A Framework for a Trusted
Environment for Virtual
Collaboration
1
Tharam S Dillon , Elizabeth Chang ,
Farookh Hussain
2
2
University of Technology, Sydney, Australia
Curtin University of Technology, Australia
1
2
it.uts.edu.au
Trust


A focal point in interpersonal
relationships in many domains
including Business, Sociology
and Psychology
Recent interest in Trust in the
Computer Science research
community
it.uts.edu.au
•
•
•
Applications in the Peer-to-Peer (P2P)
domain
Distinction between trust in other fields
and in computer science
Traditionally often involves physical
environments whilst Computer Science
involves virtual environments
it.uts.edu.au
Physical Environment Virtual Environment



Use various physical or
facial cues
Document or referral to
known authorities such
as credit agencies or
government
Inform the process of
trust establishment



Absence of physical
cues
The establishment of
centralised authorities
such as certification
authorities is still
evolving
May not always be
applicable
it.uts.edu.au
Four Factors Have
Created Urgency
(i)
(ii)
(iii)
(iv)
Peer-to-peer communication which
could be between anonymous peers
Virtual communities with the need
to protect the integrity of the
community
E-commerce which involves
business transactions on the
internet
Lastly cyber-terrorism which aims
at disrupting services
it.uts.edu.au
Security and Trust
Two distinct concepts;

•


Trust is the belief or faith that a peer has in another peer in a
given context that gives him/her confidence to carry out a
transaction with the trusted peer
in order to acquire trust in another entity, security
establishing mechanisms are used
Security refers to the process of enabling sheltered
communication between two communicating entities
Parties could resort to unfair practices that may be difficult to
detect until the completion of the transaction.
it.uts.edu.au
Security Establishing
Mechanisms




Help both the communicating parties
authenticate themselves
Help a party prove to it’s counterpart that
it is authorised to carry out the activity
To provide a means by which information
can be exchanged securely over the
internet
These mechanisms can be used by a
party to establish the identity of another
party
it.uts.edu.au
Types of Trust

Identity Trust
- Is the entity who it says it is?

Behaviour Trust
- Do you believe that the entity will
behave as you expect it to?

Hybrid Trust
- Characterises both identity trust
and behaviour trust
it.uts.edu.au
Existing Methods
•
•
•
•
•
•
•
•
Either propose a method to only establish identity trust or to only
establish behaviour trust between two peers.
None propose a method of establishing both identity trust and
behaviour trust of a peer.
Not clear that the existing trust models and trust protocols are
compatible with each other as each of them have their own
assumptions which contradict the assumption of others.
No work on trust relationships.
Many methods assume the existence of a central authority that
can authenticate the identity.
Do not address issues like the fault-tolerance of the central
authority, load balancing at the central authority.
Makes the system vulnerable against inappropriate behaviour by
the central trusted authority.
All of the proposed trust models do not consider the context
specific and dynamic nature of trust.
it.uts.edu.au

•
•
•
•
•
•
•
•
•
•
Some Trust Management Protocols
Proposed to establish trust between two communicating peers.
Singh et al [2003] propose the use of an anonymous P2P trust
management protocol.
Vulnerable to attacks like Repudiation Attacks, Self-trust Insertion
Attacks.
Do not propose any solution for countering the problem for
multiple for identities of peers (Clique Attacks).
Propose the use of a single server for authenticating the identity
of a peer and, therefore, has the problems referred to above.
Conelli et al [2003] proposes the use of a pseudonymous trust
management protocol for establishing identity trust between two
communicating peers.
Solves the problem of peer authentication when the identities of
the peers are pseudonymous.
Do not need any single server for the proper functioning of their
proposed protocol.
Do not provide a non-anonymous and anonymous protocol for
establishing trust between two peers.
Most of the P@P communication, involving final financial
transactions, is non-anonymous.
it.uts.edu.au
Some Trust Management Protocols



Need for a method to help a trusting peer avoid
the possibility of interacting with malicious peers.
Existing models do not consider the RISK factor
involved in an interaction before it occurs helping
a peer make a decision of whether to interact
with another peer.
Model risk in an interaction with a trusted peer
and based on the Expected Value of the
transaction (which takes in to account the risk
involved).
it.uts.edu.au
Conceptual Framework for Trust, Reputation
in Peer-to-Peer Communications and
Trust Models

