael Szydlo. Threshold ring sig- natures and applications to ad-hoc groups. In M. Yung, editor, Proceedings of Advances in Cryptology -CRYPTO 2002: 22nd Annual International Cryptol- ogy Conference, volume LNCS 2442, pages 465-480. Springer-Verlag, August 18-22, 2002.
  19. Sonja Buchegger and Jean-Yves L. Boudec. Performance analysis of the con- fidant protocol. In Proceedings of the 3rd ACM international symposium on Mobile ad hoc networking & computing, pages 226-236. ACM Press, 2002.
  20. Sonja Buchegger and Jean-Yves L. Boudec. A robust reputation system for mobile ad hoc networks. Technical Report IC/2003/50, EPFL-DI-ICA, July 2003.
  21. Javier Carbo, Jose M. Molina, and Jorge Davila Muro. A fuzzy model of reputa- tion in multi-agent systems. In Proceedings of the fifth international conference on Autonomous agents, pages 25-26. ACM Press, 2001.
  22. Javier Carbo, Jose M. Molina, and Jorge Davila Muro. A BDI agent architecture for reasoning about reputation. In IEEE International Conference on Systems, Man and Cybernetics, volume 2, pages 817-822, 2001.
  23. David W. Chadwick and Alexander Otenko. The permis X.509 role based privilege management infrastructure. Future Generation Computer Systems, 19(2):277-289, February 2003.
  24. David Chaum, Amos Fiat, and Moni Naor. Untraceable electronic cash. In Shafi Goldwasser, editor, Advances in Cryptology -Crypto '88, volume LNCS 403, pages 319-327. Springer-Verlag, 1989.
  25. Mao Chen and Jaswinder P. Singh. Computing and using reputations for internet ratings. In Proceedings of the 3rd ACM conference on Electronic Commerce, pages 154-162, October 2001.
  26. Andrew Clausen. Online reputation systems: The cost of attack on pagerank. Bachelors (with Honours), University of Melbourne, November 2003.
  27. Fabrizio Cornelli, Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, and Pierangela Samarati. Choosing Reputable Servents in a P2P Network. In Proceedings of the eleventh international conference on World Wide Web, pages 376-386. ACM Press, 2002.
  28. Ronald Cramer, Ivan Damgård, and Berry Schoenmakers. Proofs of partial knowledge and simplified design of witness hiding protocols. In Yvo Desmedt, editor, Advances in Cryptology -Crypto '94, volume LNCS 839, pages 174- 187. Springer-Verlag, 1994.
  29. Ronald Cramer, Matthew Franklin, Berry Schoenmakers, and Moti Yung. Multi- authority secret-ballot elections with linear work. In Ueli Maurer, editor, In Advance in Cryptology -EUROCRYPT'96, volume LNCS 1070, pages 72-83.
  30. Ronald Cramer, Rosario Gennaro, and Berry Schoenmakers. A secure and opti- mally efficient multi-authority election scheme. In Walter Fumy, editor, EURO- CRYPT'97, volume LNCS 1233, pages 103-118. Springer-Verlag, 1997.
  31. Lorrie F. Cranor and Ron K. Cytron. Sensus: A security-conscious electronic polling system for the internet. In Jr. Nunamaker, J.F. and Jr. Sprague, R.H., editors, Proceedings of the Thirtieth Hawaii International Conference on System Sciences, volume 3, pages 561-570, January, 7-10 1997.
  32. Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, Pierangela Samarati, and Fabio Violante. A reputation-based approach for choosing reliable resources in Peer-to-Peer networks. In Proceedings of the 9th ACM conference on Computer and communications security, pages 207-216. ACM Press, 2002.
  33. Chrysanthos Dellarocas. Mechanisms for coping with unfair ratings and dis- criminatory behavior in online reputation reporting systems. In Proceedings of the twenty first international conference on Information systems, pages 520- 525. Association for Information Systems, 2000.
