Magentix2: A privacy-enhancing Agent Platform

Agent Platforms are the software that supports the development and execution of Multi-agent Systems. There are many Agent Platforms developed by the agent community, but they hardly consider privacy. This leads to agent-based applications that invade users’ privacy. Privacy can be threatened by two main information activities: information collection and information processing. Information collection can be prevented using traditional security mechanisms. Information processing can be prevented by minimizing data identifiability, i.e., the degree by which personal information can be directly attributed to a particular individual. However, minimizing data identifiability may directly affect other crucial issues in Multi-agent Systems, such as accountability, trust, and reputation. In this paper, we present the support that the Magentix2 Agent Platform provides for preserving privacy. Specifically, it provides mechanisms to avoid information collection and information processing when they are not desired. Moreover, Magentix2 provides these mechanisms without compromising accountability, trust, and reputation. We also provide in this paper an application built on top of Magentix2 that exploits its support for preserving privacy. Finally, we provide an extensive evaluation of the support that Magentix2 provides for preserving privacy based on that application. We specifically test whether or not privacy loss can be minimized by using the support that Magentix2 provides, whether or not this support introduces a bearable performance overhead, and whether or not existing trust and reputation models can be implemented on top of Magentix2.     

Design and implementation of a secure multi-agent marketplace

A multi-agent marketplace, MAGNET (Multi-AGent Negotiation Testbed), is a promising solution for conducting online combinatorial auctions. The trust model of MAGNET is somewhat different from other on-line auction systems since the marketplace, which mediates all communications between agents, acts as a partially trusted third party. We identify the security vulnerabilities of MAGNET and present a solution that overcomes these weaknesses. Our solution makes use of three different existing technologies with standard cryptographic techniques: a publish/subscribe system to provide simple and general messaging, time-release cryptography to provide guaranteed non-disclosure of the bids, and anonymous communication to hide the identity of the bidders until the end of the auction. Using these technologies, we successfully minimize the trust on the market as well as increase the security of the whole system. The protocol that we have developed can be adapted for use by other agent-based auction systems, that use a third party to mediate transactions.     

TREET: the Trust and Reputation Experimentation and Evaluation Testbed

To date, trust and reputation systems have often been evaluated using methods of their designers’ own devising. Recently, we demonstrated that a number of noteworthy trust and reputation systems could be readily defeated, revealing limitations in their original evaluations. Efforts in the trust and reputation community to develop a testbed have yielded a successful competition platform, ART. This testbed, however, is less suited to general experimentation and evaluation of individual trust and reputation technologies. In this paper, we present TREET, an experimentation and evaluation testbed based directly on that used in our investigations into security vulnerabilities in trust and reputation systems for marketplaces. We demonstrate the advantages of TREET, towards the development of more thorough, objective evaluations of trust and reputation systems.     

具备匿名性和信任评估的车联网数据转发方案

随着智能交通系统的快速发展以及车辆用户的持续增长,数据转发成为车联网的研究热点之一。然而车辆节点的高速移动,导致网络拓扑结构的快速变化以及网络持续连通性变差;此外由于车联网无线通信的属性,数据转发的内容以及车辆用户的信息很容易被窃听和泄露;同时存在一些车辆用户可能拒绝转发数据。因此,在车联网中如何保证数据转发的可靠性以及用户身份的隐私性和用户的参与性是非常重要的。提出了具备匿名性和信任评估的车联网数据转发方案,该方案利用无证书签名技术实现了区域车辆成员和路边单元的匿名认证,车辆通过路边单元将消息转发给可信机构（TA）,交通管理中心（TMC）评估接收到消息的可靠性后转发给相应的车辆节点,以此提高转发的及时性,最后可信机构通过消息的可靠性来计算车辆节点的信任等级并更新该车辆的信用账户。利用无证书签名技术降低了计算开销;通过TMC对消息进行分类评估实现了消息的可靠性及完整性;通过对其信用账户的更新提高了用户参与的积极性。安全性分析表明该方案实现了用户身份的认证性、匿名性、数据的可靠性、不可抵赖性及可追溯性。     

Collective Information Practice: Exploring Privacy and Security as Social and Cultural Phenomena

As everyday life is increasingly conducted online, and as the electronic world continues to move out into the physical, the privacy of information and action and the security of information systems are increasingly a focus of concern both for the research community and the public at large. Accordingly, privacy and security are active topics of investigation from a wide range of perspectives-institutional, legislative, technical, interactional, and more. In this article, we wish to contribute toward a broad understanding of privacy and security not simply as technical phenomena but as embedded in social and cultural contexts. Privacy and security are difficult concepts to manage from a technical perspective precisely because they are caught up in larger collective rhetorics and practices of risk, danger, secrecy, trust, morality, identity, and more. Reductive attempts to deal with these issues separately produce incoherent or brittle results. We argue for a move away from narrow views of privacy and security and toward a holistic view of situated and collective information practice.     