Definitions of Trust

Definition of Reputation


An Ontology Based Approach to
allow Shared Conceptualisation
of Contexts for Trust
Generic Management Protocol
it.uts.edu.au
Definitions of Trust

-
Characteristics of peer-to-peer
communication:
Anonymity / non-anonymity / pseudonymity of peers
Decentralised nature of communication
Heterogeneous nature of individual peers
Definition of trust for P2P communications:
-
-
-
The belief that the trusting peer has in the willingness and
capability of the trusted peer, to behave in a given context,
and at a given point of time, as expected by trusting peer.
A trusting peer as a human entity who controls resources and
1
who reposes his faith in some other human entity.
Trusted peer as a human entity who controls resources and in
whom faith is reposed by some other entity.
it.uts.edu.au
Definition of Reputation


-
-




If the two interacting peers may not have interacted
with each other previously;
Do not know the trustworthiness of each other.
Reputation mechanisms help in filling this gap by:
Providing the trusted peer an idea of the
trustworthiness of the trusting peer
Providing the trusting peer an idea of the
trustworthiness of the trusted peer
Interacting peers, “as peers who are communicating or
having a transaction with each in order to attain certain
objectives”
Reputation Querying Peer, “as the peer who is
querying about the reputation of another peer”
Reputation Queried Peer, “as peer whose reputation is
being queried by the Reputation Querying Peer”
Witness Peer (or) Reputation Responding Peer, “as a
peer who knows about trustworthiness of the
reputation queried peer based on its direct interaction
with the reputation queried peer”
it.uts.edu.au
Reputation Query





It is associated with exactly one reputation
querying peer
It may be associated with more than one
reputation queried peer
One or more than one witness peer may reply to
the reputation query
Define reputation of a peer as “the perceived
trustworthiness of the reputation queried peer as
advised by the witness peers, in a given context
and at a given point of time”
Trustworthiness assigned by the trusting peer to
the trusted peer, becomes reputation of the
trusted peer, when the trusting peer conveys this
to other peers.
it.uts.edu.au
An Ontology Based Approach to allow
Shared Conceptualization of Contexts
for Trust






Existing trust models do not model trust in a
given situation in isolation from the trust in other
situations.
Not context-dependent
Use of ontology for having a shared
understanding of the different contexts
Possible that the same context is referred to in
different ways
Have a shared understanding of the different
context is with an ontology
Ontology provides semantic meaning to a context
and helps to have a shared understanding of a
given context, between different peers, in a
distributed decentralized environment
it.uts.edu.au




Example – transaction where a logistics company
A wants to use warehouse of B located at Detroit,
after which it assigned a particular
trustworthiness value and the context as ‘Storing
the goods’.
Another peers asks Peer A about the reputation
of Peer B in the context of ‘Renting Warehouse
space’
Use of an ontology for mapping the various
terminology used to refer to a given context as it
is not possible otherwise to reach a consensus
referring to a given context in a distributed
environment.
Ontology provides semantics to a context and a
shared understanding of the context.
it.uts.edu.au
Generic Trust Management Protocol
for Peer-to-Peer (P2P) Communication







A framework for managing the identity of a peer (Identity
Trust)
Identity Trust is defined as the trust that the trusting peer has
in the trusted peer that indicates the extent to which the
trusting peer believes that the identity claimed by the trusted
peer, belongs to it.
Trust management protocol will enable a peer to ensure that
identity of another peer.
Applicable to Anonymous Peer-to-Peer Communication,
Pseudonymous Peer-to-Peer Communication and NonAnonymous Peer-to-Peer Communication
Ensure that the Trust Management Protocol is resilient to
attacks like Self-Trust Insertion Attacks, Sybil Attack, and
Clique Attacks apart from nullifying the possibility of
Repudiation Attacks, Ensuring Integrity of Message,
Impersonation Attacks and Replay attacks.
Protocol should be partially decentralized / completely
decentralized.
Should be portable to most / all P2P applications irrespective
of the domain of the application.
it.uts.edu.au