  34. Chrysanthos Dellarocas. Building trust on-line: The design of re- liable reputation reporting mechanisms for online trading communities. MIT Sloan Working Paper No. 4180-01, October 2001. Available at http://ssrn.com/abstract=289967.
  35. Chrysanthos Dellarocas. Efficiency through feedback-contingent fees and re- wards in auction marketplaces with adverse selection and moral hazard. In Pro- ceedings of the conference on Electronic commerce, pages 11-18. ACM Press, 2003.
  36. Roger Dingledine, Michael J. Freedman, David Hopwood, and David Molnar. A reputation system to increase mix-net reliability. In I.S. Moskowitz, editor, In- formation Hiding 4th International Workshop (IHW2001), Pittsburgh, PA, USA, volume LNCS 2137, pages 126-136. Springer-Verlag Heidelberg, 25-27, April 2001.
  37. Roger Dingledine, Michael J. Freedman, and David Molnar. Chapter 16: Ac- countability. In A. Oram, editor, Peer-To-Peer: Harnessing the Power of Dis- ruptive Technologies. O'Reilly and Associates, Inc, 2001.
  38. Roger Dingledine and Paul Syverson. Reliable MIX Cascade Networks through Reputation. In Matt Blaze, editor, 6th International Conference, Financial Cryptography 2002, volume LNCS 2357, pages 253-268. Springer-Verlag, March 11-14 2002.
  39. Debojyoti Dutta, Ashish Goel, Ramesh Govindan, and Hui Zhang. The design of a distributed rating scheme for peer-to-peer systems. In The Workshop on Economic of Peer-to-Peer Systems, June 5-6 2003. http://www.sims.berkeley.edu/research/conferences/p2pecon/index.html.
  40. Ed Dawson, Javier Lopez, Jose A. Montenegro, and Eiji Okamoto. A new de- sign of privilege management infrastructure for organizations using outsourced pki. In Information Security, 5th International Conference, volume LNCS 2433, pages 136-149. Springer-Verlag, September 30 -October 2 2002.
  41. Martin Ekstrom and Hans C. Bjornsson. A rating system for AEC e-bidding that account for rater credibility. In Proceedings of CIB W65 Symposium, pages 753-766, September 2002.
  42. Carl Ellison, Bill Frantz, Butler Lampson, Ronald Rivest, Brian Thomas, and Tatu Ylonen. SPKI Certificate Theory, 1999. Available at ftp://ftp.isi.edu/in- notes/rfc2693.txt.
  43. Dietrich Fahrenholtz and Winfried Lamersdorf. Transactional security for a distributed reputation management system. In K. Bauknecht, A. Min Tjoa, and G. Quirchmayr, editors, Proceedings of the 3rd International Conference on Electronic Commerce and Web Technologies, volume LNCS 2455, pages 214- 223. Springer-Verlag, August 2002.
  44. Yair Frankel, Yiannis Tsiounis, and Moti Yung. Indirect discourse proofs: Achievement efficient fair off-line e-cash. In Advances in Cryptology -Pro- ceeding of ASIACRYPT'96, pages 286-300. Springer-Verlag, 1996.
  45. Eric J. Friedman and Paul Resnick. The social cost of cheap pseudonyms. Jour- nal of Economics Management Strategy, 10(2):173-199, 2001.
  46. Ko Fujimura and Takuo Nishihara. Reputation rating system based on past be- havior of evaluators. In Proceedings of the conference on Electronic commerce, pages 246-247. ACM Press, 2003.
  47. Morrie Gasser and Ellen McDermott. An architecture for practical delegation in a distributed system. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 20-30. Computer Society Press, May 1990.
  48. Matthieu Gaud and Jacques Traor. On the anonymity of fair offline e-cash sys- tems. In Proceedings of Financial Cryptography, volume LNCS 2742, pages 34-50. Springer-Verlag Heidelberg, February 1999.
  49. Stefano Grazioli and Sirkka L. Jarvenpaa. Deceived: under target online. Com- munications of the ACM, 46(12):196-205, 2003.
  50. Minaxi Gupta, Paul Judge, and Mostafa Ammar. A reputation system for peer- to-peer networks. In ACM 13th International Workshop on Network and Op- erating Systems Support for Digital Audio and Video (NOSSDAV 2003), pages 144-152. ACM Press, June 1-3 2003.
