Networks and trust: systems for understanding and supporting internet security

Includes bibliographical references.2022 Fall.This dissertation takes a systems-level view of the multitude of existing trust management systems to make sense of when, where and how (or, in some cases, if) each is best utilized. Trust is a belief by one person that by transacting with another person (or organization) within a specific context, a positive outcome will result. Trust serves as a heuristic that enables us to simplify the dozens decisions we make each day about whom we will transact with. In today's hyperconnected world, in which for many people a bulk of their daily transactions related to business, entertainment, news, and even critical services like healthcare take place online, we tend to rely even more on heuristics like trust to help us simplify complex decisions. Thus, trust plays a critical role in online transactions. For this reason, over the past several decades researchers have developed a plethora of trust metrics and trust management systems for use in online systems. These systems have been most frequently applied to improve recommender systems and reputation systems. They have been designed for and applied to varied online systems including peer-to-peer (P2P) filesharing networks, e-commerce platforms, online social networks, messaging and communication networks, sensor networks, distributed computing networks, and others. However, comparatively little research has examined the effects on individuals, organizations or society of the presence or absence of trust in online sociotechnical systems. Using these existing trust metrics and trust management systems, we design a set of experiments to benchmark the performance of these existing systems, which rely heavily on network analysis methods. Drawing on the experiments' results, we propose a heuristic decision-making framework for selecting a trust management system for use in online systems. In this dissertation we also investigate several related but distinct aspects of trust in online sociotechnical systems. Using network/graph analysis methods, we examine how trust (or lack of trust) affects the performance of online networks in terms of security and quality of service. We explore the structure and behavior of online networks including Twitter, GitHub, and Reddit through the lens of trust. We find that higher levels of trust within a network are associated with more spread of misinformation (a form of cybersecurity threat, according to the US CISA) on Twitter. We also find that higher levels of trust in open source developer networks on GitHub are associated with more frequent incidences of cybersecurity vulnerabilities. Using our experimental and empirical findings previously described, we apply the Systems Engineering Process to design and prototype a trust management tool for use on Reddit, which we dub Coni the Trust Moderating Bot. Coni is, to the best of our knowledge, the first trust management tool designed specifically for use on the Reddit platform. Through our work with Coni, we develop and present a blueprint for constructing a Reddit trust tool which not only measures trust levels, but can use these trust levels to take actions on Reddit to improve the quality of submissions within the community (a subreddit)

The KAA project: a trust policy point of view

In the context of ambient networks where each small device must trust its neighborhood rather than a fixed network, we propose in this paper a \textit{trust management framework} inspired by known social patterns and based on the following statements: each mobile constructs itself a local level of trust what means that it does not accept recommendation by other peers, and the only relevant parameter, beyond some special cases discussed later, to evaluate the level of trust is the number of common trusted mobiles. These trusted mobiles are considered as entries in a local database called history for each device and we use identity-based cryptography to ensure strong security: history must be a non-tansferable object

On the architecture of collaboration in inter-organizational natural resource management networks

This paper reviews the architecture of collaboration that exists within inter-organizational natural resource management (NRM) networks. It presents an integrative conceptual framework designed to help operationalize the multi-level interactions that occur between different dimensions of trust, risk perception, and control as key concepts in inter-organizational collaboration. The objective is to identify and justify a series of propositions considered suitable for assessing inter-organizational NRM network collaboration through empirical work. Such an integrative conceptualization goes beyond the existing trust scholarship related to collaborative NRM, and, we argue, offers a useful starting point for further exploring some of the ‘inner’ social dynamics affecting collaborative performance using complex systems thinking. To help establish the relevance of the conceptual framework to transboundary resource governance, a survey operationalizing different dimensions of trust, perceived risk, and control is piloted in the Salish Sea, an ecosystem that spans the Canada-US border between British Columbia and Washington State. Key challenges associated with operationalizing the framework and future research needs are identified

