4/1/2008
1
Amirreza Masoumzadeh
March 25, 2008
Social Web @ SIS . Pitt
Agenda� Definitions
� Properties
� Trust in Information Security
� Reputation and Collaborative Filtering
� Trust/Reputation Systems
� Trust/Reputation Computation
� Applications� Commercial online systems
� More theoretical ones
� Problems in Online Systems
4/1/2008
2
Reputation� [OED]
� Common or general estimate of a person with respect to character or other qualities
� [Wikipedia]
� Opinion (more technically, a social evaluation) of the public toward a person, a group of people, or an organization
Trust� [OED]
� Confidence in or reliance on some quality or attribute of a person or thing, or the truth of a statement
� Reliability Trust [Gambetta]� Subjective probability by which an individual, A, expects that
another individual, B, performs a given action on which its welfare depends
� Decision Trust [McKnight and Chervany]� The extent to which one party is willing to depend on
something or somebody in a given situation with a feeling of relative security, even though negative consequences are possible
4/1/2008
3
Reputation vs. Trust� Have been used interchangeably by some authors
� A simple example
� I trust you because of your good reputation
� I trust you despite your bad reputation
Other Trust Properties� Context dependant
� Trusting a doctor for recommending a medicine vs. a bottle of wine!
� Trusting an old-looking rope for climbing down of an apartment when in a fire drill vs. a real fire situation
� Transitive
� Not completely in mathematical sense, but it is passed
� Asymmetric
4/1/2008
4
Trust Transitivity
Trust measures� Binary
� e.g., “Trusted”, “Not trusted”
� Discrete
� e.g., strong-trust, weak-trust, weak-distrust, strong-distrust
� Continuous
� Percentage
� Probability
� Belief
4/1/2008
5
Semantics of measures� Specificity/generality
� Specific: relates to a specific trust aspect
� General: represent an average of all aspects
� Subjectivity/objectivity
� Subjective: subjective judgment
� Objective: assigned based on formal criteria
Specific General
Subjective Survey questionnaires eBay, Voting
Objective Product tests Synthesized general score from product tests
Semantics of measures:
Characteristics� Subjective
� Difficult to protect against unfair ratings
� Objective
� Verifiable by others
� Generated automatically
� Subjective-general
� often fails to assign a credit or blame to the right aspect or even the right party
4/1/2008
6
Trust in Information Security� Identity trust
� Measure of correctness of a claimed
� Measured using credentials
� Term trust provider is used for CA
� Trust negotiation
� Chained identity certificates : trust transitivity
� Distributed trust management
Soft Security� Traditional security mechanisms protect resources
from malicious users using policies (hard security)
� Users have to protect themselves from those who offer services (reverse scenario)� E.g., false or misleading information
� Trust and reputation systems as social and collaborative control mechanisms
� Assessing the behavior of members in the community against the ethical norms� Ethical norms are not defined precisely, but dynamically
formed
4/1/2008
7
Collaborative Filtering vs.
Reputation SystemsCollaborative Filtering Collaborative Sanctioning
� Collect ratings
� Subject to taste as input
� Different people, different tastes
� Find neighbors
� Goal
� Better recommendations to users
� Optimistic world view
� All participants are trustworthy and sincere
� Collect ratings
� Insensitive to taste
� All the community have similar opinion (if they are truly aware)
� Goal
� Sanction poor service providers, motivating them to provide quality services
� Pessimistic world view
� Some participants try to misrepresent
� Some works study the effect of reputation on collaborative filtering
4/1/2008
8
Traditional vs. Online Environments� Traditional cues of trust and reputation (e.g., physical
encounter) are missing in online environments
� Find additional online substitutions
� Communicating and sharing trust and reputation info is relatively difficult in real world and normally considered to local communities in the physical world
� Take advantage of IT and Internet
Properties of Reputation Systems� Entities must be long lived, so that with every
interaction there is always an expectation of future interactions
� Ratings about current interactions are captured and distributed
� Protocol: centralized is easy, distributed is challenge
� Willingness to rate
� Ratings about past interactions must guide decisions about current interactions
4/1/2008
9
Trust vs. Reputation Systems (I)Trust Systems Reputation Systems
� Input
� take subjective and general measures of (reliability) trust into account
� Return value
� a score reflecting the relying party's subjective view of entity's trustworthiness
� Personalized
� Input
� use ratings about specific (and objective) events, such as transaction
� Return value
� entity's (public) score as seen by the whole community
� Global
Trust vs. Reputation Systems (II)Trust Systems Reputation Systems
� Appropriate for
� Medium and small environments
� Transitivity
� an explicit component
� Appropriate for
� Large environments Such as online reputation systems
� Transitivity
� take it into account implicitly
� Not always clear to classify a system as one of them!