Making a trusting decision of whether to trust another
peer; various factors need to be considered
Identify all the factors that a peer needs to consider
when making a trusting decision
Develop a trust support system with the trust
management protocol and the trust model as its base
Enable a peer to make a decision of whether to trust
another peer or not.
Risk involved in interacting with a given trusted peer
(say A) will be assessed.
Outcome of the previous interaction with the trusted
peer (say A) and the recommendations received from
other peers whom the trusting peer trusts to give
recommendations, will be utilised.
it.uts.edu.au
Generic Framework for assigning a
trustworthiness value to a peer after
interaction




A generic framework with the help of which the
trusting peer can assign a trustworthiness value
to the trusted peer.
Mathematical representations in terms of rough
set theory to assign a trustworthiness value to a
peer
A methodology for assigning trustworthiness
value to a peer
An algorithms which model trust and helps a
trusting peer assign a certain degree of
trustworthiness to another peer, based on the
mathematical model of trustworthiness
it.uts.edu.au
Peer to Peer Trust Modelling






A pictorial language to model the trust relationship
between two peers.
The use of Trust Class Diagrams, Trust Case
Diagrams and Trust Transition Diagrams to model the
various attributes of the trust relationships
The concept of trust tuple – define a trust tuple as: ‘An
ordered set of attributes of a trust relationship that
conveys information about the trust relationship’
Generic form of the trust tuple along with the order of
the trust attributes, and this is as follows: [Trusting
Peer, Trusted Peer, Context, Type of Trust,
Trustworthiness, Start Time, End Time]
Make use of the use case symbol, for depicting the
trust tuple associated with the trust relationship.
Define a trust case as a use case that is used to
symbolize the trust tuple of a given trust relationship.
Finally, we define a trust case diagram as an extension
to the existing use case diagram in UML that can
model the trust relationships
it.uts.edu.au






Use of Trust Class Diagrams to model the attributes of
the trust relationships between two peers along with
the attributes of the peers involved in the trust
relationship.
Need just two notations from the class diagrams in
UML, namely class and association relationship
Propose slight modifications to the existing UML
semantics of class and the association relationships
Peer may have a trust relationship with more than one
peer
A trusting peer may have multiple trust relationships
with the trusted peer each in a different context
Trust relationships with multiple (more than one) peers
can be modeled using the trust modeling diagrams
it.uts.edu.au
Trust Relationships in Peer-to-Peer
(P2P) Systems






Trust in simple terms can be defined as the confidence
that the trusting peer has in the trusted peer’s ability
and willingness to do something in a way that it wishes
to do.
Lead to a bond or link between the two peers
We term this link that is created between two peers
due to the trust that one has in the other as trust
relationship
Trust relationship as ‘a bond or association between
the involved peer/s, which signifies the trust between
the involved peer/s’
Trust relationship between two peers is an outcome of
the trust that one peer has in the other.
All the characteristics of trust like, context dependent
nature of trust and event based nature of trust would
the characteristics of trust relationships as well.
it.uts.edu.au
Issues
Peer-to-Peer systems (P2P): the
next-generation of the Internet.
E-commerce will be carried out
over the P2P rather than in a
client-server environment.
Many trust models have been
proposed to assist the task of
establishing trust between two
communicating peers. However,
no research work on modeling
of the trust has done.
it.uts.edu.au
Methods of Representing Trust Relationships



Using a natural language
Using a pictorial
presentation
Using a Modeling language
Currently, no modeling methods or
tools available for modeling the
trust
it.uts.edu.au
Trust Model
Attributes