DART: A DISTRIBUTED ANALYSIS OF REPUTATION AND TRUST FRAMEWORK

Artificial societies—distributed systems of autonomous agents—are becoming increasingly important in open distributed environments, especially in e‐commerce. Agents require trust and reputation concepts to identify communities of agents with which to interact reliably. We have noted in real environments that adversaries tend to focus on exploitation of the trust and reputation model. These vulnerabilities reinforce the need for new evaluation criteria for trust and reputation models called exploitation resistance which reflects the ability of a trust model to be unaffected by agents who try to manipulate the trust model. To examine whether a given trust and reputation model is exploitation‐resistant, the researchers require a flexible, easy‐to‐use, and general framework. This framework should provide the facility to specify heterogeneous agents with different trust models and behaviors. This paper introduces a Distributed Analysis of Reputation and Trust (DART) framework. The environment of DART is decentralized and game‐theoretic. Not only is the proposed environment model compatible with the characteristics of open distributed systems, but it also allows agents to have different types of interactions in this environment model. Besides direct, witness, and introduction interactions, agents in our environment model can have a type of interaction called a reporting interaction, which represents a decentralized reporting mechanism in distributed environments. The proposed environment model provides various metrics at both micro and macro levels for analyzing the implemented trust and reputation models. Using DART, researchers have empirically demonstrated the vulnerability of well‐known trust models against both individual and group attacks.     

Achieving privacy in trust negotiations with an ontology-based approach

The increasing use of Internet in a variety of distributed multiparty interactions and transactions with strong real-time requirements has pushed the search for solutions to the problem of attribute-based digital interactions. A promising solution today is represented by automated trust negotiation systems. Trust negotiation systems allow subjects in different security domains to securely exchange protected resources and services. These trust negotiation systems, however, by their nature, may represent a threat to privacy in that credentials, exchanged during negotiations, often contain sensitive personal information that may need to be selectively released. In this paper, we address the problem of preserving privacy in trust negotiations. We introduce the notion of privacy preserving disclosure, that is, a set that does not include attributes or credentials, or combinations of these, that may compromise privacy. To obtain privacy preserving disclosure sets, we propose two techniques based on the notions of substitution and generalization. We argue that formulating the trust negotiation requirements in terms of disclosure policies is often restrictive. To solve this problem, we show how trust negotiation requirements can be expressed as property-based policies that list the properties needed to obtain a given resource. To better address this issue, we introduce the notion of reference ontology, and formalize the notion of trust requirement. Additionally, we develop an approach to derive disclosure policies from trust requirements and formally state some semantics relationships (i.e., equivalence, stronger than) that may hold between policies. These relationships can be used by a credential requestor to reason about which disclosure policies he/she should use in a trust negotiation.     

自治网络中信任信誉模型的安全现状研究

随着P2P网络、Ad hoc、无线传感器网络的深入研究,信任和信誉成为保障这类自治网络安全的一个重要手段.虽然信任信誉系统在自治网络中起到了重要的作用,但其采用了间接推荐等技术,给信任信誉带来很多安全问题.介绍了信任信誉模型的相关概念,总结了目前对信任信誉模型的新攻击手段,并针对这些攻击,比较分析了在自治网络环境中具备一定防御能力的典型信任信誉模型的各自防御方法、防御效果以及性能情况.最后,在分析了现有研究存在的主要问题的基础上,展望了今后提高信任信誉模型安全性研究的主要方向.     

基于Augur的交易者身份管理方案研究

随着物联网应用的快速发展,其安全问题也引起越来越多的关注.由于物联网设备众多,且信任机制缺失,物联网设备安全问题日益突出.区块链技术成为可能的解决途径.利用区块链技术的安全机制,物联网可以建立一套可信的加密系统,从而维护数据的安全.为探索如何利用区块链技术解决物联网设备安全问题,一个可行的解决方案是探索区块链应用的身份管理方案.本文通过对区块链应用Augur的身份管理技术进行研究,探索区块链应用的身份管理方案以及潜在风险,并针对Augur的身份管理方案潜在风险和设计缺陷攻击提出了一个基于信誉评估的安全解决方案.该方案选取了6个信誉指标和3种信誉计算方法,为交易者选择有效市场及其他Augur交易活动提供信誉依据.最后本文利用3个指标检验3种方法针对不同用户类型的评估准确度,为评估方法的选择提供了依据.     

