For dowload this book click BUTTON or LINK below https://textbookfull.com/product/trust-managementix-9th-ifip-wg-11-11-international-conferenceifiptm-2015-hamburg-germanymay-26-28-2015-proceedings-1st-edition-christiandamsgaard-jensen/ OR CLICK BUTTON
More products digital (pdf, epub, mobi) instant download maybe you interests ...
ICT Systems Security and Privacy Protection 30th IFIP TC 11 International Conference SEC 2015 Hamburg Germany May 26 28 2015 Proceedings 1st Edition Hannes Federrath
https://textbookfull.com/product/ict-systems-security-andprivacy-protection-30th-ifip-tc-11-international-conferencesec-2015-hamburg-germany-may-26-28-2015-proceedings-1st-editionhannes-federrath/
Trust Management XIII 13th IFIP WG 11 11 International Conference IFIPTM 2019 Copenhagen Denmark July 17 19 2019 Proceedings Weizhi Meng
https://textbookfull.com/product/trust-management-xiii-13th-ifipwg-11-11-international-conference-ifiptm-2019-copenhagen-denmarkjuly-17-19-2019-proceedings-weizhi-meng/
Computer and Computing Technologies in Agriculture IX 9th IFIP WG 5 14 International Conference CCTA 2015 Beijing China September 27 30 2015 Revised Selected Papers Part I 1st Edition Daoliang Li
https://textbookfull.com/product/computer-and-computingtechnologies-in-agriculture-ix-9th-ifip-wg-5-14-internationalconference-ccta-2015-beijing-china-september-27-30-2015-revisedselected-papers-part-i-1st-edition-daoliang-li/
Environmental Software Systems Infrastructures Services and Applications 11th IFIP WG 5 11 International Symposium ISESS 2015 Melbourne VIC Australia March 25 27 2015 Proceedings 1st Edition Ralf Denzer
https://textbookfull.com/product/environmental-software-systemsinfrastructures-services-and-applications-11th-ifipwg-5-11-international-symposium-isess-2015-melbourne-vicaustralia-march-25-27-2015-proceedings-1st-edition-ralf-denz/
Open Source Systems Adoption and Impact 11th IFIP WG 2
13 International Conference OSS 2015 Florence Italy May 16 17 2015 Proceedings 1st Edition Ernesto Damiani
https://textbookfull.com/product/open-source-systems-adoptionand-impact-11th-ifip-wg-2-13-international-conferenceoss-2015-florence-italy-may-16-17-2015-proceedings-1st-editionernesto-damiani/
Health Information Science 4th International Conference
HIS 2015 Melbourne Australia May 28 30 2015 Proceedings 1st Edition Xiaoxia Yin
https://textbookfull.com/product/health-information-science-4thinternational-conference-his-2015-melbourne-australiamay-28-30-2015-proceedings-1st-edition-xiaoxia-yin/
Codes Cryptology and Information Security First
International Conference C2SI 2015 Rabat Morocco May 26 28 2015 Proceedings In Honor of Thierry Berger 1st Edition Said El Hajji
https://textbookfull.com/product/codes-cryptology-andinformation-security-first-internationalconference-c2si-2015-rabat-morocco-may-26-28-2015-proceedings-inhonor-of-thierry-berger-1st-edition-said-el-hajji/
Algorithms and Complexity 9th International Conference CIAC 2015 Paris France May 20 22 2015 Proceedings 1st Edition Vangelis Th. Paschos
https://textbookfull.com/product/algorithms-and-complexity-9thinternational-conference-ciac-2015-paris-francemay-20-22-2015-proceedings-1st-edition-vangelis-th-paschos/
Data Driven Process Discovery and Analysis 5th IFIP WG
2 6 International Symposium SIMPDA 2015 Vienna Austria December 9 11 2015 Revised Selected Papers 1st Edition Paolo Ceravolo
https://textbookfull.com/product/data-driven-process-discoveryand-analysis-5th-ifip-wg-2-6-international-symposiumsimpda-2015-vienna-austria-december-9-11-2015-revised-selectedpapers-1st-edition-paolo-ceravolo/
Christian Damsgaard Jensen Stephen Marsh
Theo Dimitrakos Yuko Murayama (Eds.)
Trust Management IX 9th IFIP WG 11.11 International Conference, IFIPTM 2015 Hamburg, Germany, May 26–28, 2015 Proceedings
IFIPAdvancesinInformation andCommunicationTechnology Editor-in-Chief
KaiRannenberg,GoetheUniversity,Frankfurt,Germany
EditorialBoard
FoundationofComputerScience
JacquesSakarovitch,TélécomParisTech,France
Software:TheoryandPractice
MichaelGoedicke,UniversityofDuisburg-Essen,Germany Education
ArthurTatnall,VictoriaUniversity,Melbourne,Australia
InformationTechnologyApplications
ErichJ.Neuhold,UniversityofVienna,Austria CommunicationSystems
AikoPras,UniversityofTwente,Enschede,TheNetherlands SystemModelingandOptimization
FrediTröltzsch,TUBerlin,Germany InformationSystems
JanPries-Heje,RoskildeUniversity,Denmark ICTandSociety
DianeWhitehouse,TheCastlegateConsultancy,Malton,UK ComputerSystemsTechnology
RicardoReis,FederalUniversityofRioGrandedoSul,PortoAlegre,Brazil SecurityandPrivacyProtectioninInformationProcessingSystems
YukoMurayama,IwatePrefecturalUniversity,Japan
Arti ficialIntelligence
TharamDillon,CurtinUniversity,Bentley,Australia
Human-ComputerInteraction
JanGulliksen,KTHRoyalInstituteofTechnology,Stockholm,Sweden
EntertainmentComputing
MatthiasRauterberg,EindhovenUniversityofTechnology,TheNetherlands
IFIP – TheInternationalFederationforInformationProcessing IFIPwasfoundedin1960undertheauspicesofUNESCO,followingtheFirstWorld ComputerCongressheldinParisthepreviousyear.Anumbrellaorganizationfor societiesworkingininformationprocessing,IFIP’saimistwo-fold:tosupportinformationprocessingwithinitsmembercountriesandtoencouragetechnologytransferto developingnations.Asitsmissionstatementclearlystates,
IFIP’smissionistobetheleading,trulyinternational,apoliticalorganizationwhich encouragesandassistsinthedevelopment,exploitationandapplicationofinformationtechnologyforthebenefitofallpeople.