  51. Javier Herranz and Germn Senz. Forking lemmas for ring signature schemes. In India Cryptography' 03, volume LNCS 2904, pages 266-279. Springer-Verlag Heidelberg, December 2003.
  52. Daniel Houser and John Wooders. Reputation in auctions: Theory and evi- dence from ebay, 2000. Available at http://w3.arizona.edu/econ/ workingpa- pers/InternetAuctions.pdf.
  53. John Iliadis, Diomidis Spinellis, Dimitris Gritzalis, Bart Preneel, and Sokratis Katsikas. Evaluating certificate status information mechanisms. In Proceedings of the 7th ACM conference on Computer and communications security, pages 1-8. ACM Press, 2000.
  54. Roslan Ismail, Colin Boyd, Audun Josang, and Selwyn Russell. A security architecture for reputation systems. In Kurt Baukencht, A. Min Tjoa, and Gerald Quirchmayr, editors, Proceedings of the 4th International Conference, EC-WEB, volume LNCS 2738, pages 176-185. Springer Verlag, September 1-5 2003.
  55. Roslan Ismail, Colin Boyd, Audun Josang, and Selwyn Russell. Strong privacy in reputation systems. In Pre-Proceedings of The 4th International Workshop on Information Security Applications, pages 697-704, August 25-27 2003.
  56. Roslan Ismail, Colin Boyd, Audun Josang, and Selwyn Russell. Private reputa- tion scheme for P2P systems. In Proceedings of 2nd International Workshop on Information Security, pages 196-205, April 13-14 2004.
  57. Roslan Ismail, Colin Boyd, Audun Josang, and Selwyn Russell. Efficient off- line reputation system using articulated certificate. In Proceedings of 2nd Inter- national Workshop on Information Security, pages 53-62, April 13-14 2004.
  58. ITU-T. Recommendation X.509 Information technology -Open systems Inter- connection -The Directory : Authentication framework, 1997.
  59. ITU-T. Recommendation X.509 Information technology -Open systems Inter- connection -The Directory : Authentication framework, 2000.
  60. Markus Jakobsson, Kazue Sako, and Russell Impagliazzo. Designated verifier proofs and their applications. In Ueli Maurer, editor, Advances in Cryptology - EuroCrypt '96, volume LNCS 1070, pages 143-154. Springer-Verlag, 1996.
  61. Jinn-Ke Jan, Yu-Yi Chen, and Yi Lin. The design of protocol for e-voting on the internet. In L.D Sanson, editor, Proceedings of IEEE 35th International Carna- han Conference on Security Technology, pages 180-189, Oct, 16-19 2001.
  62. Carlos Jensen, John Davis, and Shelly Farnham. Finding others online: reputa- tion systems for social online spaces. In Proceedings of the SIGCHI conference on Human factors in computing systems, pages 447-454. ACM Press, 2002.
  63. Audun Josang, Shane Hird, and Eric Faccer. Simulating the effect of reputation systems on e-market. In Paddy Nixon and Sotirios Terzis, editors, Proceed- ings of the First International Conference on Trust Management, volume LNCS 2692, pages 179-194. Springer-Verlag, May 28-30 2003.
  64. Audun Josang and Roslan Ismail. The beta reputation system. In Proceedings of the 15th Bled Conference on Electronic Commerce eReality: Constructing the eEconomy, pages 324-337, June, 17-19 2002.
  65. Audun Josang. Modelling Trust in Information Security. PhD thesis, The Nor- wegian University of Science and Technology, 1998.
  66. Audun Josang. An algebra for assessing trust in certification chains. In J.Kochmar, editor, Proceedings of the Network and Distributed Systems Security (NDSS'99) Symposium. The Internet Society, 1999.
  67. Audun Josang. A logic for uncertain probabilities. International Journal of Un- certainty, Fuzziness and Knowledge-Based Systems, 9(3):279-311, June 2001.