一种基于联盟链的物联网匿名交易方案

针对物联网终端交易的跨平台、去中心化、隐私、安全需求,提出基于联盟链的匿名交易方案,确保用户身份隐匿。通过划分基础域和互联域实现中心化身份认证和去中心化交易;对身份认证,提出基于Merkle树的双因素认证方案,实现各节点身份与消息的去耦;针对通信中明文消息暴露用户身份问题,提出基于CoinJoin思想的聚合签名隐私保护方案,混淆交易身份,以抵抗身份关联分析攻击;最后针对一致性和记账权问题,提出基于信誉评价策略的共识机制。安全性与效率分析表明,所提方案能以较低存储和计算开销保护终端身份隐私。     

A trustworthy online recommendation system based on social connections in a privacy-preserving manner

Certain consumer websites provide reviews from previous buyers to help new customers make purchasing decisions. However, fake reviews can have an adverse impact on user trust. Most previous suggestions for addressing this problem are still subject to various security concerns in terms of privacy, reliability, and authenticity. To ensure the security of online review systems, this paper proposes the development of a secure online-evaluation method based on social connections to establish evaluation authenticity and provide protection against evaluation forgery while preserving the reviewer’s identity. The proposed method enables users to recognize evaluations from their friends to identify reviews from more trustworthy sources, and authenticates online reviews to prevent possible forgery. In addition, it preserves the privacy of friendship relationships from application server and other users and identifier relations between the personal identifier and online identifier. The proposed approach can be applied to Internet auctions and online games, and is shown to be secure and efficient, with sufficient matching probability to be practical.     

A survey on security issues and solutions at different layers of Cloud computing

Cloud computing offers scalable on-demand services to consumers with greater flexibility and lesser infrastructure investment. Since Cloud services are delivered using classical network protocols and formats over the Internet, implicit vulnerabilities existing in these protocols as well as threats introduced by newer architectures raise many security and privacy concerns. In this paper, we survey the factors affecting Cloud computing adoption, vulnerabilities and attacks, and identify relevant solution directives to strengthen security and privacy in the Cloud environment.     

Two Schemes of Privacy-Preserving Trust Evaluation

Trust evaluation computes trust values by collecting and processing trust evidence. It plays an important role in trust management that automatically ensures trust relationships among system entities and enhances system security. But trust evidence collection and process may cause privacy leakage, which makes involved entities reluctant to provide personal evidence that is essential for trust evaluation. Current literature pays little attention to Privacy-Preserving Trust Evaluation (PPTE). Existing work still has many limitations, especially on generality, efficiency and reliability. In this paper, we propose two practical schemes to guard privacy of trust evidence providers based on additive homomorphic encryption in order to support a traditional class of trust evaluation that contains evidence summation. The first scheme achieves better computational efficiency, while the second one provides greater security at the expense of a higher computational cost. Accordingly, two trust evaluation algorithms are further proposed to flexibly support different application cases. Specifically, these algorithms can overcome attacks raised by internal malicious evidence providers to some extent even though the trust evaluation is partially performed in an encrypted form. Extensive analysis and performance evaluation show the security and effectivity of our schemes for potential application prospect and their efficiency to support big data process.     

Is the influence of privacy and security on online trust the same for all type of consumers?

This article analyzes the relationships among online trust and two of its most important antecedents, namely privacy and security, and explains how consumers’ characteristics (gender, age, education and extraversion), moderate the influence of both privacy and security in online trust. This study expands previous literature by identifying the conditions under which perceived privacy and security are likely to have the greatest positive effects on consumer trust in the online retailer. Based on data from 398 online consumers, the results revealed that the influence of both privacy and security on online trust was stronger for male, younger, more educated, and less extraverted consumers. Implications for theory and management are discussed.     