IFIPisanon-profitmakingorganization,runalmostsolelyby2500volunteers.It operatesthroughanumberoftechnicalcommittees,whichorganizeeventsandpublications.IFIP’seventsrangefromaninternationalcongresstolocalseminars,butthe mostimportantare:
• TheIFIPWorldComputerCongress,heldeverysecondyear;
• Openconferences;
• Workingconferences.
The flagshipeventistheIFIPWorldComputerCongress,atwhichbothinvitedand contributedpapersarepresented.Contributedpapersarerigorouslyrefereedandthe rejectionrateishigh.
AswiththeCongress,participationintheopenconferencesisopentoalland papersmaybeinvitedorsubmitted.Again,submittedpapersarestringentlyrefereed.
Theworkingconferencesarestructureddifferently.Theyareusuallyrunbya workinggroupandattendanceissmallandbyinvitationonly.Theirpurposeisto createanatmosphereconducivetoinnovationanddevelopment.Refereeingisalso rigorousandpapersaresubjectedtoextensivegroupdiscussion.
PublicationsarisingfromIFIPeventsvary.ThepaperspresentedattheIFIPWorld ComputerCongressandatopenconferencesarepublishedasconferenceproceedings, whiletheresultsoftheworkingconferencesareoftenpublishedascollectionsof selectedandeditedpapers.
Anynationalsocietywhoseprimaryactivityisaboutinformationprocessingmay applytobecomeafullmemberofIFIP,althoughfullmembershipisrestrictedtoone societypercountry.FullmembersareentitledtovoteattheannualGeneralAssembly, Nationalsocietiespreferringalesscommittedinvolvementmayapplyforassociateor correspondingmembership.Associatemembersenjoythesamebenefitsasfullmembers,butwithoutvotingrights.CorrespondingmembersarenotrepresentedinIFIP bodies.Affiliatedmembershipisopentonon-nationalsocieties,andindividualand honorarymembershipschemesarealsooffered.
Moreinformationaboutthisseriesathttp://www.springer.com/series/6102
ChristianDamsgaardJensen • StephenMarsh
TheoDimitrakos • YukoMurayama(Eds.)
9thIFIPWG11.11
InternationalConference,IFIPTM2015
Hamburg,Germany,May26–28,2015
Proceedings
Editors
ChristianDamsgaardJensen TechnicalUniversityofDenmark Lyngby
Denmark
StephenMarsh UniversityofOntario Oshawa,ON
Canada
TheoDimitrakos BTResearch&Innovation
Ipswich
UK
YukoMurayama IwatePrefecturalUniversity
Takizawa
Japan
ISSN1868-4238
ISSN1868-422X(electronic)
IFIPAdvancesinInformationandCommunicationTechnology
ISBN978-3-319-18490-6ISBN978-3-319-18491-3(eBook) DOI10.1007/978-3-319-18491-3
LibraryofCongressControlNumber:2015937744
SpringerChamHeidelbergNewYorkDordrechtLondon © IFIPInternationalFederationforInformationProcessing2015 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartofthe materialisconcerned,specificallytherightsoftranslation,reprinting,reuseofillustrations,recitation, broadcasting,reproductiononmicrofilmsorinanyotherphysicalway,andtransmissionorinformation storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodologynow knownorhereafterdeveloped.
Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse.
Thepublisher,theauthorsandtheeditorsaresafetoassumethattheadviceandinformationinthisbookare believedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsortheeditors giveawarranty,expressorimplied,withrespecttothematerialcontainedhereinorforanyerrorsor omissionsthatmayhavebeenmade.
Printedonacid-freepaper
SpringerInternationalPublishingAGSwitzerlandispartofSpringerScience+BusinessMedia (www.springer.com)
Preface DearReader
WelcometotheIFIPTM2015Proceedings!
Thisvolumecontainstheproceedingsofthe9thIFIPWorkingGroup11.11 InternationalConferenceonTrustManagement.TheconferencewasheldinHamburg, Germany,May26–28,2015.
IFIPTMisatrulyglobalconference,spanningresearch,development,policy,and practicefortheincreasinglyimportantareasoftrustmanagementandcomputational trust.Giventhebreadthofapplicationoftheseareas,andtruetoourhistorical underpinningsestablishedatthe firstIFIPTMconferencein2007,IFIPTM2015 focusedonseveralareas,includingtrustandreputationandmodelsthereof,therelationshipbetweentrustandsecurity,socio-technicalaspectsoftrust,reputation,and privacy,trustinthecloud,andbehavioralmodelsoftrust.
Theconferencereceived28submissionsfromawidevarietyofcountries,including France,Germany,TheNetherlands,UK,Algeria,Norway,Singapore,Greece,Denmark,China,Japan,Malaysia,Luxembourg,Romania,China,USA,Australia,and Canada.Everysubmissionwassubjectedtoathoroughpeerreviewprocess,withat leastthreeandmostoftenfourreviewsperpaper.Followingtheseweacceptedeight longand fiveshortpapers(anacceptancerateforlongpapersof32%).Inaddition, sinceIFIPTMwascolocatedwiththeIFIPSECconference,wesolicitedtwopapers fromSECthatweremoresuitablefortheTrustManagementarea,eachofwhichwas alsoreviewedbyIFIPTMProgramCommitteemembers.Theresultingprogramis broadandwehopestimulatingfortheattendeesandyourself.
IFIPTMalsohostseveryyeartheWilliamWinsboroughCommemorativeAddress inmemoriamofouresteemedcolleagueProf.WilliamWinsborough.Theawardis giventoanindividualwhohassignifi cantlycontributedtotheareasofcomputational trustandtrustmanagement.In2015,theWorkingGroupwaspleasedtohostProf. EhudGudesofBen-GurionUniversityoftheNegev,whokeynotedtheconferenceand providedanextendedabstractwhichcanbefoundintheseproceedings.
Inadditiontopapersandkeynoteaddress,IFIPTMhostedatutorialonidentityand accessmanagementbyProf.AudunJøsangoftheUniversityofOslo,aspecialsession onDataProtection,Privacy,andTransparencyorganizedbyDr.RehabAlnemrfrom HPLabsandDr.CarmenFernández-GagofromUniversityofMálagaandkeynotedby MaritHansen,DeputyChiefofUnabhängigesLandeszentrumfürDatenschutz,Germany.Finally,theconferencehostedaspecialsessiononTrustedCloudEcosystems organizedandchairedbyDr.TheoDimitrakosofBT,fromwhichpapersanda messagefromDr.Dimitrakosareincludedintheseproceedings.
