forked from decrypto-org/TrustIsRisk
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathnotes_on_others
165 lines (145 loc) · 10.9 KB
/
notes_on_others
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
Bitcoin
Does not involve trust to anybody, but trust to the correctness of the algorithm, outside our scope
PGP pathfinder (pgp.cs.uu.nl)
i) PGP signatures model meeting in person and verifying that a particular public key belongs to a particular person
ii) PGP pathfinder does not quantify trust because anyone on the chain could be a liar or mistaken
iii) This is inherently a binary (a.k.a simple) trust setting, still not satisfactorily solved
open reputation (not actively developed)
Decentralized Internet-of-Things reputation
i) Virtues: simple or complex general measures of reputation (e.g. honest->[0,100], "authored by"->{0,1})
ii) Reputes: specific measures of reputation (e.g John's "honest" repute is in Jack's opinion 94)
iii) Reputer: Agent (user, web app, IOT sensor) attributing reputation to another object, also including this attribution to the reputer's reputation.
iv) Reputee: Object (not necessarily agent) accepting (or not) a reputation given out by a reputer
v) Reputery: intermediate between reputer and reputee (e.g. web service allowing users to rate an online shop)
vi) Unclear definitions of direct and indirect reputation
vii) Public (blockchain) ledger for identities, reputations and relations
A Computational Model of Trust and Reputation - Mui
i) Discussion of reputation & trust as distinct things
ii) computational model based on social and scientific disciplines
iii) Uses concept of social reciprocity (be nice to nice people and bad to bad ones)
iv) reputation->trust->reciprocity->reputation->... (trust-/>reputation directly)
v) Static network (no new/leaving nodes), binary actions (defect, cooperate)
vi) The higher the trust level of a_j for agent a_i , the higher the expectation that a_i will reciprocate agent a_j ’s actions. That is a special-case trust.
vii) The math is simple statistics: if the other has been reciprocal p/n times, that is the expected reciprocity next time.
viii) Encounters are only pairwise, reciprocity increases only when both choose the same action in the same encounter.
ix) Reliability to intermediary nodes is augmented with each encounter, whether bad or good.
An integrated trust and reputation model for open multi-agent systems, FIRE - Dong Huynh (not completely read, up to 12)
i) Open, decentralized, no global knowledge
ii) Reputation is societal trust
iii) No use of digital signatures. Explicitly avoids considering lying, inaccuracy and withholding of information.
v) Context-aware [-1,+1] ratings
vi) Trust for each of 4 sources of trust (personal experience, witnesses, role-based rules, certificates target provides) is calculated using weighted average.
vii) Several hand-tuned parameters and arbitrary (but sensible) function choices
A survey of trust and reputation systems for online service provision - Josang
i) Overview of existing and proposed systems
ii) Users rate each other - positive effect on market quality
iii) Extensive talk about trust categories, related concepts, (de)centralized architectures, computation engines
iv) Beta PDF, PageRank practical explanation
v) Concrete examples (e.g. Ebay) are mostly primitive and ad-hoc
Beta Reputation System - Josang
i) Beta Density function - good statistical foundations, only binary rankings
ii) Only building blocks, not entire infrastructure
iii) Centralized edition, generalizable to decentralized version
CORE - Michiardi
i) MANET reputation system
ii) Subjective (personal) and indirect reputation (time, function dependent) are considered functional reputation. Summation over all functions is the global reputation, r(s_i,s_j,t).
iii) Watchdog mechanism: occasionally (?) compares expected with received results to reduce reputation if misbehavior is detected.
iv) Only positive rating factors can be distributed among the entities while the negative rating factors are evaluated locally to protect from false damaging reports.
v) Assumption: No colluding parties.
vi) Reputation usage: DoS to nodes with negative reputation.
vii) Watchdog mechanism protects only from selfish, not malicious nodes (not even from selfish & malicious nodes)
viii) Currency to promote good node behavior is considered.
Decentralized Reputation Management for cooperating Software Agents in open Multi-Agent Systems - Grunert
i) MAS reputation system for rating CPS (Cooperative Problem Solving) members.
ii) Each node saves its reputation locally. Colluding agents and white-washing not mitigated.
iii) Relies on (trusted) second entities to ensure identification and arbiter/intermediary services.
iv) After cooperation, everybody rates everybody.
v) No concrete reputation metric is proposed.
vi) Time-based leases.
An Architectural Approach for Decentralized Trust Management, PACE - Suryanarayana
i) Thoroughly describes an architecture for p2p trusted communication
ii) No trust semantics - application dependent
iii) Rather serious approach
iv) Messages are the ones assigned trust values.
Decentralized Trust Management for Ad-Hoc Peer-to-Peer Networks - Repantis
i) Same target as PACE and CORE
ii) Reputation = sum of ratings
iii) Content/Service providers are rated
iv) TTL-based flooding
v) Reputation is verified by comparing content provider neighbours' view of reputation.
vi) Various security holes, most notably Sybil-attackable
vii) Confidence concept introduced: More neighbours reporting same reputation for a peer means more confidence in the truth of their words
vii) Beautiful Related Work section
Decentralized Trust Management in Peer-to-Peer Systems - Visan
i) Claims to improve on TrustMe.
ii) Structured: Tree with higher (global) trust values closer to the root (SOPSys)
iii) New trust calculated with an exact formula, with ratings only in a specified time interval considered
iv) Trust communication and storage considered, not trust creation
A Generic Framework for Modeling Decentralized Reputation-based Trust Models
i) 4C: Content, Communication, Computation, Counteraction
ii) Subject (reputation evaluator of the target peer), Target, Recommender (informs subject peer): A subject asks a recommender how good a target is. Recommenders' recommendations are considered according to their reputation
iii) Trust is a number. It is generated by combining personal experience with peer P and the peer's reputation R.
iv) Reputation is a set of binary, discrete or continuous values that is context-aware and may expire.
v) Peers may belong to groups, there may be group hierarchy and multiple participation. Group reputation is also possible.
vi) Context of trust is considered, with sub-contexts as well.
vii) Communication protocols: initiated by subject or target. Hop counts are considered.
viii) "Degree of trust in unknowns", "Recent interaction weight", "Trust Threshold", Trust Value = w*P + (1-w)*R (limiting)
ix) Has an editor that produces an XML description of the trust model as output
x) No privacy considerations, trust and reputation are not clearly distinguished, cryptography is not used, peer hierarchy not present, offline peers implicitly ignored
Bazaar
Centralized marketplace (EBay server-side add-on) with a risk network
i) centralized because it needs full network knowledge by the trusted authority to calculate maxFlow
ii) Direct trust (DT(A, B)) is a non-directional weighted edge
iii) Indirect trust (IT(A, B)) is the maxFlow
a) IT(A, B) = IT(B, A)
b) IT > DT
iv) User (customer) input: positive/neutral/negative feedback
v) Bazaar-NDSI.pdf, Figure 2 for mechanics
Beaver
Decentralized marketplace with star&review-based reputation (non Sybil attackable)
i) 3 actors: customers, vendors, miners
ii) Untraceable public reviews (protecting customers)
iii) Specific marketplace orientation (cannot implement things like popcorn)
iv) Public ledger with complete history - trust highly subjective
v) Sybil attacks mitigated with (arbitarily tuned) cost-of-registration and cost-of-product listing for vendors and one review per transaction
vi) beaver.pdf, Figure 2 for details
Byzantine protocols
i) Wide variety
ii) Used to reach distributed consensus on reasonably objective things (file contents etc)
Synereo
Decentralized "facebook"
i) Attention economy
ii) Concept of "current" with which each post flows from node to node
iii) No direct concept of trust - nobody can make you lose anything except for time
iv) Engagement function of (e.g given in paper) read, like, share (not directly of time spent engaging content)
v) current(gk, e, H) = charge(H, content(e)) ∗ AMPs(e) ∗ engagement(s, t, H) ∗ Reo(s, t, H) where gk node behavior, e event, H history, s source, t target, AMPs conserved currency (user adjustable), Reo mean engagement
vi) posts are ordered based on current
vii) Somewhat cryptic paper (and dubious expressions: 'Step forward and kneel young organizing principle, we dub thee Ceptron. Go forth and organize online experiences for the good of all peoples everywhere.')
Trust and Social Collateral
MaxFlow as trust mechanism
i) Undirected graphs (c(v,u)=c(u,v)), but claims to be extensible to directed ones
ii) Encouraging results from fitness in real-life situations
iii) Study of dynamics of such networks based on a concrete game-theoretic model of 5 stages. Restricts the game by implying an arrangement between all the intermediate parties between the transaction is completed. This way the network isn't vulnerable to complete breakdown after one Transitive Game.
iv) If the borrower steals, then each intermediary can either pay up the preagreed value to the lender, or pay nothing.
v) Capacity represents value of friendship and is more subjective than bitcoin
vi) "The identity of the borrower and the lender and the value of V are publicly observed by all players."
vii) Reaches similar results from a different initial point. Uses game-theoretic arguments.
TrustDavis
i) Trust-as-risk
ii) Reminds TrustIsRisk in a pre-bitcoin era a lot
iii) For a safe transaction where A pays x to B it must be maxflow(A,B) >= x AND maxflow(B,A) >= x.
iv) Before bitcoin, so supposes the honesty of parties
v) Trust references do not get automatically depleted when the intermediary has to pay the trusted party
vi) Employs differential valuation ideas for motivation (bonds, rates, etc)
vii) Mainly proposes broker strategies
Money as IOUs
i) More of a draft
ii) Proposes a set of decentralized currencies, each an IOU between trusted parties
iii) Does not address how trust is obtained or how much of it exists
iv) I can pay a party that doesn't trust me by finding a chain of trusts and having the last link pay with her IOUs, then reimbursed with IOUs of the second last link and so on until I pay the second link.
Web of Trust
i) Good overview of previous work
ii) A percentage of trust is assigned to people of whom the public keys I have
iii) "for such a model to be valid, the way trust is determined must be standardized, as to make clear what a probability value actually means." - does not provide an intuitive trust standard.
iv) Not very clear in its explanation of algorithms for trust calculation, but seem as interesting heuristics for subexponential probabilistic calculations.
v) Does not really have to do with our approach.