4/1/2008
10
Centralized Architecture� Centralized
communication protocol� Participants provide
ratings about transaction partners
� Obtain reputation scores from CA
� Reputation computation engine� CA use it to derive
reputation scores based on ratings and possibly other info
Distributed Architecture� No CA, but distributed
stores or just each participant records its own ratings
� Relying party must find distributed stores or get as many as possible ratings from previous partners of the entity
4/1/2008
11
Information Sources� Direct experience
� Most relevant and reliable
� Witness information (recommendations)
� Sociological information
� Different type of relations between society members based on roles individuals play
� Prejudice
� Assign properties to an individual based on signs that identify it as a member of a given group
4/1/2008
12
Simple Summation/Average� Summation
� Binary rating (positive/negative)
� Very simple to understand, primitive
� Average
� Numerical ratings
� Weighted average
� Factors such as rater trustworthiness/reputation, age of the rating, etc.
Discrete Trust Models� Discrete verbal statements for ratings instead of
continuous measures
� [Abdul-Rahman et al]
� Very Trustworthy, Trustworthy, Untrustworthy, Very Untrustworthy
� Lookup tables with entries for referred trust and referring party upgrade/downgrade
� No sound computational principles, instead heuristic mechanisms
4/1/2008
13
Bayesian Systems� Binary rating (positive/negative)� Beta PDF parameter tuple (a,b)
� a: amount of positive observations + 1� b: amount of negative observations + 1
� E(p) = a/(a+b)� Reputation is computed by statically updating beta PDF� Theoretically sound basis, too complex for average person
Belief Models� Belief theory
� Sum of probabilities over all possible outcomes not necessarily add up to 1
� Uncertainty (remaining probability)
� [Jøsang, 1999, 2001]� Belief/trust metric to express trust referrals
� Subjective logic� Discounting operator� Consensus operator
� Demo: http://sky.fit.qut.edu.au/~josang/sl/
aubE
udbaudbaudbw
A
x
A
x
+=
=++∈=
)(
1 , ]1,0[,,, ; ),,,(
ω
4/1/2008
14
Fuzzy Models� Linguistically fuzzy concepts
� Membership functions describe the degree of trustworthiness
Flow Models� Compute trust by transitive iteration through looped
or arbitrary long chains
� Usually constant trust/reputation weight for the whole community
� Increase is done at the cost of the others (normlization)
� E.g., PageRank, Appleseed, Advogato
� Score increase: incoming flow
� Score decrease: outgoing flow
4/1/2008
15
Web-Based Social Networks� Users explicitly express their relationships using built-in support by the
systems� Publicly available data that form a web of trust� Inferring trust in WBSN to integrate into applications [Golbeck 2006]
� Binary-value network� Infer trust of a source node in a sink node� Uses BFS and rounding average
� Show that accuracy is high for� g×pa > 0.5
Some Commercial and Live Reputation Systems
4/1/2008
16
eBay’s Feedback Forum (I)� Sellers and buyers rate each other (Positive/neutral/negative), Summation scoring
�
eBay’s Feedback Forum (II)� Ratings statistics [Resnick et al, 2002]
� 51.7 % of buyers and 60.6 % of sellers provide ratings
� Negative < 1 %, neutral < 0.5 %, positive ≈ 99 %!