  68. Ari Juels. Trustee tokens: Simple and practical anonymous digital coin trac- ing. In Financial Cryptography: Third International Conference, volume LNCS 1648, pages 29-45. Springer-Verlag Heidelberg, February 1999.
  69. Radu Jurga and Boi Faltings. Towards incentive-compatible reputation manage- ment. In LNCS 2631, pages 138-147. Springer-Verlag, 2003.
  70. Sepandar D. Kamvar, Mario T. Schlosser, and Hector Garcia-Molina. The eigen- trust algorithm for reputation management in P2P networks. In Proceedings of the twelfth international conference on World Wide Web, pages 640-651. ACM Press, 2003.
  71. Sako K. Kazue and Joe Kilian. Receipt-free mix-type voting scheme a practical solution to the implementation of a voting booth. In Louis C. Guillou and Jean- Jacques Quisquater, editors, Advances in Cryptology -EuroCrypt '95, volume LNCS 921, pages 393-403. Springer-Verlag, 1995.
  72. Hiroaki Kikuchi, Minako Tada, and Shohachiro Nakanishi. Proof of signer and privacy revocation in ring signatures. In WISA 2003, pages 623-630, August 25-27 2003.
  73. Seungjoo Kim, Sangjoon Park, and Dongho Won. Proxy signatures, revisited. In Proc. of ICICS'97, International Conference on Information and Communi- cations Security, volume LNCS 1334, pages 223-232. Springer, 1997.
  74. Loren M. Kohnfelder. Toward a practical public-key cryptosystem. Master's thesis, MIT Laboratory for Computer Science, May 1978.
  75. Tadayoshi Kohno and Mark Gisovern. On the global content pmi: Improved copy-protected internet content distribution. In P.F. Syverson, editor, Proceed- ings of Financial Cryptography : 5th International Conference, volume LNCS 2339, pages 70-90. Springer-Verlag Heidelberg, February 19-22 2001.
  76. Peter Kollock. The production of trust in online markets. In S. Thyne E.J. Lawler, M. Mary and H. A. Walker, editors, Advances in Group Processes, volume 16. JAI Press, Greenwich, 1999.
  77. Byoungcheon Lee, Heesun Kim, and Kwangjo Kim. Strong proxy signature and its applications. In SCIS'2001, pages 603-608, Jan 23-26 2001.
  78. Jung-Yeun Lee, Jung H. Cheon, and Seungjoo Kim. An analysis of proxy signa- tures: Is a secure channel necessary? In M. Joye, editor, Proceedings of Topics in Cryptology -CT-RSA 2003: The Cryptographers' Track at the RSA Confer- ence 2003, volume LNCS 2612. Springer-Verlag Heidelberg, April 13-17 2003.
  79. Ronald M. Lee. Distributed electronic trade scenarios: Representation, design, prototyping. International Journal on Electronic Commerce: Special Issue on Formal Aspects of Digital Commerce, 3(2):105-136., 1999.
  80. Chu Yee Liau, Xuan Zhou, Stephane Bressan, and Kian-Lee Tan. Efficient distributed reputation scheme for peer-to-peer systems. In The 2nd Interna- tional Human.Society@Internet Conference, volume LNCS 2713, pages 54-63.
  81. Jiqiang Lv, Jingwei Liu, and Xinmei Wang. Further cryptanalysis of some proxy signature schemes. Cryptology ePrint Archive, Report 2003/111, 2003. http://eprint.iacr.org/.
  82. Greg Maitland, Jason Reid, Ernest Foo, Colin Boyd, and Ed Dawson. Linkabil- ity in Practical Electronic Cash Design. In Proceedings of Information Security Workshop (ISW 2000), volume LNCS 1975, pages 149-163. Springer-Verlag, 2000.
  83. Masahiro Mambo, Keisuke Usuda, and Eiji Okamoto. Proxy signatures for delegating signing operation. In Proceedings of the 3rd ACM conference on Computer and communications security, pages 48-57. ACM Press, 1996.
  84. Stephen P. Marsh. Formalising trust as a computational concept. PhD thesis, University of Stirling, 1994.
  85. Sergio Marti, Thomas J. Giuli, Kevin Lai, and Mary Baker. Mitigating routing misbehavior in mobile ad hoc networks. In Proceedings of the 6th annual in- ternational conference on Mobile computing and networking, pages 255-265. ACM Press, 2000.
