Enhancing Multilateral Security in and by Reputation Systems

  • Sandra Steinbrecher
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 298)

Abstract

With the increasing possibilities for interaction between Internet users exceeding pure communication, in multilateral security the research question arises to rethink and extend classical security requirements. Reputation systems are a possible solution to assist new security requirements. But naturally also reputation systems have to be designed in a multilateral secure way. In this paper we discuss both multilateral security by and in reputation systems. An overview on the possibilities how such systems could be realised is given.

References

  1. 1.
    Borcea-Pfitzmann, K., Hansen, M., Liesebach, K., Pfitzmann, A., Steinbrecher, S.: Managing one’s identities in organisational and social settings. DuD, Datenschutz und Datensicherheit 31(9), 671–675 (2007)CrossRefGoogle Scholar
  2. 2.
    Buskens, V., Raub, W.: Embedded trust: Control and learning. In: Lawler, E., Thye, S. (eds.) Group Cohesion, Trust, and Solidarity. Advances in Group Processes, vol. 19, pp. 167–202 (2001)Google Scholar
  3. 3.
    Bygrave, L.: Data Protection Law, Approaching Its Rationale, Logic and Limits. Kluwer Law International, The Hague (2002)Google Scholar
  4. 4.
    Camerer, C., Weigelt, K.: Experimental tests of a sequential equilibrium reputation model. Econometrica 56, 1–36 (1988)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Chaum, D.: Showing credentials without identification. Signatures transferred between unconditionally unlinkable pseudonyms. In: Pichler, F. (ed.) EUROCRYPT 1985. LNCS, vol. 219, pp. 241–244. Springer, Heidelberg (1986)CrossRefGoogle Scholar
  6. 6.
    Clauß, S., Kesdogan, D., Kölsch, T., Pimenidis, L., Schiffner, S., Steinbrecher, S.: Privacy enhancing identity management: Protection against re-identification and profiling. In: Goto, A. (ed.) DIM 2005, Proceedings of the 2005 ACM Workshop on Digital Identity Management, Fairfax, Virgina, USA, November 2005, pp. 84–93. ACM, New York (2005)Google Scholar
  7. 7.
    Clauß, S., Köhntopp, M.: Identity management and its support of multilateral security. Computer Networks 37(2), 205–219 (2001)CrossRefGoogle Scholar
  8. 8.
    Clauß, S., Pfitzmann, A., Hansen, M., Van Herreweghen, E.: Privacy-enhancing identity management. The IPTS Report 67, 8–16 (2002)Google Scholar
  9. 9.
    Dasgupta, P.: Trust as a commodity. In: Gambetta, D. (ed.) Trust: Making and Breaking Cooperative Relations, pp. 49–72. Department of Sociology, University Oxford (2000)Google Scholar
  10. 10.
    Dellarocas, C.: The digitization of word-of-mouth: Promise and challenges of online feedback mechanisms. Management Science, 1407–1424 (October 2003)Google Scholar
  11. 11.
    Dellarocas, C.: Research note – how often should reputation mechanisms update a trader’s reputation profile? Information Systems Research 17(3), 271–285 (2006)CrossRefGoogle Scholar
  12. 12.
    Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  13. 13.
    ENISA. Position paper. reputation-based systems: a security analysis (2007), http://www.enisa.europa.eu/doc/pdf/deliverables/enisa_pp_reputation_based_system.pdf (letzter Abruf 09.02.08)
  14. 14.
    Friedman, E., Resnick, P.: The social cost of cheap pseudonyms. Journal of Economics and Management Strategy 10, 173–199 (1999)CrossRefGoogle Scholar
  15. 15.
    Hansen, M., Pfitzmann, A.: Anonymity, unobservability, and pseudonymity - a proposal for terminology. Version 0.8 in: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 1–9. Springer, Heidelberg (2001); Version 0.30 in: Balzer, R., Kpsell, S., Lazarek, H. (Hg.) Fachterminologie Datenschutz und Datensicherheit Deutsch - Russisch - Englisch; FGI - Forschungsgesellschaft Informatik, Technische Universitt Wien, Wien, February 2008, pp. 111-144 (2008); Version 0.31, http://dud.inf.tu-resden.de/literatur/Anon_Terminology_v0.31.pdf (2007)CrossRefGoogle Scholar
  16. 16.
    Mahler, T., Olsen, T.: Reputation systems and data protection law. In: eAdoption and the Knowledge Economy: Issues, Applications, Case Studies, pp. 180–187. IOS Press, Amsterdam (2004)Google Scholar
  17. 17.
    Mui, L.: Computational Models of Trust and Reputation: Agents, Evolutionary Games, and Social Networks. Ph.D Thesis, Massachusetts Institute of Technology (2003)Google Scholar
  18. 18.
    Pingel, F., Steinbrecher, S.: Multilateral secure cross-community reputation systems. In: Furnell, S.M., Katsikas, S.K., Lioy, A. (eds.) TrustBus 2008. LNCS, vol. 5185, pp. 69–78. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  19. 19.
    Rannenberg, K., Pfitzmann, A., Müller, G.: IT security and multilateral security. In: Mller, G., Rannenberg, K. (eds.) Multilateral Security in Communications, Mnchen. Technology, Infrastructure, Economy, vol. 3, pp. 21–29. Addison-Wesley, Reading (1999)Google Scholar
  20. 20.
    Resnick, P., Kuwabara, K., Zeckhauser, R., Friedman, E.: Reputation systems. Communications of the ACM 43(12), 45–48 (2000)CrossRefGoogle Scholar
  21. 21.
    Rheingold, H.: The Virtual Community: Homesteading on the Electronic Frontier. Perseus Books (1993)Google Scholar
  22. 22.
    Steinbrecher, S.: Balancing privacy and trust in electronic marketplaces. In: Katsikas, S.K., López, J., Pernul, G. (eds.) TrustBus 2004. LNCS, vol. 3184, pp. 70–79. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  23. 23.
    Steinbrecher, S.: Design options for privacy-respecting reputation systems within centralised internet communities. In: Proceedings of IFIP Sec 2006, 21st IFIP International Information Security Conference: Security and Privacy in Dynamic Environments (May 2006)Google Scholar
  24. 24.
    Voss, M.: Privacy preserving online reputation systems. In: International Information Security Workshops, pp. 245–260. Kluwer, Dordrecht (2004)Google Scholar
  25. 25.
    Wolf, G., Pfitzmann, A.: Properties of protection goals and their integration into a user interface. Computer Networks 32(6), 685–699 (2000)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2009

Authors and Affiliations

  • Sandra Steinbrecher
    • 1
  1. 1.Fakultät InformatikTechnische Universität DresdenDresdenGermany

Personalised recommendations