Network Reputation System And Its Controlling Method Thereof

Info

Publication number: 20130024693
Type: Application
Filed: Sep 14, 2012
Publication Date: Jan 24, 2013
Applicant: Industrial Technology Research Institute (Hsinchu)
Inventors: Shin-Yan Chiou (Hsinchu), Shih-Ying Chang (Hsinchu), Ghita Mezzour (Pittsburgh, PA), Adrian Perrig (Pittsburgh, PA), Hung-Min Sun (Hsinchu)
Application Number: 13/619,934

Abstract

A network reputation system and its controlling method are provided. A credential and exchange component permits a user to generate credentials and exchange matching items with those persons having a social relationship with the user. A reputation evaluation component enables other users to make evaluations about an estimatee via the sharing of social network information. A query and response component receives a query from a person having a social relationship with the user for requesting an evaluation about the estimatee, and responds with an associated evaluation result to the person having a social relationship with the user, via the sharing of social network information and the evaluations made by the other users about the estimatee.

Description

Description

CROSS-REFERENCES TO RELATED APPLICATIONS

This is a division of U.S. application Ser. No. 12/411,396, filed Mar. 26, 2009, which claims the benefit of U.S. Provisional Application No. 61/150,324, filed Feb. 6, 2009, which is incorporated by reference.

FIELD

The disclosure generally relates to a network reputation system and its controlling method thereof.

BACKGROUND

The Internet has transformed the world into a global marketplace. For example, a person anywhere in the world may buy or sell goods to anyone else. Given such convenience, online applications such as auctions, multi-player games and social networks engender a huge potential market and consequently attract a lot of attention. Unfortunately, malicious behavior, such as account hijacking and non-delivery of goods in online auctions, introduces risks.

To prevent such risks, online applications employ reputation systems that rely on user-assigned scores to judge on other users' legitimate behavior. For example, a buyer in an online auction system may use the seller's score of the reputation system to judge whether the seller is trustworthy. However, a serious problem of existing reputation systems is the simplicity to create a highly trustworthy score by a seller himself or a seller's friend, or vice versa, create an untrustworthy score for a competitor. Since adversaries may apply several accounts to complete several faked transactions, foiling existing reputation systems is often straightforward.

Many approaches for addressing these challenges have been discussed. For example, Zhang et al. and Pandit et al. use a transaction network model to analyze auction fraud. In their model, they establish an undirected transaction graph where each node denotes a registered user and each edge indicates a completed transaction between the two users. By cooperating with other mathematical models and algorithms, they may identify potentially fraudulent users. Kuo et al. use reputation network constructed from buyer's feedbacks to identify fraudulent users.

Pujol et al. and Sabater et al. extract reputation by means of social network. Also, Hogg et al. summarize the reputation systems constructed via online social network. The online social network is automatically constructed from any observable internet interaction, such as the referred web links and emails in the homepages, and the relationships established in the social networking websites (e.g., facebook). These online relationships contribute online social network. This type of reputation system may enhance the effectiveness of the rating. Swamynathan et al. also shows that this type of reputation system is more trustful and satisfied than feedback reputation systems. Besides that, the notion to evaluate a user using social network may be applicable to other applications, such as Voice over IP (VoIP), Internet Message (IM), peer to Peer (P2P) and Reliable Email (RE). RE proposed by Freeman et al. considers privacy issue.

Although reputation systems have been proposed for solving these problems, most reputation systems in applications are still unreliable. Reputation systems also poses some privacy problems. For example, they may reveal private information of users. They would not achieve real reliability or being trustworthy if the online social relationship is not related to personal social relationship. Also, a forging problem may be occurred if an online social relationship is also not cryptographically verifiable. On the other hand, most of these systems reveal private personal information.

Social network represents relationships within a community. Several types of social network may be established according to different social relationship such as kinship, friendship, cooperation, etc.

Recently, research on private matching receives a lot of attention and several schemes and applications are proposed. Assuming there are two databases A and B, one query Q∈A and one matching protocol computes P=Q∩B. The scheme is secure and preserving privacy if it satisfies the following requirements. (1) Privacy: Each party can know only P and it's input to the matching protocol. Except for this information, each party learns nothing. (2) Non-spoofable: Items in A and B are really authorized by item owners. This means that the user may make query Q only if the owners of these items authorize and give the user these items. In other words, the user can not generate the queried items without authorization of the item owners. Besides that, the user should have some proofs to demonstrate that the item owner authorizes the user.

In Hash Protocol (HP), a person, who wants to query the common items in the other's database, computes hash values of items in his own database. Then he and the target exchange these hash values. By this way, they may find the common items without revealing the information of the un-matched items. On the other hand, Agrawal et al. proposed AgES which uses commutative encryption to achieve private matching. Freedman et al. proposed a polynomial-based private matching scheme. They use the property of homomorphic encryption to achieve privacy. A variant of their scheme, set cardinality private matching, let databases A know only the cardinality of Q∩B, but the actual items in this set. After that, Kissner and Song extend FNP scheme to support more functionality. HP, AgES and Freedman et al's schemes are categorized to asymmetric exchange of information, different from symmetric exchange which both parties know the same information in the protocols.