Trustworthiness in electronic commerce: the role of privacy, security, and site attributes

While the growth of business-to-consumer electronic commerce seems phenomenal in recent years, several studies suggest that a large number of individuals using the Internet have serious privacy concerns, and that winning public trust is the primary hurdle to continued growth in e-commerce. This research investigated the relative importance, when purchasing goods and services over the Web, of four common trust indices (i.e. (1) third party privacy seals, (2) privacy statements, (3) third party security seals, and (4) security features). The results indicate consumers valued security features significantly more than the three other trust indices. We also investigated the relationship between these trust indices and the consumer's perceptions of a marketer's trustworthiness. The findings indicate that consumers' ratings of trustworthiness of Web merchants did not parallel experts' evaluation of sites' use of the trust indices. This study also examined the extent to which consumers are willing to provide private information to electronic and land merchants. The results revealed that when making the decision to provide private information, consumers rely on their perceptions of trustworthiness irrespective of whether the merchant is electronic only or land and electronic. Finally, we investigated the relative importance of three types of Web attributes: security, privacy and pleasure features (convenience, ease of use, cosmetics). Privacy and security features were of lesser importance than pleasure features when considering consumers' intention to purchase. A discussion of the implications of these results and an agenda for future research are provided.     

一种基于可信计算的P2P信誉管理模型

针对P2P信誉模型中的信任值管理问题,提出了一种基于可信计算的P2P信誉管理模型,通过采用分布式存储方式将所有信任值分布存储到整个网络中,并在信任值存储和传输协议中引入了DAA证明协议,从而使模型在实现高效的信任值管理的同时,具有身份认证性、状态可信性、数据安全性和可扩展性等特点.     

TruBeRepec: a trust-behavior-based reputation and recommender system for mobile applications

Mobile applications are software packages that can be installed and executed in a mobile device. Which mobile application is trustworthy for a user to purchase, download, install, execute or recommend becomes a crucial issue that impacts its final success. This paper proposes TruBeRepec, a trust-behavior-based reputation and recommender system for mobile applications. We explore a model of trust behavior for mobile applications based on the result of a large-scale user survey. We further develop a number of algorithms that are used to evaluate individual user’s trust in a mobile application through trust behavior observation, generate the application’s reputation by aggregating individual trust and provide application recommendations based on the correlation of trust behaviors. We show the practical significance of TruBeRepec through simulations and analysis with regard to effectiveness, robustness, and usability, as well as privacy.     

The effect of online privacy policy on consumer privacy concern and trust

This study aims to investigate trust and privacy concerns related to the willingness to provide personal information online under the influence of cross-cultural effects. This study investigated the relationships among the content of online privacy statements, consumer trust, privacy concerns, and the moderating effect of different cultural backgrounds of the respondents. In specific, this study developed a proposed model based on Privacy–Trust–Behavioral Intention model. Further, a total of 500 participants participated in the survey, including 250 from Russia and 250 from Taiwan. The findings indicate a significant relationship between the content of privacy policies and privacy concern/trust; willingness to provide personal information and privacy concern/trust; privacy concern and trust. The cross-cultural effect on the relationships between the content of privacy policies and privacy concern/trust was also found significant.     

A framework for enabling trust requirements in social cloud applications

Cloud applications entail the provision of a huge amount of heterogeneous, geographically distributed resources managed and shared by many different stakeholders who often do not know each other beforehand. This raises numerous security concerns that, if not addressed carefully, might hinder the adoption of this promising computational model. Appropriately dealing with these threats gains special relevance in the social cloud context, where computational resources are provided by the users themselves. We argue that taking trust and reputation requirements into account can leverage security in these scenarios by incorporating the notions of trust relationships and reputation into them. For this reason, we propose a development framework onto which developers can implement trust-aware social cloud applications. Developers can also adapt the framework in order to accommodate their application-specific needs.     

TRIMS,a privacy-aware trust and reputation model for identity management systems

Electronic transactions are becoming more important everyday. Several tasks like buying goods, booking flights or hotel rooms, or paying for streaming a movie, for instance, can be carried out through the Internet. Nevertheless, they are still some drawbacks due to security threats while performing such operations. Trust and reputation management rises as a novel way of solving some of those problems. In this paper we present our work TRIMS (a privacy-aware trust and reputation model for identity management systems), which applies a trust and reputation model to guarantee an acceptable level of security when deciding if a different domain might be considered reliable when receiving certain sensitive user’s attributes. Specifically, we will address the problems which surfaces when a domain needs to decide whether to exchange some information with another possibly unknown domain to effectively provide a service to one of its users. This decision will be determined by the trust deposited in the targeting domain. As far as we know, our proposal is one of the first approaches dealing with trust and reputation management in a multi-domain scenario. Finally, the performed experiments have demonstrated the robustness and accuracy of our model in a wide variety of scenarios.