Embed Size (px)
Citation preview
Introduction
Doing your taxes……..
April….a “TAX”ing time……..
Allowing an online professional tax consultant to file your taxes.
Most people (businesses, companies) find it stressful ! !
How much do you trust him/her with all your information?How much do you trust your Chartered Account? Your Lawyer? Your Doctor ?
Introduction • Our day to day dealings or transactions involve trusting
somebody.
• Depending on the severity of the transaction, trust is placed– implicitly in various parties or
– “enforced” by various means.
Trust
Introduction
• The utility and benefits of Electronic Commerce are well known.
• However it is acknowledged that E-Commerce has fallen short of its expected potential in terms of applications.
• This can be attributed among many factors to the Lack of Trust that participants have in e-commerce transactions.
• This presentation examines this issue of TRUST in E-Commerce…….
Electronic Commerce
Vijayanand Bharadwaj
CS691P Computing SecuritySpring 2002
March 20th, 2002
Trust in Electronic Commerce
Presentation Overview Two Parts
1. Trust in Electronic Commerce : An overview
2. Trust in Unenforced Transactions
Trust in E-Commerce
• Definition of Trust [1]: The confidence that participants in commerce have that their activities (transactions and other exchanges of information, goods, and services) will be protected and conducted as intended.
• Let us examine the Features of Trust in E-commerce. Namely,– Where and when is Trust required– What are its constituents– What factors create and enhance Trust– How does Technology contribute to Trust
Definition & Features
Trust in E-Commerce Steps in a Generic Transaction
A B
Time
Initial search for goods and services (using search engines, responding to advertisement banners etc.)
Negotiating and Contracting
A BStep 2
Step 1
A B
Delivery and PaymentStep 3
Trust in E-Commerce Where & When is Trust needed
• From the previous figure, entities A and B need to trust each other at all points during the entire process
• Specifically:
– Trust that the other entity is really who it claims to be
– Trust the process and mechanisms by which they exchange information
– Trust the actual information exchanged
– Trust the negotiation process and final contract
– Trust that the other party will complete its contract and not defect
Trust in E-Commerce Constituents of Trust
TrustIt is possible to trust if
assured that the process and participants
conform to the following characteristics
Identification &
Authentication
Message Confidentiality
Message Integrity Non-repudiation
Transparent Process
Traceability &Accountability
TrustTrustTrust
Trust in E-Commerce Creating & Enhancing Trust
Social Factors(Familiarity, reputation,
Social Organization)
Organizational & Procedural Factors(banks, credit card
companies and their rules)
Legal System(Law Enforcement
agencies andJudicial system)
Technology
(Encryption,Protocols, Standards, Tools)
Trust
Can be Enhanced by
Trust in E-Commerce Creating & Enhancing Trust
• Trust is enhanced by these factors, specifically each contributes to enhancing Trust as follows:– Social factors (Invoke and Establish Trust)
• Familiarity
• Reputation
• social organization (circle of known people)
– Organizations and Procedures (Enable Trust)• Banks, Credit Card Companies
• Transparent Rules and Procedures e.g. Transfer of funds
– Technology (Enable and Enforce Trust)• Encryption, Protocols, Standards etc
– Legal System (Enforce Trust)• Law Enforcement and Judicial system
Trust in E-Commerce Technology for Trust
• Technological innovations in Computing Security have contributed to Trust in the following manner– Mechanisms such as
• Encryption
• Hashing Algorithms
• Digital Signatures
• Certificates
• Biometrics
– Infrastructures for the above such as• Public Key Infrastructure (PKI)
• Pretty Good Privacy (PGP) etc
– Protocols • Secure Sockets Layer (SSL)
• SET
– Procedures • Verified by Visa
Trust in E-Commerce Fundamental basis of Trust
• However it is important to note the following (for most cases):– Over and above all the technology involved in present day
transactions, human intervention is always possible at all stages.
– Every step can be scrutinized by humans prior to initiating the first step and if not found to be trustworthy then the entity involved in the transaction can refrain from beginning the transaction process.
– We are safe in the knowledge that violation of the contract and breach of trust by the any party will affect it adversely than do any good.
– Even if the transaction does fail due to any violations in the contract the parties involved can resort to litigation. Thus a “safety -net”
Trust in E-Commerce Fundamental basis of Trust
• In other words all these transaction are based on
1. Transparent process which is trustworthy
2. Knowledge that any violation will adversely affect the guilty party.
3. Traceability and Accountability
Trust in E-Commerce Types of Transactions
E-Commerce Transactions
With Human Supervision or Intervention.