The trusting peer in the trust
relationship;
The trusted peer in the trust
relationship;
Context of the trust relationship;
Type of social relationships;
Trustworthiness;
Start time
End time
it.uts.edu.au
Definition of Trust in P2P
Trust as the belief that the trusting
peer has in the trusted peer’s
willingness and capability, in a
given context and at a give point
in time to behave as it expects.
The Trust or Belief is quantified by the
trustworthiness
it.uts.edu.au
Definition of Trust in P2P
Trusting Peer
Context
Trust
Relationship
TimeFrame
Trusted Peer
it.uts.edu.au
Definition of Trust in P2P
Trusting Peer
M
M
Trust
1
Context
Relationship
M TimeFrame
M
Trusted Peer
it.uts.edu.au
Definition of Trust in P2P
Trusting Peer
Trusting Peer
. Attributes
M
Trustworthness
. Level
Trust
Context
M
1
. Context 1 (…..)
Context
. Context 2 (……)
Relationship
. Value
Frame
M Time
TimeFrame
. Period (StartTime, EndTime
M
Trusted
Peer
Trusted
Peer
. Status (pervious, current)
. Attributes
it.uts.edu.au
Definition of Trust in P2P
Trusting Peer
Trusting Peer
. Attributes
Relationship
M
. Social Trust Type (Self Trust,
Trustworthness
. Level
Trust
. Value
1
PersonalTrust,
Context
M
. Context 1 (…..)
Context
. Context 2 (……)
Relationship
EnterpriseTrust,
Frame
M Time
Federated Trust)
TimeFrame
. Confidence (implicit, explicit)
. Period (StartTime, EndTime
. Status (pervious, current)
M
. Nature ( mutual,
transitive,
historical)
Trusted
Peer
Trusted Peer
. Attributes
it.uts.edu.au
Complexity of the Trust Relationship







For one relationship, there may be
multiple peers
Between two peers there may be
more than one trust relationships
Each trust relationship has own
context, own attributes and values
For the same contact, there may be
several social relationships exist,
A peer may have trust relationships
with multiple peers
A peer may involve in multiple
relationships with multiple peers
Trust relationship may change and
trust value may change, depend on
different time period
it.uts.edu.au
Trust Modelling







Model the trust relationship
Model the peer(s)
Model the context
Model attributes
Model the dynamism of the
relationships
Model a trust repository (trust
databases)
Population of Trust DB
it.uts.edu.au
Introducing Trust Tuple


A generic method for
representing all the attributes of
trust between two peers
The elements of Trust Tuple :
Trust [Trusting Peer, Trusted
Peer, Context, Type of Trust
Relationship, Trustworthiness,
Start Time, End Time, Status]
it.uts.edu.au
Trust Modeling

Trust Relationship Diagram

Trust Property Diagram

Trust State Diagram
it.uts.edu.au
Trust Relationship Diagrams -1

The trusting peer and trusted
peers are denoted by trust
actors
R
Trusting
Peer
Alice
Trusted
Peer
(Alice, Bob, [Hybrid Trust,
Reputation Trust, Mutual Trust,
Positive Trust],5,15/07/2003,Not
R (Alice,
Bob, )
Known
Bob
Account_Payable,
[Enterprise Trust, Mutual,
Implicit,], 5, 15/07/2003,
Nil, current)
it.uts.edu.au
Trust Relationship Diagrams -2


Relationship is represented by trust
tuples
Trust Relationship with multiple peers
(Alice,Bob,’Document
Storing’,[Behavior
trust,Personal trust,Mutual
trust,Negative trust,4,
11/12/2002,Not Known])
Alice
Bob
Trusting
Peer
(Alice,Micheal,’Document
Storing’,[Behavior
Trust,Personal Trust,
Mutual Trust,Positive
Trust,6,
11/12/1002, Not Known)
Michael
it.uts.edu.au
Trust Relationship Diagrams -3


Relationship is represented by trust tuples
Multiple Trust Relationship with one peer
(Alice, Bob, Educational
Document Sharing , [Behaviour
Trust,Personal Trust , Mutual
Trust , Negative Trust ] ,3,
05/07/2003, Not Known)
Trusting
Peer
Alice
Bob
(Alice, Bob, Music File Sharing ,
[Behaviour Trust ,Reputation
Trust, Mutual Trust , Positive
Trust ] ,5,
15/12/2000 , Not Known)
it.uts.edu.au
Trust Property Diagrams -1

Trusting
Peer
Peer
Attribute
s
Trust
Relationship
repository
The trusting peer and
trusted peers are denoted by
trust classes
Alice
______________
Bob
_____________
Speed :1 GHz
Location :Australia
_________________
(Alice, Bob[ Hybrid
Trust, Reputation
Trust, Mutual trust,
Positive Trust],5,15/
07/2003/Not Known)
Speed :205 MHz
Location :US
_____________
NIL
it.uts.edu.au
Trusted
Peer
Trust Property Diagrams - 2

