Trust and reputation systems represent a significant trend in decision support for Internet mediated service provision. The basic idea is to let parties rate each other, for example after the completion of a transaction, and use the aggregated ratings about a given party to derive a trust or reputation score, which can assist other parties in deciding whether or not to transact with that party in the future. A natural side effect is that it also provides an incentive for good behaviour, and therefore tends to have a positive effect on market quality. Reputation systems can be called collaborative sanctioning systems to reflect their collaborative nature, and are related to collaborative filtering systems. Reputation systems are already being used in successful commercial online applications. There is also a rapidly growing literature around trust and reputation systems, but unfortunately this activity is not very coherent. The purpose of this article is to give an overview of existing and proposed systems that can be used to derive measures of trust and reputation for Internet transactions, to analyse the current trends and developments in this area, and to propose a research agenda for trust and reputation systems.

Reputation systems can be tricked by the spread of false reputation ratings, be it false accusations or false praise. Simple solutions such as exclusively relying on one's own direct observations have drawbacks, as they do not make use of all the information available. We propose a fully distributed reputation system that can cope with false disseminated information. In our approach, everyone maintains a reputation rating and a trust rating about everyone else that they care about. From time to time first-hand reputation information is exchanged with others; using a modified Bayesian approach we designed and present in this paper, only second-hand reputation information that is not incompatible with the current reputation rating is accepted. Thus, reputation ratings are slightly modified by accepted information. Trust ratings are updated based on the compatibility of second-hand reputation information with prior reputation ratings. Data is entirely distributed: someone's reputation and trust is the collection of ratings maintained by others. We enable redemption and prevent the sudden exploitation of good reputation built over time by introducing re-evaluation and reputation fading.

The SECURE project is investigating the design of security mechanisms for pervasive computing based on the human notion of trust. Our work addresses how entities that encounter each other in unfamiliar, pervasive computing environments can overcome initial suspicion to allow secure collaboration to take place. 1

Trust is an integral component in many kinds of human interaction, allowing people to act under uncertainty and with the risk of negative consequences. For example, exchanging money for a service, giving access to your property, and choosing between conflicting sources of information all may utilize some form of trust. In computer science, trust is a widelyused term whose definition differs among researchers and application areas. Trust is an essential component of the vision for the Semantic Web, where both new problems and new applications of trust are being studied. This paper gives an overview of existing trust research in computer science and the Semantic Web.

When transacting and interacting through open computer networks, traditional methods used in the physical world for establishing trust can no longer be used. Creating virtual network substitutes with which people, organisations and software agents can derive trust in other parties requires computerised analysis of the underlying trust networks. This article describes an approach to trust network analysis using subjective logic (TNA-SL), that consists of the three following elements. Firstly it uses a concise notation with which trust transitivity and parallel combination of trust paths can be expressed. Secondly it defines a method for simplifying complex trust networks so that they can be expressed in this concise form. Finally it allows trust measures to be expressed as beliefs, so that derived trust can be automatically and securely computed with subjective logic. We compare our approach with trust derivation algorithms that are based on normalisation such as PageRank and EigenTrust. We also provide a numerical example to illustrates how TNA-SL can be applied.

Transacting and interacting through computer networks makes it difficult to use traditional methods for establishing trust between parties. Creating substitutes by which people, organisations and software agents can derive trust in others through computer networks requires computerised analysis of trust topologies. This paper describes diverse dimensions of trust that are needed for analysing trust topologies, and provides a notation with which to express trust relationships in terms of these dimensions. The result is a simple way of specifying topologies of trust from which derived trust relationships can be automatically and securely computed.

(To my parents, Lloyd and Pearline) The Internet is now being used for commercial, social and educational interactions, which previously relied on direct face-to-face contact to establish trust relationships. Consequently, there is a need to establish and evaluate trust relationships relying only on electronic interactions over the Internet. For example, trust plays an important role in all e-commerce interactions. Customers must trust that sellers will provide the services they advertise, and will not disclose private customer information. Trust in the supplier’s competence and honesty will influence the customer’s decision as to which supplier to choose. Sellers must trust that the buyer is able to pay for goods or services, is authorised to make purchases on behalf of an organisation or is not underage for accessing services or purchasing certain goods. Thus, trust management has to be an intrinsic part of e-commerce for it to achieve the same acceptance levels as traditional commerce. However, business transactions span multiple organisations, possibly in different countries and not all of these administrative domains may be trusted to the same degree. A domain may need to support a range of different trust relationships and hence

Abstract. Without trust, pervasive devices cannot collaborate effectively, and without collaboration, the pervasive computing vision cannot be made a reality. Distributed trust frameworks may support trust and thus foster collaboration in an hostile pervasive computing environment. Existing frameworks deal with foundational properties of computational trust. We here propose a distributed trust framework that satisfies a broader range of properties. Our framework: (i) evolves trust based on a Bayesian formalization, whose trust metric is expressive, yet tractable; (ii) is lightweight; (iii) protects user anonymity, whilst being resistant to “Sybil attacks ” (and enhancing detection of two collusion attacks); (iv) integrates a risk-aware decision module. We evaluate the framework through four experiments. 1

Using decentralized reputation systems is a promising approach to ensuring cooperation and fairness in Mobile Ad-Hoc Networks. However, they are vulnerable to liars and robustness has not been analyzed in detail. With our work, we provide a first step to the analysis of a reputation system based on a deviation test. Nodes accept second hand information only if this does not differ too much from their reputation values. Whereas our earlier paper [13] dealt with a simplified one-dimensional model, we now consider the original two-dimensional system. We show that the system exhibits a phase transition: In the subcritical regime, it is robust and lying has no effect. In the supercritical regime, lying does have an impact. We compute the critical values via a mean-field approach and use simulations to verify our results. Thus, we obtain conditions for the deviation test to make the reputation system robust and provide guidelines for a good choice of parameters. 1.

To describe the concept of transitive trust in a simplified way, assume that agent A trusts agent B, and that agent B trusts agent C, then by transitivity, agent A trusts agent C. Trust transitivity manifests itself in various forms during real life human interaction, but can be challenging to concisely model in a formal way. In this paper we describe principles for expressing and analysing transitive trust networks, and define requirements for their validity. This framework can be used for modelling transitive trust in computerised interactions, and can be combined with algebras and algorithms for computing propagation of both trust and distrust. This is illustrated by an example where transitive trust is mathematically analysed with belief calculus.