With minimal Human Supervision or
intervention. Mostly conducted by Processes
or Agents
Enforced by Law Unenforced
Trust in Unenforced E-Commerce Transactions
E-Commerce Transactions
With Human Supervision or Intervention.
With minimal Human Supervision or
intervention. Mostly conducted by Processes
or Agents
Enforced by Law Unenforced
Trust Possible !! Trust ???
Trust in Unenforced E-Commerce Transactions UnenforcedTransactions
• What are Unenforced Transactions?[2]
– Transactions whose participating entities and the procedures they follow are not be accountable to some mutually acceptable agency.
– They are not in common use and currently valuable in a theoretical context .
– Interesting from the point of view of agents conducting transactions without human intervention: agents at auctions etc.
• Why is it difficult to Trust in Unenforced Transactions?
– Lack of Traceability and Accountability being the primary reason
Trust in Unenforced E-Commerce Transactions UnenforcedTransactions
• Why are they not Accountable ?
– Adequate laws may be lacking for certain kinds of transactions.(e.g laws to enforce reliable delivery of pay-per-view multimedia)
– The transactional entities (humans and/or software agents) may be governed by different laws --being in different countries.
– Enforcement of existing laws maybe be impractical expensive and thus not strictly enforced.
– An entity may vanish at any time leaving no trace and hence not easy to connect the electronic presence to the real-world party that it represents.
DifferencesTrust in Unenforced E-Commerce Transactions
• How do we create Trust?
Enforced transactions work because• Human Intervention and scrutiny at all stages (“seeing is believing”)
• Trustworthy process i.e. trust is built into the process by ensuring that a party that violates the contract will be doing so to its own disadvantage
• All parties are traceable and accountable.
• In the case of Unenforced transactions,– Neither the first nor the third properties hold so it is important to
ensure that the second holds always.• Violating the contract at any stage of the transaction is of less benefit
than conforming to it till the end.
AlgorithmTrust in Unenforced E-Commerce Transactions
• We look at algorithm [2][3]which provides a solution to this problem. (This is one part of the author’s doctoral dissertation)
• Principle: Given two agents, a supplier S and demander D who wish to exchange goods/services for payment. The algorithm manages the exchange process so that gains from completing the exchange (cooperating according to the contract)at any point are larger for both agents than the gains from terminating it (defecting the exchange prematurely by vanishing)
For example : defection might benefit D if S has delivered much more than what D has paid for.
AlgorithmTrust in Unenforced E-Commerce Transactions
• To prevent defection goods and payment are exchanged in the form of installments or chunks.
• These chunks are delivered in a sequence which is said to be “safe”, if at any point in the exchange neither agent is motivated to exchange.
AlgorithmTrust in Unenforced E-Commerce Transactions
Implementation: • The exchange proceeds on two axes:
The portion of goods delivered by exchange step n is called xn [0, 1], and the cumulative payment so far is pn [0,pcontr],
where pcontr is the total payment specified in the contract.
• S and D value the goods x according to non-decreasing functions that are in equivalent units of payment p. The supplier's value function vs(x) describes how much cost the supplier incurs by generating and delivering x. The demander's value function vd(x) describes what the goods x are worth to the demander.
AlgorithmTrust in Unenforced E-Commerce Transactions
• A self-interested supplier agent will cooperate through the rest of the exchange from an arbitrary point (x, p) if its future compensation is at least as great as its future cost that is, if pcontr - p>= vs(1) - vs(x).
• This assumes that the demander will finally increase cumulative payment to pcontr.
• We define pmax(x) intuitively as the maximum cumulative payment that the demander can pay for a given cumulative delivery x without inducing the supplier to defect
pmax(x) = pcontr - vs(1) + vs(x).
AlgorithmTrust in Unenforced E-Commerce Transactions
• Similarly, a self-interested demander agent will cooperate through the rest of the exchange from an arbitrary point (x, p) if the compensation it has to pay is smaller than or equal to its added value that is, if pcontr - p < = vd(1) - vd(x).
• This assumes that the supplier will finally increase total delivery to 1.
• pmin(x) is defined as the minimum cumulative payment that has to be made for a given cumulative delivery x so that the demander is not induced to defect:
pmin(x)=pcontr - vd(1) + vd(x)
Trust in E-Commerce Algorithm
Figure 2. Examples of Unenforced Exchange
(left) Safe exchange with uncountable goods.
