Beauty Is in the Eye of the Beholder

Dimitri DeFigueiredo Earl Barr S. (Felix) Wu

Adobe Systems Inc. UC Davis UC DavisInternational Conference on Privacy, Security, Risk and Trust

2009

1

OverviewMotivationConceptual PropertiesFormal ModelTheoremsKey Point

2PASSAT 2009

Can I trust him?What is it?What is it used for?

3PASSAT 2009

Trust

Trust is useful.

What is it?What is it used for?Ratings are not the same as trust. Why not?

4PASSAT 2009

How do we use Trust?

Trust helps us avoid risks that depend on othersWe don’t take risks with people we do not trustWe are vulnerable to the actions of people we

trust

Trust is under each person’s complete control

I trust you as much as I want5

PASSAT 2009

Basic PropertiesTwo-role ruleDomain specificComplete orderingHigher is better

6PASSAT 2009

Trust Values

Definition: Trust values are real numbers.

Think in dollar$

“How much would you bet C will be on time for dinner?”

7PASSAT 2009

Reputation Graph

From your experience, how much would you bet C is a good seller?

8PASSAT 2009

$100

BA

C

D

E

$100

$20

$50

$10

$60

$30

$10

World

G0 G1 Gk

A World is a sequence of reputation graphs

9PASSAT 2009

…

Reputation Function

World Trust Graph

f

…

10PASSAT 2009

Trust Graph

11PASSAT 2009

5010

A B

CD

20

Trust Graph

12PASSAT 2009

5010

A B

CD

?

??

??

?

?

??20

Trust Threshold

Trusted orUntrusted?

hA=30

hC=9

13PASSAT 2009

5010

A B

CD

20

Trust - Definition

Trust is the personal threshold determined by the trusting party that describes the

maximum utility the trusting party is willing to risk when dealing with the trusted party.

15PASSAT 2009

A

D C

B

Types of Reputation Function

Trivial

19PASSAT 2009

A B

CD

A

D C

B

0G

1G

Types of Reputation Function

TrivialConsensus-based

20PASSAT 2009

A

D C

BA B

CD

30

3030

= 30

Types of Reputation Function

TrivialConsensus-basedPersonalized

21PASSAT 2009

A

D C

BA B

CD

50

3040

A Collusion

22PASSAT 2009

5010

A B

CD

20

An Untrusted CollusionhA=30

23PASSAT 2009

50

5010

A B

CD

2010

WW

A Manipulated World

24PASSAT 2009

5010

A B

CD

2010

A

D C

B?

A B

CD

??

W

Manipulated W

f

f

hA=30

Non-exploitability

For any trust threshold h a vertex chooses, no untrusted collusion can fool it.

25PASSAT 2009

A

D C

B?

A B

CD

??

Manipulated W

f

Theorems

Impossibility

All non-exploitable consensus-based reputation functions are trivial

Possibility

There are non-trivial non-exploitable personalized reputation functions

26PASSAT 2009

Impossibility Proof SketchhA = 100

27PASSAT 2009

5010

A

C=20D=10

2010

B=50

What if hC = 30 ?!

Possibility Proof SketchConstructive proofFor a reputation threshold λ=0.5Define:

λ=0.5

28PASSAT 2009

otherwise,0

exists to frompath trusteda if ,1, ji

ji

vvvvf

0.6 0.7 1

1

1

0G

B

A

C

Possibility Proof Sketch

Non-trivial

λ=0.5

29PASSAT 2009

0.6 0.7 1

1

1

0

B

A

C

otherwise ,0

exists to frompath trusteda if ,1, ji

ji

vvvvf

Possibility Proof Sketch

Non-exploitableFor any trust threshold h set by any trusting

party:untrusted node is not reachableunreachable node node cannot

make other nodes reachable or unreachable

30PASSAT 2009

1

1

1

B

A

C

otherwise ,0

exists to frompath trusteda if ,1, ji

ji

vvvvf

Key Point

Trust is a personal value.Rating systems should allow different people to have different points of view

31PASSAT 2009

Questions?

Thank you!

Full version

http://www.cs.ucdavis.edu/~defigued/

32PASSAT 2009