Conferencesaremultiheadedbeasts,andassuchrequireateamofdedicatedpeople totamethem.ToourProgramCommitteeandassociatedreviewers,whodelivered thoughtful,insightfulandverymuchontimereviews,ourthanks.Thisyearwehave beenluckytoworkwithtrulyprofessionalandhelpfulWorkshop,tutorial,Posterand
Demonstration,Publicity,andLiaisonChairs.SinceIFIPTMiscolocatedwithIFIP SEC,thetaskoflocalorganizationandregistrationfellontheIFIPSECteam,notably Dr.DominikHerrmannoftheUniversityofHamburg,towhom,specialthanksfor puttingupwithourfrailties.ThanksalsototheUniversityofHamburgforproviding thefacilities.
Noconferencewouldsucceedwithoutauthors.Toallofthosewhosubmitted,our thanksandcongratulationsforbeingpartofagrowing,important,andvibrantresearch area.Therearemany,manyconferencesforwhichtrustislistedaseitherakeyoran associatedareaofinterest,andwearekeenlyawareoftheapplicabilityoftrustand trustmanagementtoagreatmanyaspectsofcomputersecurity,HumanComputer Interaction,privacy,thesocialsciences,andbeyond.Wecontinuetotrytobuild IFIPTMasacross-disciplinaryconferenceofchoice,andappreciateyoursupport.
Formoreinformationontheworkinggroup,pleasevisit http://www.i fiptm.org/.
Wehopeyouenjoytheconferenceandtheproceedings.
March2015 StephenMarsh ChristianDamsgaardJensen
IFIPTrustManagementIX 9thIFIPWG11.11InternationalConference onTrustManagement,2015 Hamburg,Germany
May26–28,2015
GeneralChairs
TheoDimitrakosSecurityResearchCentre,BTGroupCTO andUniversityofKent,UK
YukoMurayamaIwatePrefecturalUniversity,Japan
ProgramChairs
ChristianDamsgaardJensenTechnicalUniversityofDenmark,Denmark
StephenMarsh UniversityofOntarioInstituteofTechnology, Canada
WorkshopandTutorialChairs
SheikhMahbubHabibTechnischeUniversitätDarmstadt,Germany
Jan-PhilippSteghöferGöteborgUniversity,Sweden
PosterandDemonstrationChairs
DhirenPatelNITSurat,India
AudunJøsangUniversityofOslo,Norway
PanelandSpecialSessionChairs
Jean-MarcSeigneurUniversityofGeneva,Switzerland MasakatsuNishigakiShizuokaUniversity,Japan
PublicityChairs
TimMullerNanyangTechnologicalUniversity,Singapore AnirbanBasuKDDIR&DLaboratories,Japan
GraduateSymposiumChairs
NuritGal-OzSapirAcademicCollege,Israel JieZhangNanyangTechnologicalUniversity,Singapore
LocalOrganizationChair DominikHerrmannUniversityofHamburg,Germany
ProgramCommittee
RehabAlnemr
HPLabsBristol,UK
ManHoAu HongKongPolytechnicUniversity,HongKong
AnirbanBasu KDDIR&DLaboratories,Japan
ElisaBertino PurdueUniversity,USA
PamelaBriggs NorthumbriaUniversity,UK
DavidChadwick UniversityofKent,UK
PiotrCofta
LynneCoventry NorthumbriaUniversity,UK
FrédéricCuppens TELECOMBretagne,France
TheoDimitrakos SecurityResearchCentre,BTGroupCTO andUniversityofKent,UK
NatashaDwyer VictoriaUniversity,Australia
BabakEsfandiari CarletonUniversity,Canada
RinoFalcone InstituteofCognitiveSciencesandTechnologies, Italy
HuiFang
NanyangTechnologicalUniversity,Singapore
CarmenFernández-GagoUniversityofMálaga,Spain
JosepFerrer UniversitatdelesIllesBalears,Spain
SimoneFischer-HübnerKarlstadUniversity,Sweden
SaraForesti Università degliStudidiMilano,Italy
NuritGal-Oz SapirAcademicCollege,Israel
DieterGollmann HamburgUniversityofTechnology,Germany
StefanosGritzalis UniversityoftheAegean,Greece
EhudGudes Ben-GurionUniversityoftheNegev,Israel
SheikhMahbubHabibCASED/TechnischeUniversitätDarmstadt, Germany
OmarHasan UniversityofLyon,France
PeterHerrmann NTNUTrondheim,Norway
XinyiHuang FujianNormalUniversity,China
RoslanIsmail UniversitiTenagaNasional,Malaysia
ValerieIssarny Inria,France
ChristianDamsgaardJensenTechnicalUniversityofDenmark,Denmark
AudunJøsang UniversityofOslo,Norway
YuecelKarabulut VMware,USA
TracyAnnKosa UniversityofOntarioInstituteofTechnology, Canada
CostasLambrinoudakisUniversityofPiraeus,Greece
GabrieleLenzini
SnT/UniversityofLuxembourg,Luxembourg
JosephLiu MonashUniversity,Australia
YangLiu NanyangTechnologicalUniversity,Singapore
JavierLopez UniversityofMálaga,Spain
StephenMarsh UniversityofOntarioInstituteofTechnology, Canada
FabioMartinelli IIT-CNR,Italy
SjoukeMauw UniversityofLuxembourg,Luxembourg
WeizhiMeng InstituteforInfocommResearch(I2R),Singapore
MaxMühlhäuser TechnischeUniversitätDarmstadt,Germany
TimMuller NanyangTechnologicalUniversity,Singapore
YukoMurayama IwatePrefecturalUniversity,Japan
WeeKeongNg NanyangTechnologicalUniversity,Singapore
MasakatsuNishigakiShizuokaUniversity,Japan
ZeinabNoorian UniversityofSaskatchewan,Canada
DhirenPatel
NITSurat,India
GüntherPernul UniversitätRegensburg,Germany
SiniRuohomaa UniversityofHelsinki,Finland
PierangelaSamaratiUniversità degliStudidiMilano,Italy
Jean-MarcSeigneurUniversityofGeneva,Switzerland
MuratSensoy ÖzyeğinUniversity,Turkey