� Very primitive, but works well� Serious sellers don’t want negative feedbacks
� Threat of negative feedback works better in favor of customer than actual negative feedback
� Ballot stuffing is a minor problem� Rating is only allowed after the completion of a transaction
� Fake transactions: eBay charges a fee for listing items
4/1/2008
17
Epinions� Review for consumer products� Product rating
� 1 to 5 stars + comment� Average scoring
� Review rating� Not helpful, somewhat helpful, helpful, very helpful� Average scoring
� Reviewer status� Member, advisor, top reviewer, category lead
� Income share program� Gives cash to reviewers with high number of very helpful
reviews
Epinions: Product Review
4/1/2008
18
Epinions: User Profile
Amazon� Different categories of reputation� Review product
� Logged-in users� Rating: 1 to 5 stars + comment� Average scoring
� Review ratings� Logged-in users� Helpful or not helpful� Reviewer score: number of “helpful” ratings
� Review seller/buyer� After transaction� Rating: 1 to 5 stars (positive, neutral, and negative) + comment� Average scoring
4/1/2008
20
Amazon: Buyer Feedback
Expert Sites� AllExperts
� A pool of individuals to answer questions in their area of expertise
� Rating [1,10] on knowledge, clarity, timeliness, and politeness aspects
� Score� Numerical average of ratings for each aspect
� Sum of all scores
� Number of answered questions
� Advogato� Centralized, Flow model
4/1/2008
21
More Theoretical Applications
Google’s PageRank� Rank pages based on a page’s reputation
� Calculate page reputation in an iterative process
� Each incoming link adds to the reputation by the amount of reputation of the source divided by the number of the nodes it points to
� ∑−
∈
++=
)( )(
)()()(
uNv vN
vRcucEuR
4/1/2008
22
Reputation in P2P Networks� Search phase
� central / distributed (pure P2P) / Fasttrack (node and supernode)
� RS can help to identify� Reliable resource providers
� Reliable servents recommenders
� RS can fight problems such as� Spreading malicious software
� Free riding
� Content poisoning
EigenTrust� Calculates a global reputation vector in P2P systems
� Each peer i calculates local trust value for peer j
� Trust values are aggregated based on the idea of transitive trust
∑=j
jkijik cct
∑=
−=
l
il
ij
ij
ij
s
sc
jiunsatjisats
)0,max(
)0,max(
),(),(
4/1/2008
23
TrustMail� Based on trust inference in WBSN� Filter email messages according to the trust value of the sender� Expect high coverage if users rate the people to whom they send
messages
TrustFilm� Based on trust inference in WBSN
� Weighted average of everyone’s rating based on their trust value
Minimum difference between known user rating and average rating
Rec
om
men
dat
ion
err
or
4/1/2008
24
Low Incentive for Providing Ratings� Problems like Free-riding could exist
� Some schemes exist that provide financial rewards for honest ratings
4/1/2008
25
Bias Toward Positive Rating� Exchange of courtesies
� Hope of getting positive in return
� Fear of retaliation
� Obvious solution: anonymous review
Unfair RatingsEndogenous discounting Exogenous discounting
� Comparing with the rating values themselves
� Assumption: unfair ratings can be recognized by their statistical properties
� Externally determined reputation
� Assumption: raters with low reputation are likely to give unfair ratings and vice versa
4/1/2008
26
Change of Identities� Assumption was that identities are long lived
� Penalize newcomers
� Difficult to distinguish between bad and good newcomer
Quality Variations Over Time� Discounting of the past
� Forgetting factor, aging factor, fading factor
� Longevity factor
� Can be a function of time or frequency of the transactions or both
4/1/2008
27
Discrimination� In service
� Good service for all but one
� Endogenous discounting can give false positive
� In ratings
� Equals to unfair ratings
Ballot Box Stuffing� More than legitimate number of ratings is provided
� eBay seems to provide good protection: only after transaction completion