Towards a human trust model for mobile ad-hoc networks

Rapid advances in wireless networking technologies have enabled mobile devices to be connected anywhere and anytime. While roaming, applications on these devices dynamically discover hosts and services with whom interactions can be started. However, the fear of exposure to risky transactions with unknown entities may seriously hinder collaboration. In order to advance the goal of anywhere-anytime computing, the exposure to risky transactions has to be reduced as much as possible. This requires the existence of a trust management framework that enables devices to form, maintain and exchange trust opinions. These opinions can then be used to customise the way interactions take place: for example, to decide from where to download a file, what service provider to contact, what access rights to grant, and so on. Trust is obviously not the only aspect that must be taken into account when making these decisions: the perceived risk inherent to a transaction, and the quality of service (QoS) requirements will all contribute to the final configuration decisions. However, feelings of trust, risk and QoS can be formed independently of each other, and thus dealt with separately, before being combined. At present, we are concerned with trust management issues only. A trust decision framework for mobile ad-hoc networks must be fully decentralised, as we cannot assume the existence of a trusted third party that can be contacted on demand to acquire reputation information about an entity. Approaches such as [4] cannot therefore be applied to the mobile setting, as they assume the existence of a central specification server where trust information is stored and used. The framework must be highly customisable, in order to capture the varying and complex natural disposition of an individual to trust into computer models; this should be achieved without causing disruption to the device computation and communication resources. Approaches such as [2] work well at the routing level, where trust decisions are automatic and homogeneous, but suffer severe limitations at the application level, where subjectivity in the decision making process becomes fundamental. Other approaches (e.g., [5]) deal with trust in a less automatic fashion, but they still fail to capture a variety of aspects peculiar to human trust (e.g., ways to recover from a bad reputation, natural disposition to trust unknown entities, etc.). Finally, a trust decision framework for mobile ad-hoc networks must be selfish: in a resource constrained environment, selfishness is likely to prevail over cooperation, for example, to save battery power. A trust management framework cannot therefore completely rely on the assumption that entities have a social conscience that will make them exchange reputation information whenever asked. This limits the applicability of approaches such as [1]. We are currently designing and formalising a trust management framework that meets these requirements. Our approach is completely decentralised: each entity acts as a self-contained unit, carrying along a portfolio of credentials derived from the past interactions of the entity, and that the entity uses to prove its trustworthiness to others. This portfolio is created and maintained during peer interactions, and can be used as the unique source of reputation information when having to make a trust decision, in case the social context is populated by a majority of selfish agents that are not willing to propagate reputation information. Finally, our model makes intensive use of customisable functions to adapt the behaviour of the trust management framework according to the agent’s disposition, thus capturing human models of trust in computer models. Altogether, these functions enable the model to semi-automatically derive new trust relationships from previously formed ones. In the following section, we provide a more detailed description of the major characteristics of this trust management framework.