KetilStølen SINTEF,Norway
TimStorer UniversityofGlasgow,UK
MaheshTripunitaraTheUniversityofWaterloo,Canada
ClaireVishik IntelCorporation,UK
IanWakeman UniversityofSussex,UK
ShouhuaiXu UniversityofTexasatSanAntonio,USA
JieZhang NanyangTechnologicalUniversity,Singapore
JianyingZhou InstituteforInfocommResearch(I2R),Singapore
ExternalReviewers
NaipengDongNationalUniversityofSingapore,Singapore
IdaMariaHaugstveitSINTEF,Norway
RaviJhawarUniversityofLuxembourg,Luxembourg
SpyrosKokolakisUniversityoftheAegean,Greece
FranciscoMoyanoUniversityofMálaga,Spain
AidaOmerovicSINTEF,Norway
RubenRios UniversityofMálaga,Spain
AggelikiTsohouIonianUniversity,Greece
DongxiaWangNanyangTechnologicalUniversity,Singapore
YangZhangUniversityofLuxembourg,Luxembourg
Contents WinsboroughAwardInvitedPaper
Reputation-fromSocialPerceptiontoInternetSecurity...............3 EhudGudes
FullPapers
MathematicalModellingofTrustIssuesinFederatedIdentityManagement ....13 Md.SadekFerdous,GethinNorman,AudunJøsang,andRonPoet
SimpleandPracticalIntegrityModelsforBinariesandFiles............30 YongzhengWuandRolandH.C.Yap
EnablingNAME-BasedSecurityandTrust.........................47 NikosFotiouandGeorgeC.Polyzos
TrustDrivenStrategiesforPrivacybyDesign......................60 ThibaudAntignacandDanielLeMétayer
LightweightPracticalPrivateOne-WayAnonymousMessaging..........76 AnirbanBasu,JuanCamiloCorena,JaideepVaidya,JonCrowcroft, ShinsakuKiyomoto,StephenMarsh,YungShinVanDerSype, andToruNakamura
Privacy-PreservingReputationMechanism:AUsableSolutionHandling NegativeRatings...........................................92 PaulLajoie-Mazenc,EmmanuelleAnceaume,GillesGuette, ThomasSirvent,andValérieVietTriemTong
ObscuringProvenanceConfidentialInformationviaGraphTransformation...109 JamalHussein,LucMoreau,andVladimiroSassone
SocialNetworkCultureNeedstheLensofCriticalTrustResearch........126 NatashaDwyerandStephenMarsh
PredictingQualityofCrowdsourcedAnnotationsUsingGraphKernels.....134 ArchanaNottamkandath,JasperOosterman,DavideCeolin, GerbenKlaasDirkdeVries,andWanFokkink
AnArchitectureforTrustworthyOpenDataServices..................149 AndrewWong,VickyLiu,WilliamCaelli,andTonySahama
ShortPapers 1,2,Pause:LetsStartbyMeaningfullyNavigatingtheCurrentOnline AuthenticationSolutionsSpace.................................165 IjlalLoutfiandAudunJøsang
DataConfidentialityinCloudStorageProtocolBasedonSecret SharingScheme:ABruteForceAttackEvaluation...................177 AlexandruButoi,MirceaMoca,andNicolaeTomai
TheDetailofTrustedMessages:RetweetsinaContextofHealth andFitness...............................................185 NatashaDwyerandStephenMarsh
ReusableDefenseComponentsforOnlineReputationSystems...........195 JohannesSänger,ChristianRichthammer,ArturRösch, andGüntherPernul
ContinuousContext-AwareDeviceComfortEvaluationMethod..........203 JingjingGuo,ChristianDamsgaardJensen,andJianfengMa
SpecialSession:TowardTrustedCloudEcosystems
Foreword:TowardsTrustedCloudEcosystems......................215 TheoDimitrakos
ACloudOrchestratorforDeployingPublicServicesontheCloud – TheCase ofSTRATEGICProject............................................217 PanagiotisGouvas,KonstantinosKalaboukas,GiannisLedakis, TheoDimitrakos,JoshuaDaniel,GéryDucatel, andNuriaRodriguezDominguez
IntegratingSecurityServicesinCloudServiceStores.................226 JoshuaDaniel,FadiEl-Moussa,GéryDucatel,PramodPawar, AliSajjad,RobertRowlingson,andTheoDimitrakos
BuildinganEco-SystemofTrustedServicesviaUserControl andTransparencyonPersonalData..............................240 MicheleVescovi,CorradoMoiso,MattiaPasolli,LorenzoCordin, andFabrizioAntonelli
Security-as-a-ServiceinMulti-cloudandFederatedCloudEnvironments....251 PramodS.Pawar,AliSajjad,TheoDimitrakos,andDavidW.Chadwick
TheRoleofSLAsinBuildingaTrustedCloudforEurope.............262 AnaJuanFerrerandEnricPagesiMontanera
Reputation-fromSocialPerception toInternetSecurity EhudGudes(B)
Ben-GurionUniversity,84105Beer-Sheva,Israel
ehud@cs.bgu.ac.il
Abstract. Reputationisaconceptthatweuseinmanyaspectsofour sociallifeandaspartofourdecisionmakingprocess.Weusereputation inourinteractionwithpeopleorcompanieswedonotknowandweuseit whenwebuymerchandizeorreservearoominahotel.However,reputationplaysalsoanimportantroleintheinternetsocietyandenablesusto establishtrustwhichisessentialforinteractioninthevirtualworld.ReputationhasseveralimportantaspectssuchasAggregation,Identityand Transitivitywhichmakeitapplicableincompletelydifferentdomains. Inthispresentationweshowtheuseoftheseaspectsinseveraldifferent domainsanddemonstrateitwithourownpreviousandcurrentresearch onreputation.
