We introduce a trust evaluation method applicable in a decentralized setting, in which no universally trusted authority exists. The method makes simultaneous use of logic and probability theory. The result of the qualitative part of the method are logical arguments for and against the reliability of an entity. The quantitative part returns the probability that the reliability of an entity can be deduced under the given assumptions and pieces of evidence, as well a corresponding probability for the counter-hypothesis. Our method is a true generalization of existing methods, in particular the Credential Networks. It relies on digital signatures for authenticating messages and accounts for many-to-many relationships between entities and public keys. Moreover, it includes eight different types of trust relations, namely the assumption or the statement that an entity is honest, competent, reliable, or malicious, and their corresponding negations.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
The official ebay website. http://www.ebay.com, April 2006.
T. Beth, M. Borcherding, and B. Klein. Valuation of trust in open networks. In ES-ORICS’94, 3rd European Symposium on Research in Computer Security, LNCS 875, pages 3-18. Springer, 1994.
M. Burrows, M. Abadi, and R. Needham. A logic of authentication. ACM Transactions on Computer Systems, 8(1):18-36, February 1990.
W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Transactions on Infor-mation Theory, IT-22(6):644-654, 1976.
L. Gong, R. Needham, and R. Yahalom. Reasoning About Belief in Cryptographic Protocols. In Deborah Cooper and Teresa Lunt, editors, Proceedings 1990 IEEE Symposium on Research in Security and Privacy, pages 234-248. IEEE Computer Society, 1990.
R. Haenni. Using probabilistic argumentation for key validation in public-key cryptography. International Journal of Approximate Reasoning, 38(3):355-376, 2005.
R. Haenni. Probabilistic argumentation (submitted). Elsevier, 2007.
R. Haenni, J. Jonczy, and R. Kohlas. Two-layer models for managing authenticity and trust. In R. Song, L. Korba, and G. Yee, editors, Trust in E-Services: Technologies, Practices and Challenges. 2006.
R. Haenni, J. Kohlas, and N. Lehmann. Probabilistic argumentation systems. In D. M. Gab-bay and P. Smets, editors, Handbook of Defeasible Reasoning and Uncertainty Management Systems, volume 5: Algorithms for Uncertainty and Defeasible Reasoning, pages 221-288. Kluwer Academic Publishers, Dordrecht, Netherlands, 2000.
R. Haenni and N. Lehmann. ABEL: an interactive tool for probabilistic argumentative reason-ing. In ECSQARU’03, 7th European Conference on Symbolic and Quantitative Approaches to Reasoning under Uncertainty, pages 588-593, Aalborg, Denmark, 2003.
J. Jonczy. Evaluating trust and authenticity with CAUTION. In iTrust’06, 4rd International Conference on Trust Management, pages 449-453, Pisa, Italy, 2006.
J. Jonczy and R. Haenni. Credential networks: a general model for distributed trust and au-thenticity management. In A. Ghorbani and S. Marsh, editors, PST’05: 3rd Annual Conference on Privacy, Security and Trust, pages 101-112, St. Andrews, Canada, 2005.
J. Jonczy, M. W üthrich, and R. Haenni. A probabilistic trust model for GnuPG. In 23C3, 23rd Chaos Communication Congress, pages 61-66, Berlin, Germany, 2006.
A. Jøsang. An algebra for assessing trust in certification chains. In NDSS’99: 6th Annual Symposium on Network and Distributed System Security, San Diego, USA, 1999.
A. Jøsang. A logic for uncertain probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 9(3):279-311, 2001.
J. Kohlas and P. A. Monney. A Mathematical Theory of Hints. An Approach to the Dempster-Shafer Theory of Evidence, volume 425 of Lecture Notes in Economics and Mathematical Systems. Springer, 1995.
R. Kohlas, R. Haenni, and J. Jonczy. A new model for public-key authentication. In T. Braun, G. Carle, and B. Stiller, editors, KiVS’07, Kommunikation in Verteilten Systemen, pages 213-224, Berne, Switzerland, 2007.
R. Kohlas and U. Maurer. Confidence valuation in a public-key infrastructure based on un-certain evidence. In H. Imai and Y. Zheng, editors, PKC’2000, Third International Workshop on Practice and Theory in Public Key Cryptography, LNCS 1751, pages 93-112, Melbourne, Australia, 2000. Springer.
R. Levien and A. Aiken. Attack-resistant trust metrics for public key certification. In 7th on USENIX Security Symposium, pages 229-242, 1998.
G. Mahoney, W. Myrvold, and G. C. Shoja. Generic reliability trust model. In A. Ghorbani and S. Marsh, editors, PST’05: 3rd Annual Conference on Privacy, Security and Trust, pages 113-120, St. Andrews, Canada, 2005.
U. Maurer. Modelling a public-key infrastructure. In E. Bertino, H. Kurth, G. Martella, and E. Montolivo, editors, ESORICS, European Symposium on Research in Computer Security, LNCS 1146, pages 324-350. Springer, 1996.
M. K. Reiter and S. G. Stubblebine. Path independence for authentication in large-scale sys-tems. In CCS’97, 4th ACM Conference on Computer and Communications Security, pages 57-66, Z ürich, Switzerland, 1997. Academic Press.
M. K. Reiter and S. G. Stubblebine. Toward acceptable metrics of authentication. In SP’97: 18th IEEE Symposium on Security and Privacy, pages 10-20, Oakland, USA, 1997.
R. L. Rivest, A. Shamir, and L. M. Adelman. A method for obtaining digital signatures and public-key cryptosystems. Technical Report TM-82, MIT, Cambridge, USA, 1977.
C. G. Zarba. Many-sorted logic. http://theory.stanford.edu/˜zarba/snow/ch01.pdf.
P. R. Zimmermann. PGP User’s Guide Volume I: Essential Topics, 1994.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Kohlas, R., Jonczy, J., Haenni, R. (2008). A Trust Evaluation Method Based on Logic and Probability Theory. In: Karabulut, Y., Mitchell, J., Herrmann, P., Jensen, C.D. (eds) Trust Management II. IFIPTM 2008. IFIP – The International Federation for Information Processing, vol 263. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-09428-1_2
Download citation
DOI: https://doi.org/10.1007/978-0-387-09428-1_2
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-09427-4
Online ISBN: 978-0-387-09428-1
eBook Packages: Computer ScienceComputer Science (R0)