slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Open Reputation Systems PowerPoint Presentation
Download Presentation
Open Reputation Systems

Loading in 2 Seconds...

play fullscreen
1 / 16

Open Reputation Systems - PowerPoint PPT Presentation


  • 112 Views
  • Uploaded on

Open Reputation Systems. Overview. OASIS ORMS (Open Reputation Management Systems) introduction Use cases, requirements and model ENISA Paper on Security Issues in Reputation Systems Some thoughts on reputation standardisation. OASIS - ORMS. Goal: Definition of a portable reputation format

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Open Reputation Systems' - faunus


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
overview
Overview
  • OASIS ORMS (Open Reputation Management Systems) introduction
  • Use cases, requirements and model
  • ENISA Paper on Security Issues in Reputation Systems
  • Some thoughts on reputation standardisation
oasis orms
OASIS - ORMS
  • Goal: Definition of a portable reputation format
  • Process:
    • Use-case definition for reputation management
    • Reference/standard model
      • Flexible reputation data model
      • Framework and protocol/s for exchanging and porting reputation data (SAML/IDP based)
      • Evaluation algorithms for mapping reputation to risk / risk levels
      • Support for privacy, multiple identities, identity resolution
use cases 1
Use-cases 1
  • Seller reputation
  • Peer-to-peer
  • Key management
  • Anti-spam/IP reputation
use cases 2
Use-cases 2
  • Content filtering
  • Avatar Reputation
  • Social Network Peer Reputation
  • Unified Communications (IM, SPIT/SPIM etc…)
reputation is an aggregation of opinions about an assertion
Reputation is an aggregation of opinions about an assertion

Assertion – Bob is a bad husband

Assertion – Bob is a good laptop seller

Score 0.2 – i.e. He is not a good laptop seller

Score 1 – i.e. He IS a bad husband

slide10

The anatomy of reputation – personal view

Assertion – Bob is a good laptop seller

reputation thoughts
Reputation Thoughts
  • If reputation is an aggregated opinion about an assertion – why not integrate with SAML and IDP infrastructure?
  • Reputation votes should be separated from the algorithm used to compute it
    • Mean score
    • 2nd order reputation
    • Reputation Context

=> Same vote set can be interpreted differently

reputation thoughts1
Reputation Thoughts
  • Model must allow for so-called 2nd order reputations (scores which take into account the reputation of the voter)
  • Rating context should be taken into account – time/date, authentication method/token etc...
security of reputation systems
Security of Reputation Systems
  • ENISA paper – a security analysis of reputation systems

http://enisarep.notlong.com

typical security vulnerabilities need to be addressed
Typical security vulnerabilities need to be addressed:
  • Collusion–voters agree to target a victim
  • Denial of reputation – campaigns against an individual
  • Whitewashing (cancelling a bad reputation)
  • Sybil attacks (creating multiple identities to vote – e.g. Ebay 1 cent items voted on by seller)
take home messages
Take home messages
  • ORMS is working towards a global portable reputation standards.
  • Reputation is just another kind of assertion
  • Importance of including features like authentication, privacy, 2nd order reputation
  • Importance of addressing security issues.