A Peer may be a trusting peer and a trusted peer
between other peers.
Hurry is a
Trusted peer
as well as
Trusting Peer
Association Trust
Relationship between two
peers
Jenice
____________________
Memory: 40 GB
Location: Indonesia
____________________
(Jenice,Harry,File
Transfer,[ Hybrid Trust,
Recommendation Trust,
Group Trust, Negative
Trust],5,15/07/2003,Not
Known)
Harry
___________________
Speed: 205 MHz
Location: Australia
RAM: 256 MB
___________________
(Harry,Bob,File
Transfer,[Identity
Trust,Personal
Trust,Mutual
Trust,Positive
Trust],5,15/07/2003,Not
Known)
it.uts.edu.au
Trust Property Diagrams - 3


A peer may have multiple relationship with
Multiple Peers
Modeling Multiple Trust Relationships between
Peers
A Peer
involves
multiple R
with Multiple
Peers
Alice
______________________
Location :Australia
______________________
(Alice, Bob, ’Document
Sharing’,[Behavior Trust,
Personal Trust, Mutual
Trust, Negative Trust,4,
11/12/2004,Not Known])
(Alice, Micheal, ’Document
Sharing’,[ Behaviour Trust,
Personal Trust, Mutual
Trust, Positive Trust,6,
11/12/2004,Not Known])
Bob
______________
Speed :1GHz
______________
NIL
Michael
______________
Memory :40 GB
______________
NIL
it.uts.edu.au
Trust State-Transition Diagrams
for Modeling Dynamic Nature of Trust


Trust is not static but dynamic and may change with time
Trust Transition Diagrams can be used to model this dynamic
Start
nature of trust.
R (Alice, Bob, sell-computers, [Personel Trust,
Mutual, Implicit,], 5, 15/07/2003- , current)
R (Alice, Bob, sell-computers, [Personal Trust,
Mutual, Implicit,], 5, 15/07/2003- 15/12/03,
previous)// 2, 15/12/03-, current
R (Alice, Bob, sell-computers, [Personal Trust,
Mutual, Implicit,], 5, 15/07/2003, 15/12/03,
previous)// 2, 15/12/03-1/01/04, previous
a state is used to
represent the
status or condition
of a trust
relationship
 a trust transition
as a transition
between two trust
states that denotes
the change in the
status of a trust
relationship

it.uts.edu.au
Summary



Use Trust Tuple for Trust
Modeling, make it easy to
classify the Trust and Trust
Relationship
Preliminary proposal
Future work,



formalize the notations, concepts &
Relationships,
develop supporting tools
auto generation of Trust Data
Repository for P2P communication
it.uts.edu.au
Other work published



Automated method for
assigning Trust Value after
an Interaction over the P2P
Development of Trust
Protocol
Trust management and
Protocol Management
www.fit.curtin.edu.au
it.uts.edu.au
We present 9 Factors


We look at the factors that
can influence the trust and
trust relationships between
peers.
We catalogue these factors
into three components, the
relationship between these
Components and how that
could influence the trust.
it.uts.edu.au
Trust, Trust Relationships &
Trustworthiness
Trust
Is qualified
Trust: the belief that the trusting peer has in the
trusted peer’s willingness and capability, in a given
context and at a give point in time to behave as it
expects
The intensity of the
relationship.
Trustworthiness as “as a numerictrust
value
that depicts
the level of trust in a relationship (between
peers)
The ratingtwo
conveys
at a given time period in a given
context
and
how strong
the Trust
depends upon the intrinsic type of peers in a trusted
The strength of the
relationship.”
relationship
Trustworthiness
1
1
Trust Relationship
context dependent
Trust relationship: ‘a bond or association
time
dependent
between the involved peer/s, which
signifies
the
trust between the involved peer/s’dynamic
transitive
it.uts.edu.au
asymmetric
Factors that influence the Trust
Psycho Components of Trust
Experience
. Psychological nature
Reputation
Personal Interaction
. Trusted Reputation
. Expected Behavior
. Unknown Reputation
. Correlation
. Attitude towards P2P_EC
. Positive Reputation
. History of Interactions with peer
. Negative Reputation
it.uts.edu.au
Trusted Peer
Psychologic
al Nature of
the Trusting
Peer
Attitude of
the
Trusting
Peer
Towards
Peer-toPeer ECommerc
e
Pre-Interaction Factors
Trusting Peer
Previous
Interac
tions
Trusted
Reputa
tion
Unkno
wn
Reputa
tion
Posit
ive
Rep
utati
on
Negati
ve
Reputa
tion
Expected
Correlatio