  86. Cynthia G. McDonald and Carlos Slawson. Reputation in an internet auction market, 2000. Available at http://business.missouri.edu/mcdonald/ HarleyAuc- tion.pdf.
  87. P. Michiardi and R. Molva. Core : A collaborative in reputation mechanism to enforce node cooperation in mobile ad hoc networks. In B. Jerman-Blazic and T. Klobucar, editors, Communication and Multimedia Security, IFIP TC6/TC11 Sixth Joint Working Conference on Communication and Multimedia Security, pages 107-121. Kluwer Academic, September 26-27 2002.
  88. Nolan Miller, Paul Resnick, and Richard Zeckhauser. Eliciting honest feed- back in electronic markets. Working Paper, February 2003. Available at http://www.si.umich.edu/ presnick/papers/elicit.
  89. Barbara A. Misztal. Trust in Modern Society. Blackwell Publishers Inc, 1996.
  90. Lik Mui, Mojdeh Mohtashemi, and Ari Halberstadt. Notions of reputation in multi-agents systems: a review. In Proceedings of the first international joint conference on Autonomous agents and multiagent systems, pages 280-287. ACM Press, 2002.
  91. Lik Mui, Peter Szolovits, and Cheewee Ang. Collaborative sanctioning: appli- cations in restaurant recommendations based on reputation. In Proceedings of the fifth international conference on Autonomous agents, pages 118-119. ACM Press, 2001.
  92. Yi Mu and Vijay Varadharajan. An internet anonymous auction scheme. In In- formation Security and Cryptology -ICISC 2000 : Third International Confer- ence, volume LNCS 2015, pages 171-. Springer-Verlag Heidelberg, December 8-9 2000.
  93. Moni Naor. Deniable ring authentication. In Proceesings of Advances in Cryp- tology -CRYPTO 2002: 22nd Annual International Cryptology Conference, volume LNCS 2442, pages 481-498. Springer-Verlag Heidelberg, August 18- 22 2002.
  94. Clifford B. Neuman. Proxy-based authorization and accounting for distributed systems. In In Proceedings of the 13th International Conference on Distributed Computing Systems, pages 283-291, 1993.
  95. Hans Nilsson, Patrick Van Eecke, Manel Medina, Denis Pinkas, and Nick Pope. European Electronic Signature Standardization Initiative, July, 20 1999. Avail- able at http://www.ebanki.pl/zasoby/pliki/eessi.doc.
  96. Miyako Ohkubo, Fumiaki Miura, Masayuki Abe, Atsushi Fujioka, and Tatsuaki Okamoto. An improvement on a practical secret voting scheme. In Information Security: Second International Workshop, volume LNCS 1729, pages 225-. Springer-Verlag Heidelberg, November 1999.
  97. Eugenio Oliveira, Guiherme Pereira, and Claudio Gomes. Reliable framework architecture for multi-agent systems interaction. In The 7th International Con- ference on Computer Supported Cooperative Work in Design, pages 276-281. IEEE, 5-27 Sept 2002.
  98. Beng C. Ooi, Chu Y. Liau, and Kian L. Tan. Managing trust in peer-to-peer systems using reputation-based techniques. In Advances in Web Age Infor- mation Management (WAIM'03), volume LNCS 2762, pages 2-12. Springer- Verlag Heidelberg, August 2003.
  99. Rolf Oppliger, Guenther Pernul, and Christine Strauss. Using attribute certifi- cates to implement role-based authorization and access controls. In Proceed- ings of the 4. Fachtagung Sicherheit in Informationssystemen (SIS 2000), Z rich (Switzerland), pages 169-184, October 5-6, 2000.
  100. Boris Padovan, Stefan Sackmann, Torsten Eymann, and Ingo Pippow. A pro- totype for an agent-based secure electronic marketplace including reputation tracking mechanisms. In Proceedings of the 34th Hawaii International Confer- ence on System Sciences, pages 2235-2244, 2001.