Agoodnameismoredesirablethangreatriches; tobeesteemedisbetterthansilverorgold. Proverbs22:1
1Introduction Reputationisakeyconceptinoursociallife.Manyofourdaytodaydecisionssuchaswhichbooktobuyorwhichphysiciantoconsultwitharebased onTrust.Thistrustisbasedeitheronourowndirectexperienceorwhensuch directexperienceislacking,onotherpeople(whoseopinionwevalue)direct experience.Howeverwhennosuchdirectorindirectexperienceisavailablewe tendtorelyonanaggregatedopinionofalargesetofpeopleoracommunity whichismanifestedasReputation.Reputationplaysalsoamajorroleinvirtualcommunitiesandsocialnetworks.Attemptstotarnishreputationinsocial networkshavecausedmuchdamagetopeopleinrecentyears(severalcasesof suicidehavebeenreportedasaresultoftarnishedreputation).Somaintaininga goodonlinereputationbecomesacriticalissueforbothpeopleandbusinesses. Theexistenceofeasilyaccessiblevirtualcommunitiesmakesitbothpossibleand legitimatetocommunicatewithtotalstrangers.Suchinteractionhowevermust bebasedontrustwhichisusuallybasedonpersonalexperience.Whensuch experienceisnotreadilyavailable,oneoftenreliesonreputation.Thus,computingreputationtocaptureacommunity’sviewpointisanimportantchallenge. Reputationhasbecomeakeycomponentofseveralcommercialsystemssuch asE-bay[3].Also,quiteafewmodelsfortrustandreputationweredeveloped.
c IFIPInternationalFederationforInformationProcessing2015 C.D.Jensenetal.(Eds.):IFIPTM2015,IFIPAICT454,pp.3–10,2015. DOI:10.1007/978-3-319-18491-3 1
Differentmodelsusedifferentconceptualframeworksincludingsimpleaverage ofratings,bayesiansystems,beliefmodels[11]whichenabletherepresentation ofuncertaintyinrating,flowmodelsinwhichtheconceptoftransitivetrustis centralsuchasEigen-trust[13]andPage-rank[16]andgroup-basedmodelssuch astheKnotmodel[7].Inthispresentationwediscussthreeimportantaspectsof reputationandshowhowtheyareusedindifferentdomains.Whilethefirsttwo domainswediscussinvolvereputationofreal-lifeusers,thethirddomaindeals withabstractentities,internetdomains,yetcomputingandusingreputationin thisdomainissimilartoitsuseinthesocialdomain.
Thefirstaspectwedealwithistheuseofreputationaspartofan Identity Inthesocialdomains,reputationisanimportantpartofapersonidentity,and theidentityofapersondeterminesitspermittedactions.Anexpertprogrammer maygainmoreaccessrightstoanopensourcecodemanagedbysomecompany, asherreputationincreases.Suchrightsmaybereviewormodifycodeatdifferentlevels.OurfirstdomainthenistheAuthorizationdomainandtheuse ofreputationforfine-grainedaccesscontrol.InSect. 2 wepresentsomemodels whichusereputationaspartofauseridentityandconsideritinmakingaccess controldecisions.
Thesecondaspectweexamineis Aggregation.Mostreputationcomputationalmodelsusesomeformofaggregationofratingstocomputethereputation[12].However,suchaggregationisusuallydonewithinasinglecommunity.In real-life,usersmaybeactiveinseveralcommunitiesandtoprotecttheirprivacy, usersmayusedifferentidentitiesindifferentcommunities.Amajorshortcomings isthatusereffortstogainagoodreputationinonecommunityarenotutilized inothercommunitiestheyareactivein.Anothershortcomingistheinabilityof onecommunitytolearnaboutthedishonestbehaviorofsomememberasidentifiedbyothercommunities.Thustheneedarisestoaggregatereputationfrom multiplecommunities.WedevelopedtheCross-CommunityReputation(CCR) modelforthesharingofreputationknowledgeacrossvirtualcommunities[5, 6, 9]. TheCCRmodelisaimedatleveragingreputationdatafrommultiplecommunitiestoobtainmoreaccuratereputation.Itenablesnewvirtualcommunities torapidlymaturebyimportingreputationdatafromrelatedcommunities.The useofAggregationintheCCRmodelisdiscussedinSect. 3
Thethirdaspectwediscussis Transitivity,animportantpropertyoftrust whichhasimplicationsonthecomputationofreputation.Itenablesustocomputereputationnotonlyfromourownexperienceorourfriendsexperience butalsofromour“friendsoffriends”experience,etc.Severalflowmodelsfor computingreputationwhilepracticingthetransitivityproperty,havebeenpublished,includingEigen-trust[13]andPage-rank[16].Ouruniquecontribution hereisintransferringtheseideastothecomputationofInternetdomainsreputation.Today’sinternetworldisfullofthreatsandmalware.Hackersoftenuse variousdomainstospreadandcontroltheirmalware.Thedetectionofthesemisbehavingdomainsisdifficultsincethereisnotimetocollectandanalyzetraffic datainreal-time,thustheiridentificationaheadoftimeisveryimportant.We usetheterm domainreputation toexpressameasureofourbeliefthatadomain
isbenignormalicious.ComputingdomainreputationbyusingtheTransitivity propertyandaFlowalgorithmwasinvestigatedbyus[15]andwillbediscussed inSect. 3.
2Identity-ReputationandAccessControl Conventionalaccesscontrolmodelslikerolebasedaccesscontrolaresuitable forregulatingaccesstoresourcesbyknownusers.However,thesemodelshave oftenfoundtobeinadequateforopenanddecentralizedmulti-centricsystems wheretheuserpopulationisdynamicandtheidentityofallusersarenotknown inadvance.Forsuchsystems,theremustbe,inadditiontouserauthentication,sometrustmeasureassociatedwiththeuser.Suchtrustmeasurecanbe representedbytheuserreputationasoneattributeofitsidentity.Chakraborty andRay[2]presentedTrustBAC,atrustbasedaccesscontrolmodel.Itextends theconventionalrolebasedaccesscontrolmodelwiththenotionoftrustlevels. Usersareassignedtotrustlevelsinsteadofrolesbasedonanumberoffactors likeusercredentials,userbehaviorhistory,userrecommendationetc.Trustlevelsareassignedtoroleswhichareassignedtopermissionsasinrolebasedaccess control.InTrustbac,whenthereputationofauserdecreasesbecauseofpast actions,itsassignmenttotheoriginalrolemaynotbevalidanymoreandanew rolewithlesspermissionsisassignedbythesystem.Anexampleofsuchscenario inthedigitallibrarydomainisgivenin[2].Theswitchingofrolesmaynotbe desirableinallcases.Inamedicaldomainforexample,aphysicianwithless reputationmaynotloseitsroleas“doctor”butmayloseinsteadsomeofher permissions.Thisdynamicassignmentofpermissionsforthesamerole,basedon theuserreputationmaybemuchmoreflexibleandcanpreventtheproliferationoftoomanyroles.In[14]wedefinethisdynamicmodelformallyandshow adetailedexampleofitsoperationinthesoftwaredevelopmentdomain.The mainobservationofthisisthatwhenoneconsidersreputationaspartofthe useridentity,onecansupportmuchmoreflexiblerole-basedmodelswithout theneedtoincreasesignificantlythenumberofrolesinthesystem.
