A game theoretic model for digital identity and trust in online communities

Digital identity and trust management mechanisms play an important role on the Internet. They help users make decisions on trustworthiness of digital identities in online communities or ecommerce environments, which have significant security consequences. This work aims to contribute to construction of an analytical foundation for digital identity and trust by adopting a quantitative approach. A game theoretic model is developed to quantify community effects and other factors in trust decisions. The model captures factors such as peer pressure and personality traits. The existence and uniqueness of a Nash equilibrium solution is studied and shown for the trust game defined. In addition, synchronous and asynchronous update algorithms are shown to converge to the Nash equilibrium solution. A numerical analysis is provided for a number of scenarios that illustrate the interplay between user behavior and community effects

Combating False Reports for Secure Networked Control in Smart Grid via Trustiness Evaluation

Smart grid, equipped with modern communication infrastructures, is subject to possible cyber attacks. Particularly, false report attacks which replace the sensor reports with fraud ones may cause the instability of the whole power grid or even result in a large area blackout. In this paper, a trustiness system is introduced to the controller, who computes the trustiness of different sensors by comparing its prediction, obtained from Kalman filtering, on the system state with the reports from sensor. The trustiness mechanism is discussed and analyzed for the Linear Quadratic Regulation (LQR) controller. Numerical simulations show that the trustiness system can effectively combat the cyber attacks to smart grid.Comment: It has been submitted to IEEE International Conference on Communications (ICC

Agreement Computing

[EN] In this paper we introduce the concept of Agreement Computing, motivate the central role that the concept of agreement plays in open software systems and discuss a number of research challenges that need to be addressed to make the agreement computing vision a reality.Research supported by the Agreement Technologies CONSOLIDER project under contract CSD2007-0022 and INGENIO 2010 and by the Agreement Technologies COST Action, IC0801.Sierra Garcia, C.; Botti Navarro, VJ.; Ossowski, DS. (2011). Agreement Computing. KI - Künstliche Intelligenz. 25(1):57-61. https://doi.org/10.1007/s13218-010-0070-yS5761251Arcos JL, Esteva M, Noriega P, Rodríguez JA, Sierra C (2005) Engineering open environments with electronic institutions. Eng Appl Artif Intell 18(2):191–204Boella G, Noriega P, Pigozzi G, Verhagen H (2009) In: Dagstuhl seminar proceedings 09121: normative multi-agent systems.Henrik G, Wright V (1963) Norm and action, a logical enquiry. Routledge and Kegan Paul, LondonHermenegildo M, Albert E, López-García P, Puebla G (2005) Abstraction carrying code and resource-awareness. In: Principle and practice of declarative programming. ACM Press, New YorkJennings N, Faratin P, Lomuscio A, Parsons S, Sierra C, Wooldridge M (2001) Automated negotiation: prospects methods and challenges. Group Decis Negot 10(2):199–215Jøsang A, Ismail R, Boyd C (2007) A survey of trust and reputation systems for online service provision. Decis Support Syst 43(2):618–644Kalfoglou Y, Schorlemmer M (2003) IF-Map: an ontology-mapping method based on information-flow theory. In: Spaccapietra S, March S, Aberer K (eds) Journal on data semantics I. Lecture notes in computer science, vol 2800. Springer, Heidelberg, pp 98–127Ko RKL, Lee SSG, Lee EW (2009) Business process management (bpm) standards: a survey. Bus Process Manag J 15(5):744–791Kraus S (1997) Negotiation and cooperation in multi-agent environments. Artif Intell 94(1–2):79–97March J (1996) A preface to understanding how decisions happen in organizations. In: Organizational decision-making, Cambridge University Press, CambridgeNecula GC, Lee P (1996) Proof-carrying code. Tech repRoss A (1968) Directives and norms. Humanities, Atlantic HighlandsSierra C, Debenham J (2006) Trust and honour in information-based agency. In: Proceedings of the 5th international conference on autonomous agents and multiagent systems. ACM Press, New York, pp 1225–1232Simon HA Administrative behavior. Free Press (1997)Vasirani M, Ossowski S (2009) A market-inspired approach to reservation-based urban road traffic management. In: Proceedings of the 8th international conference on autonomous agents and multiagent systems, IFAAMAS, pp. 617–62

Asymptotically idempotent aggregation operators for trust management in multi-agent systems

The study of trust management in multi-agent system, especially distributed, has grown over the last years. Trust is a complex subject that has no general consensus in literature, but has emerged the importance of reasoning about it computationally. Reputation systems takes into consideration the history of an entity’s actions/behavior in order to compute trust, collecting and aggregating ratings from members in a community. In this scenario the aggregation problem becomes fundamental, in particular depending on the environment. In this paper we describe a technique based on a class of asymptotically idempotent aggregation operators, suitable particulary for distributed anonymous environments

Secure Management of Personal Health Records by Applying Attribute-Based Encryption

The confidentiality of personal health records is a major problem when patients use commercial Web-based systems to store their health data. Traditional access control mechanisms, such as Role-Based Access Control, have several limitations with respect to enforcing access control policies and ensuring data confidentiality. In particular, the data has to be stored on a central server locked by the access control mechanism, and the data owner loses control on the data from the moment when the data is sent to the requester. Therefore, these mechanisms do not fulfil the requirements of data outsourcing scenarios where the third party storing the data should not have access to the plain data, and it is not trusted to enforce access control policies. In this paper, we describe a new approach which enables secure storage and controlled sharing of patient’s health records in the aforementioned scenarios. A new variant of a ciphertext-policy attribute-based encryption scheme is proposed to enforce patient/organizational access control policies such that everyone can download the encrypted data but only authorized users from the social domain (e.g. family, friends, or fellow patients) or authorized users from the professional\ud domain (e.g. doctors or nurses) are allowed to decrypt it

Specifying and analysing reputation systems with coordination languages

Reputation systems are nowadays widely used to support decision making in networked systems. Parties in such systems rate each other and use shared ratings to compute reputation scores that drive their interactions. The existence of reputation systems with remarkable differences calls for formal approaches to their analysis. We present a verification methodology for reputation systems that is based on the use of the coordination language Klaim and related analysis tools. First, we define a parametric Klaim specification of a reputation system that can be instantiated with different reputation models. Then, we consider stochastic specification obtained by considering actions with random (exponentially distributed) duration. The resulting specification enables quantitative analysis of properties of the considered system. Feasibility and effectiveness of our proposal is demonstrated by reporting on the analysis of two reputation models