  101. Joon S. Park and Ravi Sandhu. Smart certificates: Extending X.509 for secure attribute service on the web. In Proceedings, 22nd National Information Systems Security Conference, pages 337-348, October 18-21 1999.
  102. Joon S. Park and Ravi Sandhu. Binding identities and attributes using digitally signed certificates. In 16th Annual Computer Security Applications Conference (ACSAC), pages 120-127. IEEE, December 11-15 2000.
  103. Elan Pavlov, Jeffrey S. Rosenschein, and Zvi Topol. Supporting privacy in de- centralized additive reputation systems. In Proceedings of Trust Management: Second International Conference, iTrust 2004, volume LNCS 2995, pages 108- 119. Springer-Verlag Heidelberg, March 29 -April 1 2004.
  104. Torben P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In Joan Feigenbaum, editor, Advances in Cryptology -Crypto '91, volume LNCS 576, pages 129-140. Springer-Verlag, 1991.
  105. Kun Peng, Colin Boyd, Ed Dawson, and Kapali Viswanathan. Non-interactive auction scheme with strong privacy. In Information Security and Cryptology - ICISC 2002: 5th International Conference, volume LNCS 2587, pages 407-. Springer-Verlag Heidelberg, November 28-29 2002.
  106. Holger Petersen and Patrick Horter. Self-certified keys -Concept and Applica- tions. In Proceedings Conference on Communications and Multimedia Security, pages 102-106. Chapman & Hall, September 22-23 1997.
  107. Alfarez Abdul Rahman and Stephen Hailes. Supporting trust in virtual commu- nities. In Proceedings of the 33rd Hawaii International Conference on System Sciences, pages 1769-1777, 2000.
  108. Paul Resnick, Richard Zechauser, Eric J. Friedman, and Ko Kuwabara. Reputa- tion systems. Communication of the ACM, 43(12):45-48, December 2000.
  109. Paul Resnick, Richard Zeckhauser, John Swanson, and Kate Lock- wood. The Value of Reputation on eBay: A Controlled Experi- ment. Working paper for ESA conference in June 2002, Boston, MA, School of Information, University of Michigan, 2002. Available at http://www.si.umich.edu/presnick/papers/postcards/.
  110. Tracy Riggs and Robert Wilensky. An algorithm for automated rating of re- viewers. In Proceedings of the first ACM/IEEE-CS joint conference on Digital libraries, pages 381-387. ACM Press, 2001.
  111. Ronald L. Rivest, Adi Shamir, and Yael Tauman. How to leak a secret. In Colin Boyd, editor, ASIACRYPT '01, volume LNCS 2248, pages 552-565. Springer Verlag, December 9-13 2001.
  112. Jordi Sabater and Carles Sierra. Regret: A reputation model for gregarious societies. In Proceedings of the 4th Workshop on Deception, Fraud and Trust in Agent Societies, in the 5th International Conference on Autonomous Agents (AGENTS'01), pages 61-69, 2001.
  113. Jordi Sabater and Carles Sierra. Reputation and social network analysis in multi- agent systems. In Proceedings of the first international joint conference on Autonomous agents and multiagent systems, pages 475-482. ACM Press, 2002.
  114. Al F. Salam, Raghav H. Rao, and Carl C. Pegels. Consumer-perceived risk in e-commerce transactions. Communications of the ACM, 46(12):325-331, 2003.
  115. Jay Schneider, Gerd Kortuem, Joe Jager, Steve Fickas, and Zary Segall. Dis- seminating trust information in wearable communities. Personal Ubiquitous Computing, 4(4):245-248, 2000.
  116. Claus P. Schnorr. Efficient identification and signatures for smart cards. In J.-J. Quisquater and J. Vandewalle, editors, Advances in Cryptology EURO- CRYPT'89, volume LNCS 434, pages 688-689. Springer-Verlag, April 10-13 1989.
  117. Sandip Sen and Neelima Sajja. Robustness of reputation-based trust: boolean case. In Proceedings of the first international joint conference on Autonomous agents and multiagent systems, pages 288-293. ACM Press, 2002.