3AggregationandCrossCommunityReputation Inthissectionwebrieflydescribethewayreputationisaggregatedfromseveral communitiesusingtheCCRmodel[5, 9].TheCCRmodeldefinesthemajorstages requiredtoaggregatethereputationofacommunitymemberwiththereputation ofthatmemberinothercommunities.Thefirststagedeterminestheconfidence onecommunityhasinanotherasapreconditionforreceivingreputationinformationfromthelatter.Thesecondstageinvolvestheconversionofreputationvalues fromthedomainvaluesofonecommunitytothoseoftheother.Inthethirdstage, amatchingprocedureiscarriedoutbetweenthesetsofattributesusedbytheparticipatingcommunitiestodescribereputation.Asanexample,supposethereare twosportcommunitiesinwhichacommentatorisactive,oneforBasketball,the
otherforFootball.AssumethatBobacommentatorlikestoimport(andaggregate)hisreputationfromthefootballcommunityintothebasketballcommunity. Thefirststageconsidersthegeneralconfidencethatbasketballcommunitymembershaveforreputationcomputedinthefootballcommunity.Thesecondstage considersthestatisticaldistributionofreputationvaluesinthetwocommunities andapplytherequiredtransformation(e.g.,averygoodratinginonecommunitymayonlybeconsidered“good”intheother).Thethirdstagemapsthespecificattributesthatareusedtocomputethereputationinthetwocommunities (e.g.,theattribute“predictionaccuracy”inthefootballcommunitymaybepartiallymappedtotheattribute“generalreliability”inthebasketballcommunity). Adetailedmathematicalmodelwhichexplainstheprocessofthemappingand aggregationofCCR,isdescribedin[5].TheCCRmodelwasimplementedasthe TRICsoftware.TRICisconcernedprimarilywithaggregatingdifferentreputationmechanismsacrosscommunitiesandwithprotectinguserrightstoprivacy andcontroloverdataduringthisaggregation.TheCCRcomputationprocess[5] beginswhena requestingcommunity thatwishestoreceiveCCRdataregarding oneofitsusers,sendsarequesttorelevant respondingcommunities.Communities thathavereputationdataoftheuserandarewillingtosharetheinformationreply withtherelevantreputationdata.Thereceiveddataisaggregatedandassembled intoanobjectcontainingtheCCRdataoftheuserinthecontextoftherequesting community.ThisprocessisillustratedinFig. 1.
Fig.1. RequestforCCRscenario:(1):ArequestingcommunitysendsTRICarequest fortheCCRofacommunitymember;(2):TRICcompilesarequestand(3)submitsit toallpotentialrespondingcommunities;(4):Respondingcommunitiessubmitareputationobjectofthememberatsubject;(5):TRICprocessesallreputationobjectsand compilesaCCRobject;(6):TRICsendstheCCRobjecttotherequestingcommunity
Oneoftheimportantgoalsassociatedwithsharingreputationbetweencommunitiesisdealingwithprivacy.WithintheCCRmodel,weidentifiedthree majorprivacyconcernsthatarenotpresentorthatarelesssignificantinsingle
communitydomains.FirstUnlinkabilityisaprimaryconcernraisedbytheCCR model.Althoughweaimtocomputeauser’sCCRfromseveralcommunities,we providethemeanstodosowithoutcompromisingtheuser’sanonymityineach communityandwhileupholdingtherequirementofunlinkabilitybetweenthe communities.Controllingthedisseminationofreputationinformationisanother privacyrequirement.Wepresentapolicy-basedapproachthatenablesboththe usersandthecommunitiestohavecontroloverthedisseminationofreputationdata.Thethirdprivacyissueweaddressisthetradeoffbetweenprivacy andtrust.WesuggestthetransparencymeasureforevaluatingCCRobjects. Toattainahightransparencyrank,membersareencouragedtodisclosetheir reputation-relatedinformationwheneveritisclearthatdisclosingtheirinformationispreferableandmorevaluabletothemthanthepotentialimpairmentof theirprivacy.TheissueofPrivacywithintheCCRmodelisdiscussedin[8].
4TransitivityandComputingDomainsReputation Aswasdiscussedearlier,computingdomainreputationandidentifyingsuspiciousdomainsisaveryimportantprobleminInternetsecuritytoday.Ourapproachtotheproblem[15]usesagraphofdomainsandIPswhichisconstructed frommappinginformationavailableinDNSlogrecords.TheDomainNameService(DNS)mapsdomainnamestoIPaddressesandprovidesanessentialservice toapplicationsontheinternet.ManybotnetsuseaDNSservicetolocatetheir nextCommandandControl(C&C)site.Therefore,DNSlogshavebeenusedby severalresearcherstodetectsuspiciousdomainsandfiltertheirtrafficifnecessary.Wetakethefamousexpression TellmewhoyourfriendsareandIwilltell youwhoyouare,motivatingmanysocialtrustmodels,intotheinternetdomains world.Thusadomainthatisrelatedtomaliciousdomainsismorelikelytobe maliciousaswell.ThisTransitivitypropertymotivatestheuseofaFlowalgorithm.AlthoughDNSdatawasusedbyseveralresearchersbeforetocompute domainreputation(see[1]),in[15]wepresentanewapproachbyapplyingaflow algorithmontheDNSgraphtoobtainthereputationofdomainsandidentify potentiallymaliciousones.Computingreputationfordomainsraisesseveralnew difficulties:
–Ratinginformationifexists,issparseandusuallybinary,adomainislabeled either“white”or“black”.
–Staticsourceslikeblacklistsandwhitelistsareoftennotup-to-date.