Besides those, Li et al. proposed Data Ownership Certificate (DoC) to ensure non-spoofable. If the user does not obtain the item and the corresponding DoC, he can not make the query and convince the other.

SUMMARY

The exemplary embodiments of disclosure may provide a network reputation system and its controlling method thereof.

- An exemplary embodiment relates to a network reputation system. The network reputation system is in conjunction with one or more estimator's social networks and one estimatee's reputation network, which may comprise: an application server producing master social network information of a user via a social network, the master social network information including a personal identity of said user, a service identity that said user registers with said application server, and a matching key of said user; a credential generation and exchange unit for generating, sharing and exchanging social network information of said user with other users having a social relationship with said user over said social network, the exchanged social network information being generated through conversion of said master social network information and including a matching item computed from a cryptographic hash function of said matching key by a computer of said user; a reputation evaluation unit for sending an evaluation submitted by said user about an estimatee to said application server, said evaluation including an evaluation value evaluated by said user about said estimatee, a service identifier of said estimatee and said matching item of said user; and a query and response unit for sending a request by one of said other users having said social relationship with said user to said application server for the evaluation about said estimatee, the request utilizing a private matching scheme derived from said matching item of said user, wherein said application server generates an evaluation result derived from said request, said matching item of said user, said evaluation value evaluated by said user, said private matching scheme, and the evaluation submitted by said user about said estimatee, replies to said one of said other users with said evaluation result about said estimatee through said query and response unit, and said one of said other users obtains said evaluation value evaluated by said user from said evaluation result by using said matching item of said user.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows an exemplary reputation system model in a privacy preserving fashion, consistent with certain disclosed embodiments of the disclosure.

FIG. 2 shows an exemplary communication flow of the four phases, consistent with certain disclosed embodiments of the disclosure.

FIG. 3 shows an exemplary communication flow of a controlling method for a network reputation system, consistent with certain disclosed embodiments of the disclosure.

FIG. 4 shows exemplary master social network information for a user in phase 1, consistent with certain disclosed embodiments of the disclosure.

FIG. 5 shows an exemplary matching item exchange in phase 2, consistent with certain disclosed embodiments of the disclosure.

FIG. 6 shows an exemplary provable evaluation in phase 3, consistent with certain disclosed embodiments of the disclosure.

FIG. 7 shows exemplary query and respond in phase 4, consistent with certain disclosed embodiments of the disclosure.

FIG. 8 shows an exemplary schematic view of a protocol running in four phases for estimatee U_S, consistent with certain disclosed embodiments of the disclosure.

FIG. 9 shows an exemplary communication flow of the first working example, consistent with certain disclosed embodiments of the disclosure.

FIG. 10 shows an exemplary communication flow of the second working example, consistent with certain disclosed embodiments of the disclosure.

FIG. 11 shows an exemplary communication flow of the third working example, consistent with certain disclosed embodiments of the disclosure.

FIG. 12 shows an exemplary network reputation system, consistent with certain disclosed embodiments of the disclosure.

FIG. 13 illustrates an exemplary simulation result on probability of matching for different average number of friends for a one estimator, average number of reputing users for a one estimate, and number of users in the system, consistent with certain disclosed embodiments of the disclosure.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

The disclosed exemplary embodiments may provide a network reputation system and its controlling method thereof, which uses at least a social network model on a transaction model to prevent reputation fraud. A user may judge an estimatee by the scores given by the user's personal social network. The present techniques may enable users to recognize evaluations submitted by their friends as these are more trustworthy. The mechanisms may preserve the privacy of the friendship relationships from the website, and the privacy of the mapping between the real identity of a user and her online identity from other users including her friends. For example, the present techniques may apply private matching methodologies in the system to prevent the disclosure of private social relationships.

In the disclosure, some assumptions are made, for example, assume that the estimator (say E) is part of a social network modeled as a graph G=(V, E), where the vertices V denote the users of the system, and E denotes the relationships of the users. A user trusts all her contacts. Social network represents relationships within a community. Several types of social network may be established according to different social relationship, such as kinship, friendship, cooperation, etc. In the reputation system, social network may be built according to aforementioned relationships except trading relationship. The trading relationship is employed to build another network, which is called reputation network.

FIG. 1 shows an exemplary reputation system model in a privacy preserving fashion, consistent with certain disclosed embodiments of the disclosure. As shown in FIG. 1, a social network may be established according to different social relationship of the estimator, i.e. the estimator's social network 110. And, a reputation network is employed, i.e. the estimatee's reputation network 120, in the reputation system model. There are some common items, such as item A and item B, between the estimator and the estimatee. According to the disclosure, every estimator in the reputation system model recognizes evaluations in a privacy preserving fashion. The network reputation system of the disclosure may be implemented in conjunction with one or more social networks and at least a computer-readable medium.