  118. Glenn Shafer. A Mathematical Theory of Evidence. Princeton University Press, 1976.
  119. Adi Shamir. How to share a secret. Communications of the ACM, 22(11):612- 613, 1979.
  120. Stephen S. Standifird. Reputation and e-commerce: ebay auctions and the asymmetrical impact of positive and negative ratings. Journal of Management, 27(3):279-295, 2001.
  121. Hung Min Sun and Bin Tsan Hsieh. On the security of some proxy signa- ture schemes. Cryptology ePrint Archive, Report 2003/068, 2003. http: //eprint.iacr.org/.
  122. Jacques Traor. Group signatures and their relevance to privacy protecting offline electronic cash systems. In Information Security and Privacy: 4th Australasian Conference, volume LNCS 1587, pages 228-243. Springer-Verlag Heidelberg, April 1999.
  123. Vijay Varadharajan, Phillip Allen, and Stewart Black. An analysis of the proxy problem in distributed systems. In Proceedings IEEE Symposium on Research in Security and Privacy, pages 255-275, 1991.
  124. Guilin Wang, Feng Bao, Jianying Zhou, and Robert H. Deng. Security analysis of some proxy signatures. In Proceeding of the 6th Annual International Con- ference on Information Security and Cryptology (ICISC 2003), volume LNCS 2971, pages 305-319. Springer-Verlag, November 27-28 2003.
  125. X. F. Wang, K. Hosanagar, R. Krishnan, and P. K. Khosla. Equilibrium repu- tation mechanism for mobile agent based electronic commerce. In Proceedings of the first international joint conference on Autonomous agents and multiagent systems, pages 308-309. ACM Press, 2002.
  126. Yuji Watanabe and Hideki Imai. Reducing the round complexity of a sealed-bid auction protocol with an off-line ttp. In Proceedings of the 7th ACM conference on Computer and communications security, pages 80-86. ACM Press, 2000.
  127. Joseph M. Whitmeyer. Effects of positive reputation systems. Social Science Research, 29(2):188-207, June 2000.
  128. Li Xiong and Ling Liu. A reputation-based trust model for peer-to-peer ecom- merce communities [extended abstract]. In Proceedings of the conference on Electronic commerce, pages 228-229. ACM Press, 2003.
  129. Toshio Yamagishi and Masafumi Matsuda. Improving the Lemon Market with a Reputation System: An Experimental Study of In- ternet Auctioning. Technical report, University of Hokkaido, 2002. http://joi.ito.com/archieves/papers/YamagishiASQ1.pdf.
  130. Xin Yao and Paul J. Darwen. How important is your reputation in a multi- agent environment. In IEEE International Conference on Systems, Man and Cybernetics, volume 2, pages 575-580, 12-15 Oct 1999.
  131. Po Wah Yau and Chris J. Mitchell. Reputation methods for routing security for mobile ad hoc networks. In Proceedings of SympoTIC '03, Joint IST Workshop on Mobile Future and Symposium on Trends in Communications, pages 130- 137. IEEE Press, October 2003.
  132. Bin Yu and Munindar P. Singh. A social mechanism of reputation management in electronic communities. In Proceedings of the 4th International Workshop on Cooperative Information Agents, pages 154-165, 2000.
  133. Bin Yu and Munindar P. Singh. Detecting deception in reputation management. In Proceedings of the second international joint conference on Autonomous agents and multiagent systems, pages 73-80. ACM Press, 2003.
  134. Giorgos Zacharia, Alexandros Moukas, and Pattie Maes. Collaborative reputa- tion mechanisms in electronic marketplaces. In Proceedings of the 32nd Hawaii International Conference on System Science, volume Track 8, pages 1-7. IEEE, Jan 5-8 1999.
  135. Philip R. Zimmermann. The Official PGP User's Guide. MIT Press, Cam- bridge, MA, USA, 1995. Available at http://www-mitpress.mit.edu/mitp/recent- books/comp/pgp-user.html.

