Credential Networks: a General Model for Distributed Trust and Authenticity Management

In large open networks, handling trust and authenticity adequately is an important prerequisite for security. In a distributed approach, all network users are allowed to issue various types of credentials, e.g. certificates, recommendations, revocations, ratings, etc. This paper proposes such a distributed approach, in which the evaluation of trust and authenticity is based on so-called credential networks. The corresponding formal model includes many existing trust models as special cases.1

[1]  Munindar P. Singh,et al.  Distributed Reputation Management for Electronic Commerce , 2002, Comput. Intell..

[2]  Pierre Marquis,et al.  A Perspective on Knowledge Compilation , 2001, IJCAI.

[3]  Adnan Darwiche,et al.  A compiler for deterministic, decomposable negation normal form , 2002, AAAI/IAAI.

[4]  Munindar P. Singh,et al.  An evidential model of distributed reputation management , 2002, AAMAS '02.

[5]  Stephen Hailes,et al.  Supporting trust in virtual communities , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[6]  A. Jøsang TRUST-BASED DECISION MAKING FOR ELECTRONIC TRANSACTIONS , 1999 .

[7]  P. Cochrane,et al.  The role of trust in protected mail , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  Peter Martini Kommunikation in Verteilten Systemen , 1987, Informatik-Fachberichte.

[9]  Kurt Rothermel,et al.  Architecture and Algorithms for a Distributed Reputation System , 2003, iTrust.

[10]  Kazuhisa Makino,et al.  On computing all abductive explanations , 2002, AAAI/IAAI.

[11]  Thomas Beth,et al.  Trust relationships in secure systems-a distributed authentication perspective , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Qing Zhang,et al.  A Classification Scheme for Trust Functions in Reputation-Based Trust Management , 2004, Trust@ISWC.

[13]  Thomas Beth,et al.  Valuation of Trust in Open Networks , 1994, ESORICS.

[14]  Rolf Haenni,et al.  Web of Trust: Applying Probabilistic Argumentation to Public-Key Cryptography , 2003, ECSQARU.

[15]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[16]  Rolf Haenni,et al.  Two-Layer Models for Managing Authenticity and Trust , 2007 .

[17]  Rolf Haenni,et al.  A Probabilistic Trust Model for GnuPG , 2006 .

[18]  Marek Sergot,et al.  Revocation in the privilege calculus , 2003 .

[19]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[20]  Judea Pearl,et al.  Probabilistic reasoning in intelligent systems , 1988 .

[21]  Philippe Smets Probability of Provability and Belief Functions , 1999 .

[22]  J. Abraham An Improved Algorithm for Network Reliability , 1979, IEEE Transactions on Reliability.

[23]  Ling Liu,et al.  PeerTrust: supporting reputation-based trust for peer-to-peer electronic communities , 2004, IEEE Transactions on Knowledge and Data Engineering.

[24]  C. Castelfranchi,et al.  Social Trust : A Cognitive Approach , 2000 .

[25]  David W. Chadwick,et al.  Merging and extending the PGP and PEM trust models-the ICE-TEL trust model , 1997, IEEE Netw..

[26]  Rolf Haenni,et al.  Towards a precise semantics for authenticity and trust , 2006, PST.

[27]  Rolf Haenni Anytime argumentative and abductive reasoning , 2003, Soft Comput..

[28]  Rolf Haenni,et al.  Unifying Logical and Probabilistic Reasoning , 2005, ECSQARU.

[29]  Ling Liu,et al.  A reputation-based trust model for peer-to-peer ecommerce communities , 2003, EC.

[30]  Rolf Haenni,et al.  Cost-bounded argumentation , 2001, Int. J. Approx. Reason..

[31]  Morris Sloman,et al.  A survey of trust in internet applications , 2000, IEEE Communications Surveys & Tutorials.

[32]  Audun Jøsang,et al.  An Algebra for Assessing Trust in Certification Chains , 1999, NDSS.

[33]  Rolf Haenni Using probabilistic argumentation for key validation in public-key cryptography , 2005, Int. J. Approx. Reason..

[34]  Audun J sang,et al.  An Algebra for Assessing Trust in Certi cation Chains , 1998 .

[35]  Rolf Haenni,et al.  Probabilistic Argumentation Systems , 2003 .

[36]  James A. Hendler,et al.  Reputation Network Analysis for Email Filtering , 2004, CEAS.

[37]  Rolf Haenni,et al.  A New Model for Public-Key Authentication , 2007, KiVS.

[38]  Ronggong Song,et al.  Trust in E-services: Technologies, Practices and Challenges , 2007 .

[39]  Butler W. Lampson,et al.  A Global Authentication Service without Global Trust , 1986, 1986 IEEE Symposium on Security and Privacy.

[40]  Mostafa H. Ammar,et al.  A reputation system for peer-to-peer networks , 2003, NOSSDAV '03.

[41]  H. Lei,et al.  A distributed trust model for e-commerce applications , 2005, 2005 IEEE International Conference on e-Technology, e-Commerce and e-Service.

[42]  Ueli Maurer,et al.  Confidence Valuation in a Public-Key Infrastructure Based on Uncertain Evidence , 2000, Public Key Cryptography.

[43]  Karl Aberer,et al.  Managing trust in a peer-2-peer information system , 2001, CIKM '01.

[44]  Ueli Maurer,et al.  Modelling a Public-Key Infrastructure , 1996, ESORICS.

[45]  Marc Branchaud,et al.  xTrust: A Scalable Trust Management Infrastructure , 2004, PST.

[46]  Audun Jøsang,et al.  Technologies for Trust in Electronic Commerce , 2004, Electron. Commer. Res..

[47]  Bernhard Anrig A Generalization of the Algorithm of Abraham , 2000 .

[48]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[49]  Michael K. Reiter,et al.  Authentication metric analysis and design , 1999, TSEC.

[50]  Klaus D. Heidtmann,et al.  Statistical Comparison of Two Sum-of-Disjoint-Product Algorithms for Reliability and Safety Evaluation , 2002, SAFECOMP.

[51]  Audun Jøsang,et al.  A survey of trust and reputation systems for online service provision , 2007, Decis. Support Syst..