(middle) Safe exchange of countable goods
(right) Safe exchange of countable goods impossible.
In each of the three cases, pmin(1) = pmax(1) = pcontr.
The agents make simultaneous moves and try to stay inside the safe region at each step (that is, the supplier does not want to deliver too much at once, while the demander does not want to pay too much).
Each agent wants to make sure that safety is maintained even if the opponent does not deliver or pay at all on the current move. That is why the exchange on the right cannot be safe.
AlgorithmTrust in Unenforced E-Commerce Transactions
• Supplier's strategy At any step of the exchange, if the exchange is within the safe region (gray region in Figure1), then supply as much as possible while keeping the exchange in the safe region assuming that the demander does not pay at all on this step. If the exchange is not in the safe region, exit.
• Demander's strategy At any step of the exchange, if the exchange is within the safe region, then pay as much as possible while keeping the exchange in the safe region assuming that the supplier does not supply at all on this step. If the exchange is not in the safe region, exit.
AlgorithmTrust in Unenforced E-Commerce Transactions
Condition for Safe transaction : For every two consecutive
amounts x and x' of cumulative delivery,
pmax(x) >= pmin(x').
Intuitively::
From the Supplier’s point of view:
– Assume S has delivered x’, and even if D delays payment or defects without paying, the value acquired from the current transaction is greater than that will be obtained even if D pays on time.
From the Demander’s point of view:
– Assume D has already paid (between pmax(x’) and pmin(x’) for x’, even if S delays delivery or defects, the cost that S has incurred already for delivering x is greater than the benefit that S will get by defecting with the payment for x’.
AlgorithmTrust in Unenforced E-Commerce Transactions
• Rest of this paper
– Some constraints involved in Condition of Safe Exchange (apply to the definition of the value functions)
– Mathematical Proofs of the Condition based on Game Theory and Nash Equilibrium
– Differences if Goods are Countable and Uncountable (coffee, gasoline, information etc)
– Case of Non-Isolated Exchanges (introduction of Defection Penalties)
– Delivery Sequencing (Chunking Algorithm to find a safe sequence)
– Possible Architecture (Figure 2)
Trust in E-Commerce Algorithm
Figure 2. The architecture of two self -interested agents with exchange manager modules. The exchange manager module executes the contract.
Trust in E-Commerce Benefits of this Exercise
• Though this work seems theoretical at first it has sound practical implications
• Value of this algorithm– Demonstrate that other such algorithms can be used in different stages
of transactions (negotiation and contracting --author’s primary research interests [3])
– Algorithms can be formally proven correct , in other words we obtain a formal proof of a Trustworthiness of a process ! This helps to weave Trust in the process itself which is a must in situations where enforcement may or may not be possible.
– These techniques can be used in any sort of transactions and not only those that are unenforced . Prior to contracting one can check the proposed methods of exchange against such rules and if they fail to satisfy then do not contract at all.
Trust in E-Commerce Issues of concern
• Apart from the constraints in the algorithm techniques itself the following need to be addressed
– Design and development of Agents which correctly perform to the algorithms specifications --(Classical problem in any software system)
– Security issues pertaining to Agents (authentication,message confidentiality, etc)
– Protection from Malicious Agents.
Future Work Contents of the Paper
In addition to elaborating on this presentation the paper will
specifically address the following:
1. Details of “Technologies For Trust”: brief description of the principles used by some techniques such as,
a. Drawbacks of the PKI and possible alternatives (PGP)b. Protocols and Procedures (Verified by Visa)
2. Algorithm details and implications
3. Trust Management Infrastructures (Trust Metrics, Trust Models)
Summary• Notion of Trust and its need in E-Commerce transactions
• Constituents of Trust
• Creation and Enhancement of Trust
• Technology for Trust
• Fundamental Basis of Trust
• Trust Unenforced Transactions
• Algorithm
• Benefits and Concerns
• Future Work
References[1] Steinauer Dennis D. et al. “Trust and Traceability in Electronic
Commerce”, Information Technology Laboratory NIST. September 1997. http://nii.nist.gov/pubs/trust-1.html (03/18/2002).
[2] Sandholm T.W,“Unenforced transactions in E-Commerce”, IEEE Internet Computing Volume.1, No. 6; November-December1997, pp. 47-54
[3] Sandholm T.W , “Negotiation among Self-Interested Computationally Limited Agents”, doctoral dissertation, University. of Mass., Amherst, 1996; available at
http://www-2.cs.cmu.edu/~sandholm/dissertation.ps
Other References in the accompanying paper.