Related papers

Strong privacy in reputation systems (preliminary version)
roslan ismail

Reputation systems are emerging as a promising method for enabling electronic transactions with unknown entities to be conducted with some level of confidence. Consequently the topic of reputation systems attracts increasing attention from players in the e-business industry. However, it seems that up until now privacy issues have not been given a fair treatment in the literature on reputation systems. We identify two different concerns for privacy in reputation systems: one is for the feedback provider and the other is for the feedback target. Possible solutions for each of these concerns are proposed based on electronic cash technology and designated verifier proofs. These are described within a new architecture for managing reputation certificates.

View PDFchevron_right
Transactional Security for a Distributed Reputation Management System
Winfried H Lamersdorf

Lecture Notes in Computer Science, 2002

Today, reputation systems such as ebay's prominent "Feedback Forum" are becoming more widespread. In such a system, reputations are formed by aggregating ratings participants give and receive. These reputations, however, are bound to a specific platform preventing participants from taking and showing their hard-earned reputations elsewhere. That makes the reputations less valuable and leaves them vulnerable to manipulation and total loss. In this paper, we propose a viable solution to these issues in which current P2P and PKI technologies are employed to shift ownership and responsibility back to the participants. Our envisioned Reputation Management System, therefore, uses contextdependent feedback gathered in questionnaires and provides security for peer transactions to ensure integrity, confidentiality and privacy.

View PDFchevron_right
A Survey of attacks on Reputation Systems
David Zage

2007

Reputation systems provide mechanisms through which multiple parties can quantify the trust between one another. These systems seek to generate an accurate assessment in the face of unprecedented community size, while providing anonymity and resilience to malicious attacks.

View PDFchevron_right
Anonymous and Publicly Linkable Reputation Systems
Johannes Blomer

Lecture Notes in Computer Science, 2015

We consider reputation systems where users are allowed to rate products that they purchased previously. To obtain trustworthy reputations, they are allowed to rate these products only once. As long as they do so, the users stay anonymous. Everybody is able to detect users deviating from the rate-products-only-once policy and the anonymity of such dishonest users can be revoked by a system manager. In this paper we present formal models for such reputation systems and their security. Based on group signatures we design an efficient reputation system that meets all our requirements.

View PDFchevron_right
A privacy preserving distributed reputation mechanism
Valerie Viet Triem Tong

2013 IEEE International Conference on Communications (ICC), 2013

Reputation systems allow to estimate the trustworthiness of entities based on their past behavior. Electronic commerce, peer-to-peer routing and collaborative environments, just to cite a few, highly benefit from using reputation systems. To guarantee an accurate estimation, reputation systems typically rely on a central authority, on the identification and authentication of all the participants, or both. In this paper, we go a step further by presenting a distributed reputation mechanism which is robust against malicious behaviors and that preserves the privacy of its clients. Guaranteed error bounds on the estimation are provided.

View PDFchevron_right

Related topics

  • Computer Security
  • Reputation System
  • Queensland University of Technology
  • Rating System
    • 580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved