Dimitri DeFigueiredo Earl Barr S. (Felix) Wu Adobe Systems Inc. UC Davis UC Davis International Conference on Privacy, Security, Risk and Trust
Overview Motivation Conceptual Properties Formal Model Theorems Key Point 2 PASSAT 2009
Can I trust him? What is it? What is it used for? 3 PASSAT 2009
Trust Trust is useful. What is it? What is it used for? Ratings are not the same as trust. Why not? 4 PASSAT 2009
How do we use Trust? Trust helps us avoid risks that depend on others We dont take risks with people we do not trust We are vulnerable to the actions of people we trust Trust is under each persons complete control I trust you as much as I want 5 PASSAT 2009
Basic Properties Two-role rule Domain specific Complete ordering Higher is better 6 PASSAT 2009
Trust Values Definition: Trust values are real numbers. Think in dollar$ How much would you bet C will be on time for dinner? 7 PASSAT 2009
Reputation Graph From your experience, how much would you bet C is a good seller? 8 PASSAT 2009 $100 B A C D E $20 $50 $10 $60 $30 $10
World G 0 G 1 G k A World is a sequence of reputation graphs 9 PASSAT 2009 …
Reputation Function World Trust Graph f … 10 PASSAT 2009
Trust Graph 11 PASSAT AB CD 20
Trust Graph 12 PASSAT AB CD ? ? ? ? ? ? ? ? ? 20
Trust Threshold Trusted or Untrusted? h A =30 h C =9 13 PASSAT AB CD 20
How can we make Trust transitive? 14 PASSAT AB CD 20
Trust - Definition Trust is the personal threshold determined by the trusting party that describes the maximum utility the trusting party is willing to risk when dealing with the trusted party. 15 PASSAT 2009
For any world W For any permutation of vertices π World Trust Graph … Normalized Reputation Function 16 PASSAT 2009 f
Why normalize? 17 PASSAT 2009 trusted Why? A B C F E D N.Y.T
Why normalize? 18 PASSAT 2009 N.Y.T. trusted A B C F E D
A DC B Types of Reputation Function Trivial 19 PASSAT 2009 AB C D A DC B
Types of Reputation Function Trivial Consensus-based 20 PASSAT 2009 A DC B AB C D 30 = 30
Types of Reputation Function Trivial Consensus-based Personalized 21 PASSAT 2009 A DC B AB C D
A Collusion 22 PASSAT AB CD 20
An Untrusted Collusion h A =30 23 PASSAT AB CD 20 10
W W A Manipulated World 24 PASSAT AB CD A DC B ? AB CD ? ? W Manipulated W f f h A =30
Non-exploitability For any trust threshold h a vertex chooses, no untrusted collusion can fool it. 25 PASSAT 2009 A DC B ? AB CD ? ? Manipulated W f
Theorems Impossibility All non-exploitable consensus-based reputation functions are trivial Possibility There are non-trivial non-exploitable personalized reputation functions 26 PASSAT 2009
Impossibility Proof Sketch h A = PASSAT A C=20D= B=50 What if h C = 30 ?!
Possibility Proof Sketch Constructive proof For a reputation threshold λ=0.5 Define: λ= PASSAT B A C
Possibility Proof Sketch Non-trivial λ= PASSAT B A C
Possibility Proof Sketch Non-exploitable For any trust threshold h set by any trusting party: untrusted node is not reachable unreachable node node cannot make other nodes reachable or unreachable 30 PASSAT B A C
Key Point Trust is a personal value. Rating systems should allow different people to have different points of view 31 PASSAT 2009
Questions? Thank you! Full version 32 PASSAT 2009