Reputation: Difference between revisions

From
Jump to navigation Jump to search
No edit summary
No edit summary
Line 45: Line 45:
== Components of a Trust/Reputation System==
== Components of a Trust/Reputation System==
=== Information Gathering and Sharing ===
=== Information Gathering and Sharing ===

==== Identities ====
==== Identities ====
Sufficiently persistent identities are needed in order to get useful information about an identity's reputation.
Sufficiently persistent identities are needed in order to get useful information about an identity's reputation. Therefore it is important to consider, how a P2P network handles identities.
'''Anonymity''' can be on a varying scale. High anonymity results in very few information about a users history.
This conflicts with anonymity.
'''Spoof-Resistance' should be considered to prevent adversaries from impersonating other peers identities.
'''Unforgeable''' identifiers prevent whitewashing. Unforgeable ids are usually created by some trusted (potentially central) system entity.
=== Scoring and Ranking ===
=== Scoring and Ranking ===
=== Taking Action ===
=== Taking Action ===

Revision as of 22:05, 9 February 2006

Reputation and Trust in Peer-to-Peer Networks

This article deals with the problems and solutions of trusting strangers in a network. In a Network where you are transacting with identities you don't know, you have a problem when you need to know whether you really get what you want or not. To solve this problem you need a system which can tell you how suitable a peer is for your needs. Such a system can be called Trustsystem or Reputationsystem.

Example Scenarios

Filesharing: Peer A is part of a filesharing network and wants to get some data. Peer A searches and finds a couple of peers providing that data. Peer A needs to select a transaction partner. Which one to choose depends on the P2P network used. Usually things like speed or distance make up that decision. When it is important to get reliable data then the reputation of the providing peer is an important point.

"Expert"network: Peer A is part of a network that provides answers to questions by having experts taking part in it. Peer A has a question and some "experts" can answer it. It would be very nice, if Peer A could somehow know, how credible those experts are.

Network protection: A P2P network is usually open to everyone, so it is also open for malicious users who want to damage the network. They can do that depending on the architecture by flooding, providing wrong data, manipulating searches and so on. For the network to keep going well it needs to protect itself somehow. Restricting users depending on their reputation is a way to do so.

Reputation and Trust in general

Reputation is the general opinion of the public towards an entity. Reputation of an entity can vary for different topics and for different people. Usually someone with a high reputation is trusted more that someone with a low reputation.

Trust represents a relation between an expectation and the reality. Trust between transaction partners usually begins with no trust at all. But trust can be influenced by facts and opinions of others and builds up in time. It stabilises at a level that represents the whole history of that relation. It can also change immediately given a strong difference between expectation and reality. Usually there is a big difference between not trusting yet (due to lack of knowledge) and not trusting anymore (due to a bad history).

Reputation System The goals of an reputation system are to mitigate bad behaviour and to encourage good behaviour. To achieve this the system needs to have a knowledge about past behaviour, means to score and rank participants and means to react on that score. Our society is a such reputation system in a way.

Taxonomy of Trust

How can trust be measured?

Design-Characteristics for Reputationsystems in P2P Networks

Threats

Selfish users try to benefit without contributing. This is not really a threat, but a fact that needs to be minimized in order to build up a useful network.

Malicious users want to damage and destroy a network by using different techniques, which can be categorized as follows:

Traitors Collusion Front Peers Whitewashers Denial of Service

Components of a Trust/Reputation System

Information Gathering and Sharing

Identities

Sufficiently persistent identities are needed in order to get useful information about an identity's reputation. Therefore it is important to consider, how a P2P network handles identities. Anonymity can be on a varying scale. High anonymity results in very few information about a users history. Spoof-Resistance' should be considered to prevent adversaries from impersonating other peers identities. Unforgeable identifiers prevent whitewashing. Unforgeable ids are usually created by some trusted (potentially central) system entity.

Scoring and Ranking

Taking Action

Solutions

EigenTrust "Trustcurrency"

The Eigentrust Algorithm