A Framework for Concrete Reputation-Systems

In a reputation-based trust-management system, agents maintain information about the past behaviour of other agents. This information is used to guide future trust-based decisions about interaction. However, while trust management is a component in security decision-making, few existing reputation-based trust-management systems aim to provide any formal security-guarantees. We provide a mathematical framework for a class of simple reputation-based systems. In these systems, decisions about interaction are taken based on policies that are exact requirements on agents' past histories. We present a basic declarative language, based on pure-past linear temporal logic, intended for writing simple policies. While the basic language is reasonably expressive, we extend it to encompass more practical policies, including several known from the literature. A naturally occurring problem becomes how to efficiently re-evaluate a policy when new behavioural information is available. Efficient algorithms for the basic language are presented and analyzed, and we outline algorithms for the extended languages as well.

[1]  Ivan Damgård,et al.  A Quantum Cipher with Near Optimal Key-Recycling , 2005, CRYPTO.

[2]  Fred B. Schneider,et al.  Enforceable security policies , 2000, TSEC.

[3]  Gian Luigi Ferrari,et al.  History-Based Access Control with Local Policies , 2005, FoSSaCS.

[4]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[5]  Ivan Damgård,et al.  Secure Computing, Economy, and Trust: A Generic Solution for Secure Auctions with Real-World Applications , 2005 .

[6]  Joan Feigenbaum,et al.  The Role of Trust Management in Distributed Systems Security , 2001, Secure Internet Programming.

[7]  Yong Chen,et al.  Using Trust for Secure Collaboration in Uncertain Environments , 2003, IEEE Pervasive Comput..

[8]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[9]  Tiziano Villa,et al.  Multi-valued decision diagrams: theory and applications , 1998 .

[10]  Mogens Nielsen,et al.  On the Formal Modelling of Trust in Reputation-Based Systems , 2004, Theory Is Forever.

[11]  Riccardo Pucella,et al.  A logic for reasoning about digital rights , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[12]  Scott F. Smith,et al.  History Effects and Verification , 2004, APLAS.

[13]  Jean Goubault-Larrecq,et al.  Log auditing through model-checking , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[14]  Olivier Danvy,et al.  A Concrete Framework for Environment Machines , 2005 .

[15]  Vladimiro Sassone,et al.  A Calculus for Trust Management , 2004, FSTTCS.

[16]  Ivan Damgård,et al.  Cryptography in the bounded quantum-storage model , 2005, IEEE Information Theory Workshop on Theory and Practice in Information-Theoretic Security, 2005..

[17]  Albert R. Meyer,et al.  Word problems requiring exponential time(Preliminary Report) , 1973, STOC.

[18]  Olivier Danvy,et al.  On obtaining the Boyer-Moore string-matching algorithm by partial evaluation , 2006, Inf. Process. Lett..

[19]  Vitaly Shmatikov,et al.  Reputation-Based Trust Management ∗ , 2003 .

[20]  Vipin Chaudhary,et al.  History-based access control for mobile code , 1998, CCS '98.

[21]  Mogens Nielsen,et al.  Models for Concurrency , 1992 .

[22]  Grigore Rosu,et al.  Synthesizing Monitors for Safety Properties , 2002, TACAS.

[23]  Nils Klarlund,et al.  MONA Version 1.4 - User Manual , 2001 .

[24]  O. Danvy,et al.  A Syntactic Correspondence between Context-Sensitive Calculi and Abstract Machines , 2005 .

[25]  Úlfar Erlingsson,et al.  SASI enforcement of security policies: a retrospective , 1999, NSPW '99.

[26]  Cédric Fournet,et al.  Stack inspection: Theory and variants , 2003, TOPL.

[27]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[28]  U. Kohlenbach,et al.  General logical metatheorems for functional analysis , 2005 .

[29]  Philippe Schnoebelen,et al.  Temporal logic with forgettable past , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[30]  Lik Mui,et al.  Notions of reputation in multi-agents systems: a review , 2002, AAMAS '02.

[31]  Audun Jøsang,et al.  AIS Electronic Library (AISeL) , 2017 .

[32]  Olivier Danvy,et al.  On the dynamic extent of delimited continuations , 2005, Inf. Process. Lett..

[33]  A. Prasad Sistla,et al.  The complexity of propositional linear temporal logics , 1982, STOC '82.

[34]  Paul Resnick,et al.  Reputation systems , 2000, CACM.

[35]  Audun Jøsang,et al.  A survey of trust and reputation systems for online service provision , 2007, Decis. Support Syst..

[36]  Philip W. L. Fong Access control by tracking shallow execution history , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.