Design science research towards resilient cyber-physical eHealth systems

Most eHealth systems are cyber-physical systems (CPSs) making safety-critical decisions based on information from other systems not known during development. In this design science research, a conceptual resilience governance framework for eHealth CPSs is built utilizing 1) cybersecurity initiatives, standards and frameworks, 2) science of design for software-intensive systems and 3) empowering cyber trust and resilience. According to our study, a resilient CPS consists of two sub-systems: the proper resilient system and the situational awareness system. In a system of CPSs, three networks are composed: platform, software and social network. The resilient platform network is the basis on which information sharing between stakeholders could be created via software layers. However, the trust inside social networks quantifies the pieces of information that will be shared - and with whom. From citizens’ point of view, eHealth is wholeness in which requirements of information security hold true. Present procedures emphasize confidentiality at the expense of integrity and availability, and regulations/instructions are used as an excuse not to change even vital information. The mental-picture of cybersecurity should turn from “threat, crime, attack” to “trust” and “resilience”. Creating confidence in safe digital future is truly needed in the integration of the digital and physical world’s leading to a new digital revolution. The precondition for the exchange of information “trust” must be systematically built at every CPS’ level. In health sector, increasingly interconnected social, technical and economic networks create large complex CPSs, and risk assessment of many individual components becomes cost and time prohibitive. When no-one can control all aspects of CPSs, protection-based risk management is not enough to help prepare for and prevent consequences of foreseeable events, but resilience must be built into systems to help them quickly recover and adapt when adverse events do occur.Most eHealth systems are cyber-physical systems (CPSs) making safety-critical decisions based on information from other systems not known during development. In this design science research, a conceptual resilience governance framework for eHealth CPSs is built utilizing 1) cybersecurity initiatives, standards and frameworks, 2) science of design for software-intensive systems and 3) empowering cyber trust and resilience. According to our study, a resilient CPS consists of two sub-systems: the proper resilient system and the situational awareness system. In a system of CPSs, three networks are composed: platform, software and social network. The resilient platform network is the basis on which information sharing between stakeholders could be created via software layers. However, the trust inside social networks quantifies the pieces of information that will be shared - and with whom. From citizens’ point of view, eHealth is wholeness in which requirements of information security hold true. Present procedures emphasize confidentiality at the expense of integrity and availability, and regulations/instructions are used as an excuse not to change even vital information. The mental-picture of cybersecurity should turn from “threat, crime, attack” to “trust” and “resilience”. Creating confidence in safe digital future is truly needed in the integration of the digital and physical world’s leading to a new digital revolution. The precondition for the exchange of information “trust” must be systematically built at every CPS’ level. In health sector, increasingly interconnected social, technical and economic networks create large complex CPSs, and risk assessment of many individual components becomes cost and time prohibitive. When no-one can control all aspects of CPSs, protection-based risk management is not enough to help prepare for and prevent consequences of foreseeable events, but resilience must be built into systems to help them quickly recover and adapt when adverse events do occur

Advancing Collaborative Water Governance: Unravelling Stakeholders' Relationships and Influences in Contentious River Basins

Collaborative water governance (CWG) has emerged as a promising framework to tackle water management challenges. Simple identification of participants however is not enough to unravel the intricacies of stakeholders’ interlinkages, roles and influences for robust CWG. A clear understanding of the stakeholders’ landscape is therefore required to underpin CWG. In this work, we combine stakeholder analysis (SA), social network analysis (SNA) and participatory processes (PP) under a theoretical collaborative governance framework to advance CWG in the contentious Rapel River Basin (RRB), Chile. By combining these techniques, we identified a cohort of leading (and secondary) stakeholders, their relationships and critical roles on basin-wide CWG-enabling networks (collaborative ties, information flows and financial exchanges) and their influence to achieve a shared vision for water planning. The results show members of this cohort perform critical roles (bridging, connecting and gatekeeping) across the networks and in influencing explicit elements of the shared vision. Specific CWG-enabling networks properties indicate a weak adaptive capacity of stakeholders to deal with potential water management challenges and strong prospects for sharing innovative ideas/solutions and achieving long-term water planning goals. A major CWG implementation challenge in the RRB is the lack of a leading organisation. One way forward would be formally organising stakeholders of the identified cohort to advance CWG in the RRB. By implementing the methodological framework, we facilitated social learning, fostered trust among stakeholders and mobilised efforts towards implementing CWG in practice in the contentious RRB