–Thereisnoexplicitconceptoftrustbetweendomainswhichmakesitdifficult toapplyafloworatransitivetrustalgorithm.
–Reputationofdomainsisdynamicandchangesveryfast.
Thesedifficultiesmaketheselectionofanadequatecomputationalmodelfor computingdomainreputationachallengingtask.Ourapproachisbasedona flowalgorithm,commonlyusedforcomputingtrustinsocialnetworksandvirtual communities.Wearemainlyinspiredbytwomodels:theEigentrustmodel[4] whichcomputestrustandreputationbytransitiveiterationthroughchainsof
trustingusersandthemodelbyGuhaetal.[10]whichcombinestheflowoftrust anddistrust.Themotivationforusingaflowalgorithmistheassumptionthat IPsanddomainswhichareneighborsofmalwaregeneratingIPsanddomains,are morelikelytobecomemalwaregeneratingaswell.Weconstructagraphwhich reflectsthetopologyofdomainsandIPsandtheirmappingsandrelationships anduseaflowmodeltopropagatetheknowledgereceivedintheformofblack list,tolabeldomainsinthegraphasmaliciousorsuspecteddomains.Although wedonotclaimthateverydomain(orIP)connectedtoamaliciousdomainin ourgraphismalicious,ourresearchhypothesisisthatsuchdomains(IPs)have ahigherprobabilitytobecomemalicious.Ourpreliminaryexperimentalresults supportthishypothesis.
ThemaininputtotheflowalgorithmistheDomains/IPsgraph.Thisgraphis builtfromthefollowingsources:(1)A-records:adatabaseofsuccessfulmappings betweenIPsanddomains,collectedfromalargeISPoverseveralmonths.These mappingbasicallyconstructtheedgesbetweenDomainsandIPs.(2)Whois:a queryandresponseprotocolthatiswidelyusedforqueryingdatabasesthatstore theregisteredusersorassignersofanInternetresource.Thisdatabasegroups IPswhichhavesimilarcharacteristicsandisthereforethebaseforIPtoIPedges. InadditionthereareDomaintoDomainedgeswhicharerelatedtosimilarity betweendomainnames.(3)Feed-framework:alistofmaliciousdomainswhich iscollectedoverthesameperiodoftimeasthecollectedA-records.Thislist isusedastheinitial“malicious”domainsset.(4)Alexa:Alexadatabaseranks websitesbasedonacombinedmeasureofpageviewsanduniquesiteusers.The initial“benign”domainsisderivedfromthislist.(5)VirustTotal:awebsitethat providesfreecheckingofdomainsforvirusesandothermalware.Weuseitto testourresultsaswillbedescribedbelow.Themostdifficultpartinconstructing theDomain/IPgraphisassigningtheweightontheedges,sincetheweightis proportionaltotheamountofflowontheedge.Wetestedseveralmethodsto assignweightswhichconsidertopologiesofthegraphandotherfactors,see[15]. OncetheDNSgraphisbuiltandthesetsof“benign”and“malicious”domains areextracted,thealgorithmcanbeperformed.Theentireprocessisdepicted inFig. 2
TheflowalgorithmmodelstheideathateveryIPanddomaindistributetheir reputationtoIPsordomainsconnectedtothem.Thisisdoneiterativelyand thereputationineachiterationisaddedtothetotalreputationofadomainor IP,withsomeattenuationfactor.Theattenuationfactorisameanstoreduce theamountofreputationonevertexcangainfromavertexthatisnotdirectly connectedtoitbytransitivity.Theflowalgorithmisexecutedseparatelyto propagategoodreputationandbadreputationandthenthetworeputation valuesarecombinedinseveralmannersresultingwithseveralvariationsofthe algorithm(seedetailsin[15].)
Theimportantcontributionofthesealgorithmsistheirabilitytocorrectly predictfuturemaliciousdomains.Althoughnotallmaliciousedomainsareidentified,asignificantamountisdiscovered.Inoneoftheexperimentsweused DNSlogsovera3monthsperiodfromwhichalargeDomain-IPgraphwas
Fig.2. Theprocessforcomputingthescore:(1)Createthegraphandassignweights representedasmatrix;(2)Createtheinitialvectorusedforpropagation;(3)Combine thematrixandthevectortoexecutetheflowalgorithm;(4)Getthefinalscores.
constructedwithnearlyonemillionnodes,andtheflowalgorithmwasapplied toit.Theresultswerethatoutofthetop1000highlysuspecteddomains,30% werefoundtobeknownmalicious(usingVirusTotal),whileinarandomsetof 1000domainsonly0.9%wereknownasmalicious.
5Conclusions Reputationisakeyconceptinmakingdecisionsinoursociallife.Inthispaper wehavediscussedthreekeyaspectsofreputation:Identity,Aggregationand Transitivitywhichareimportantwhenmigratingtheconceptofreputationfrom onedomaintoanother.Thiswasshownbybrieflyreviewingseveralresearch papersofours.Themainconclusionisthatreputationplaysamajorroleina widerangeofdomainsbesidethesocialarenadomain.