Reputation obtained from peers
who it trusts
Behavior
n
to give accurate recommendations. We term them
trustworthy peers, and regard it as Trustworthy
Reputation
Personal Interaction
Reputation Factors

Reputation
obtained from peers whoFactors
it does
not trust to give accurate recommendations. We
term them as untrustworthy peers and regard it as
Untrustworthy Reputation .
 Reputation obtained from peers with whom
it does not have an experience of soliciting Add weights on
reputations. We term them unknown peers the
andTrustworthy
regard it as Unknown Reputation .
reputation and
unknown
it.uts.edu.au
reputation
Trusted Peer
Psychologic
al Nature of
the Trusting
Peer
Attitude of
the
Trusting
Peer
Towards
Peer-toPeer ECommerc
e
-Interaction Factors
Previous
Interac
tions
Unkno
Posit
Negati
Trusted
ve
ive to every
wn query
 Broadcasts
a
one in the
network, Correlatio
and receive
Expected
Reputa
Reputa
Rep
Reputa
tion
Behavior
n
tion value
utati
responses
with
tiona reputation
on
 The trustworthy peers and the unknown peers can give a
positive or negative recommendation about the trusted peer.
Personal Interaction
 We disregards the reputation obtained fromFactors
un-trustworthy
peers
Reputation Factors
 Based on previous interaction in the context of soliciting
recommendations of peers, one can expect the reputation
value communicated by Peers is correct and not fraudulent
Trusting Peer
it.uts.edu.au
Trusted Peer
Psychologic
al Nature of
the Trusting
Peer
Attitude of
the
Trusting
Peer
Towards
Peer-toPeer ECommerc
e
Previous
Interac
tions
Trusted
Reputa
tion
-Interaction Factors
Unkno
wn
Reputa
tion
Posit
ive
Rep
utati
on
Negati
ve
Reputa
tion
Reputation Factors
Expected
Behavior
Correlatio
n
Personal Interaction
Factors
. Expected Behavior: ‘the mutually anticipated conduct of the
trusted peer prior to its interaction with the trusting peer’.
mutually agreed
. Correlation: ‘the degree of parallelism between the expected
demeanor of the trusted peer and actual demeanor of the
trusted peer during interaction’.
Trusting Peer
The greater the correlation between these two factors, the higher will be the
trustworthiness value
it.uts.edu.au
Factors and Components that influence Trust and Trust Relationships
Reputation Factors
Experience
Pre-Interaction Factors
Positive
Reputation
Psychologi
cal nature
of Trusting
Peer
Attitude of the
trusting peer
towards P2P
E-Commerce
Above 9 Factors:
Previous
Interacti
ons
Negative
Reputation
Personal Interaction
Factors
Expected
Behavior
Trusted
Reputation
Correlation
Unknown
Reputation
Potential Contributions:
- Influence the decision of whether or not to trust the trusted peer
The factors are independent
The factors
are not independent.
The way they
dependent are
- helping
antonymous
computing
inareP2P
shown
by
the
arrows
- Determine the attributes of trust relationship between the peers
- Understand the constraints and limitation
- Determine trustworthiness of the trusted peer
it.uts.edu.au
- Understand factors that influence
the Trust Values



Classify a rating that
communicates the intensity of the
trust relationship as the
trustworthiness of the trust
relationship
Rating conveys how strong the
trust relationship between the two
peers is
Define trustworthiness as “a
numeric value that depicts the level
of trust between two peers at a
given time period in a given
context and depends upon the
intrinsic type of peers in a trusted
relationship”
it.uts.edu.au
Conclusion







Definition of Trust
Reputation
A framework for trust modelling
A trust protocol
Develop a trusted environment for virtual
collaboration
proposed nine factors of trust in Peer-toPeer E-Commerce and catalogued them
into three classes (components).
future work is underway. The
implementation of multi-agent system
allow a trust is built, maintained and
destroyed using these factors.
it.uts.edu.au