Using Twitter trust network for stock market analysis

Online social networks are now attracting a lot of attention not only from their users but also from researchers in various fields. Many researchers believe that the public mood or sentiment expressed in social media is related to financial markets. We propose to use trust among users as a filtering and amplifying mechanism for the social media to increase its correlation with financial data in the stock market. Therefore, we used the real stock market data as ground truth for our trust management system. We collected stock-related data (tweets) from Twitter, which is a very popular Micro-blogging forum, to see the correlation between the Twitter sentiment valence and abnormal stock returns for eight firms in the S&P 500. We developed a trust management framework to build a user-to-user trust network for Twitter users. Compared with existing works, in addition to analyzing and accumulating tweets’ sentiment, we take into account the source of tweets – their authors. Authors are differentiated by their power or reputation in the whole community, where power is determined by the user-to-user trust network. To validate our trust management system, we did the Pearson correlation test for an eight months period (the trading days from 01/01/2015 through 08/31/2015). Compared with treating all the authors equally important, or weighting them by their number of followers, our trust network based reputation mechanism can amplify the correlation between a specific firm’s Twitter sentiment valence and the firm’s stock abnormal returns. To further consider the possible auto-correlation property of abnormal stock returns, we constructed a linear regression model, which includes historical stock abnormal returns, to test the relation between the Twitter sentiment valence and abnormal stock returns. Again, our results showed that by using our trust network power based method to weight tweets, Twitter sentiment valence reflect abnormal stock returns better than treating all the authors equally important or weighting them by their number of followers

Exploring Sustainable Supply Chain Management: A Social Network Perspective

Purpose The implementation of sustainable supply chain management (SCM) calls for an acknowledgement of uncertainty inherent in complex environment. Confucianist society forms social networks in Confucianist society, called guanxi networks, influence economic behaviours and business practices in the workplace. The purpose of this study is to explore how these social networks influence the implementation of sustainable SCM. In doing so, this study aims to critically investigate the constructs of guanxi networks, their impact on flow of supply chain capital and how this leverages the implementation of sustainable SCM. Design/methodology/approach Two systematic literature reviews are conducted to understand the constructs of social networks in Confucianist culture and their impacts on the flow of supply chain capitals. The reviews also analyse evidence related to the economic, social and environmental practices to reveal the current state of the literature and research gaps. Propositions and a framework are developed to support future research in this area. Findings The constructs of ganqing, renqing, xinren and mianzi in guanxi networks have expanded the contexts of social networks in Western literature. Guanxi networks increase the flow of supply chain capital and generate trust between players, thus enhancing capabilities to implement sustainable SCM. Guanxi networks also create the mechanism of network governance with which to increase sustainable SCM implementation under the institutional logics of sustainability. Research limitations/implications The conceptual framework and justification are based on the reviews of current studies in the field. Future empirical study is encouraged to test the propositions, both in Confucianist culture and other countries with culture of social networks. Originality/value Social networks are socially constructed concepts. The constructs of guanxi networks revealed in this study have developed the knowledge of Western-based social network theory. Besides, arguments from a social network perspective provide an alternative answer to explain increased behavioural commitment and companies’ investment in sustainable SCM. This study helps practitioners understand the logic of this social norm and to use it to maximise their operation outputs, including sustainable SCM implementation

The Role Of Social Capital In Managing Relationships With eCommerce Suppliers

Contemporary E-Commerce solutions are often developed and delivered in inter-firm setups that involve various business partners. Being characterised by innovative, ill-structured tasks and using new technologies to develop new business models and services, E-Commerce projects and the subsequently resulting relationships with business partners are demanding and challenging to manage. Surprisingly, project and partner management issues in E-Commerce remain largely unaddressed. This paper takes an inter-firm perspective and addresses the social dimension of E-Commerce relationships. Social capital theory, referring to the value of social relationships and networks, is used to guide this research. Based on findings from case study research, different types and episodes of E-Commerce supplier relationships are distinguished, each calling for a different role of social capital as the basis for effective inter-firm collaboration. By applying social capital theory the study enhances the understanding of E-Commerce as a network-based business as well as the general understanding of the social aspects in relationship management, which to date is largely dominated by concepts like trust and culture. The paper presents a comprehensive framework of social capital in E-Commerce relationships and points out some management implications.

Cluster initiatives management

The cluster excellence and the ways of achieving it have become the main questions of scholars and practitioners in recent years. Despite the on-going debate there are still only a few studies that investigate cluster initiatives (CI) performance and management phenomena, identify the success factors underlying cluster initiatives management success and compare their influence. The objective of this study is to identify Critical Success Factors of cluster initiatives management. The proposed Analytic Hierarchy Process framework identifies the relative importance of different success factors to cluster initiative management and determines the key areas of activity and management focus. The AHP based interviews conducted among European cluster managers representing 19 cluster initiatives located in 10 countries allowed to identify the following Critical Success Factors: ‘Assuring sustainability of financing’, ‘Development of CI mission, vision, strategy and operational action plan’, ‘Integration building partnerships inside the CI, creation of interpersonal links, social networks, trust’ and ‘Development of cluster’s critical mass and management of partners’ complementarities and interdependencies’. Their joint importance for cluster initiative management success reached 40%, while the remaining 60% was distributed among 16 other factors