References 1.Antonakakis,M.,Perdisc,R.,Dagon,D.,Lee,W.,Feamster,N.:Buildinga dynamicreputationmodelforDNS.In:USENIXSecuritySymposium,pp.273–290 (2010)
2.Chakraborty,S.,Ray,I.:TrustBAC:integratingtrustrelationshipsintotheRBAC modelforaccesscontrolinopensystems.In:Proceedingsofthe11thACMsymposiumonAccessControlModelsandTechnologies(SACMAT2006),pp.49–58. ACM,NewYork(2006)
3.Dellarocas,C.:Analyzingtheeconomicefficiencyofebay-likeonlinereputation reportingmechanisms.In:ACMConferenceonElectronicCommerce,pp.171–179 (2001)
4.Kamvar,S.D.,Schlosser,M.T.,Garcia-Molina,H.:Theeigentrustalgorithmfor reputationmanagementinP2Pnetworks.In:WWW,pp.640–651(2003)
5.Gal-Oz,N.,Grinshpoun,T.,Gudes,E.:Sharingreputationacrossvirtualcommunities.J.Theor.Appl.Electr.Commer.Res. 5(2),1–25(2010)
Another random document with no related content on Scribd:
quite quitted quitting quivered quivering quivers quo
Quod quondam quorum quota quotas quotation
Quotations quote quoted quotes quoting R Raad Rabbi rabbinical Rabbis rabbit rabbits rabble Rabi rabid rabidly race raced RACES racial racing racked rackets
radical
radically
Radicals radiometer
radius Rafael Raffles raft rafts Rag rage raged rages raging Ragsdale Rahden raid raided raider raiders raiding raids
rail railing Railroad railroading railroads rails Railway Railways rain rained
RAINES rainfall rains rainy raise Raised
raises
Raising
Raja
Rajah
Rajpoots
Rajputana
Rajputs
raked
Rale
Raleigh Ralli rallied rally rallying
RALPH
ram
Ramabai
Ramahavaly
RAMAPO
Ramazan
Rameses
Ramesseum
Ramon
ramp
Rampart
Ramparts
Rampolla rams
Ramsay Ramsden
Ramses ran
RANAVALOMANJAKA ranches
ranching rancor rancour
RAND Randolph random Randt
Ranfurly rang
Range ranged ranges ranging rank ranked
Rankine ranking rankled ranks ransack ransacked ransom rapacity rape raped Rapid rapidity rapidly Rapido Rapids rapine rapporteur rapprochement Rapurrapu rare Rarely rarest Rarotonga Ras rascal
Rashid rashly rashness rata ratable rate ratepayers rates
Rather Ratibor ratification ratifications ratified ratify ratifying rating ratings ratio ration rational rations
rats rattle ravaged ravages Ravenni ravine ravines ravishing Ravndal Ravololona raw rawest Rawlinson Ray rayahs Rayleigh
RAYS razed razor
razors
rd
Rds
Re reach reached reaches reaching reaction reactionaries reactionary read reader readers readier readily readiness Reading readings readjusting reads readvance READY reaffirm reaffirmed reaffirms real realisation realise realised realising realities reality realization
realize realized realizes Realizing really realm realty reap reaping reappear reappearance reappeared reapportionment rear reared rearing rearmost rearrangement rearward reason reasonable reasonably reasoning reasons reassemble reassembled reassembling reassert reasserting Reassertion reasserts reassure reassured reassuring rebate rebates rebel
rebelled rebellion rebellions rebellious rebels rebuff rebuilding rebuilt rebuke rebuked recalcitrancy recall recalled recalling recalls recanted recapitulate recapitulated Recapitulation recapture recaptured recast recasting recede receded receipt receipts receivable receive received receiver receivers receives receiving RECENT Recently reception
recess recesses recession recipient recipients reciprocal Reciprocally reciprocate reciprocated RECIPROCITY recital recited recites reciting reckless recklessly reckon reckoned reckoning reclaim reclaimed reclaiming reclamation reclassified Reclus recognise recognised recognises recognising Recognition recognizable recognize recognized recognizes recognizing recoin recoinage
recollections
Recolletos recombined recommence recommend recommendation recommendations recommended recommending recommends recompense reconcentrado
RECONCENTRADOS reconcentration reconcile reconciled reconciliation reconciling reconcontrados reconducted reconnaissance reconnoiter reconnoitered reconnoitering Reconnoitring reconquer reconquered reconquest reconsider reconsideration reconstitute reconstituted reconstitution reconstructed reconstruction reconstructions reconvened
RECORD recorded recorder recording records recounted recounts recoup recourse recover recovered recovering recovery recreation recriminating recrossed recrudescence recruit recruited recruiting recruits rectification rectified rectify rectitude rector recuperation recuperative recur recurred Recurrence recurrent recurring red Redcliffe redeem redeemable
redeemed redeemer redeeming redemption redemptions Redfield redhanded redistribute redistributing redistribution redistrict redistricted Redjaf redoubled redoubt redoubtable redound redress redressed Reds reduce reduced reduces reducing Reduction reductions redundant Redvers reed reeds reef reefs reelected reelection reeled reenacted reenforce
reenforcements reenkindle reestablishment
Reeve Reeves refashioning refer referee
REFERENCE references
Referendum referred
Referring refers refined refinements refiner
Refineries refiners refinery refining refitting reflect reflected
Reflecting reflection reflections reform
Reformation reformed reformer reformers reforming reforms refracted refrain refrained
refraining refreshing refreshment
refrigerated refrigeration
refuge refugee Refugees refund refunding
Refusal refuse refused refuses refusing refute regain regained regaining regains regal
Regard regarded Regarding regardless regards regatta regency regenerate regenerating regeneration
REGENT
Regents regime regiment regimental regiments
Reginald region
Regional Regions
Regis register registered registering registers Registrar registrars registration registry regnante
Regolado regret regrets regrettable Regular regularity regularly
REGULARS regulate regulated regulating regulation regulations regulièrement rehabilitate rehearsal rehearsed rehearsing
Rehoboam
Reichsrath
Reichsrathe Reichstag
REID
Reign reigned reigning reigns
REILEY
Reilly reimposing reimposition
Reina Reinach
Reinauguration reincorporate reindeer reindeers
Reinet reinforce reinforced reinforcement reinforcements reins reinscribed reinstate reinstated reinstatement reintroduced Reis reissue reiterate reiterated reiterates reiterating Reitfontein
Reitz reject rejected rejecting Rejection
rejects rejoice rejoiced rejoicing rejoined rejoining rekindled relapse relapsed relapsing relate related relates relating relation relations relationship relative relatively relatives relax relaxation relaxations relaxed relay release released releasing relegate relegated relegating relentless reliable reliably reliance reliant relic
relics relied Relief reliefs relies relieve Relieved relieves relieving religion religionists religions religious religiously relinquish relinquished relinquishes relinquishment relish reluctance reluctant reluctantly rely relying rem remain remainder remained Remaining remains remanded remark remarkable remarkably remarked remarking remarks
remarquez remedial remedied remedies remedy remedying remember remembered
Remembering remembrance remind reminded reminder reminding reminds Remington remiss remission remit remits remitted Remmel remnant remnants remodeled remonstrance Remonstrances remonstrate remonstrated remonstrating remorse remote remotely remotest
Remounts removable removal
removals remove removed removes removing remunerated remuneration remunerative remuneratively
renal Renault render rendered rendering renders rending rendition Rendsburg renegade renew renewable renewal Renewed renewing Rennes Rennie renomination renounce renounced renouncement renounces renouncing renovating renovation renown renseignemcnts rent