In the disclosure, it also assumes that the existence of an application server (AS) to which users register using a service identifier (SID). Online auction websites such as E-BAY and YAHOO, and online gaming sites may play the role of such an application server. The application server maintains for each dealer, the evaluations that the users submitted for her. Every user in the network owns a secret-public key pair (SK, PK). It also assumes the existence of secure and authenticated channels between a user and her friends, and between a user and an application server. However, it is not necessary to assume that the existence of a global public key infrastructure (PKI).

The disclosed exemplary embodiments of the disclosure enable an estimator to recognize evaluations that were submitted for the estimatee to the application server by her friends, in a privacy preserving fashion as illustrated in FIG. 1. More specifically, when the disclosed exemplary embodiments are employed, at least the following three desired properties may be achieved. (1) Authenticity of the evaluations. The evaluations appearing to the estimator as submitted by one of her connections should indeed be submitted by one of her connections. In other words, it should not be possible to forge the origin of a review. (2) Privacy of the social relationships, such as friendship, from the application server. The application server learns no information about the social relationships of users. (3) Privacy of the mapping between the real identity and the online identity of users. The mapping between the real identity of a user and her online identity is protected from other users. For simplicity, the social relationship in the followings will take friendship as an example for explanation.

In order to satisfy the desired properties, the protocol according to the disclosure applies asymmetric HP to protect privacy due to its efficiency and security. The protocol runs in four phases, i.e. Initialization (Phase 1), Credential Exchange (Phase 2), Reputation Evaluation (Phase 3), and Query and Response (Phase 4). FIG. 2 shows an exemplary communication flow of the four phases, consistent with certain disclosed embodiments of the disclosure. Referring to FIG. 2, during the first two phases, estimator or users generate credentials and exchange matching items with trustworthy persons, such as their friends. The third phase runs when a user wants to submit a review about some other user. The last phase enables an estimator to authenticate evaluations submitted by the trustworthy persons, such as her friends, about some estimatee.

To run the four phases under a network reputation system, an exemplary embodiment of its controlling method may be illustrated as in FIG. 3. FIG. 3 shows an exemplary communication flow of a controlling method for a network reputation system, consistent with certain disclosed embodiments of the disclosure. An exemplary reputation system model may be illustrated as in FIG. 1. In the exemplary communication flow shown in FIG. 3, a user produces master social network information via the user's social network (step 310). The user shares social network information with at least one friend through the conversion of the master social network information (step 320). The user makes an evaluation about an estimatee via the social network information (step 330). The at least one friend requests an application server for the evaluation about an estimatee (step 340). The application server replies to the at least one friend with the evaluation about the estimatee, at least including the evaluation value evaluated by the user (step 350). For example, the application server may reply to the at least one friend with the evaluation information evaluated by the user and some others, or all the evaluation information related to the estimatee.

In step 340, the request for the evaluation about the estimatee may be derived from a formula P of social private matching query, which may utilize the social network information in the reputation system model. In addition, the application server may be requested to reply to the evaluation with signature thereon. In step 350, the replied evaluation of the estimatee from the application sever may be obtained from another formula Q of social private matching response, which may utilize the formula P. Moreover, all of the replied evaluation of the estimatee from the application sever may have signature thereon. The followings describe detailed operations for each phase under a reputation system on networks, consistent with certain disclosed embodiments of the disclosure.

In phase 1 (Initialization), each user produces his/her own parameters (i.e. master social network information). For the example shown in FIG. 4 , user U may produce parameters pid, sid, pk, sk, and mk, where pid, the personal ID of user U, may be the name or nickname by which user U is recognized by her friends. sid, the service ID, may be the ID by which user U registered in the application server. (pk, sk) is a pair of public-private keys. Matching key mk is a random value chosen by the user U. The user U also computes an item to be used as a matching item. The item may be computed in different manners. For example, item=Hash(sid∥mk), or item=Hash(pid|mk), or item=Hash(mk), or item=mk, where ∥ denotes concatenation and Hash(.) is a cryptographic hash function. In practice, these parameters may be generated through a downloadable application.

In phase 2 (Credential Exchange), each user sends a triple to each of her friends via a secure and authenticated channel. For example, user U sends the triple <pid, pk, item> to each of her friends via a secure and authenticated channel. In practice, the credentials may be exchanged via secure email, Bluetooth, SMS, etc. For the exemplary matching item exchange shown in FIG. 5, the triples of user U (say Andy) and her friend (say Fran) have been exchanged with each other via a secure and authenticated channel. In other words, the triple <pid_Andy, pk_Andy, item_Andy> in the master social network information for Andy is exchanged with the triple <pid_Fran, pk_Fran, item_Fran> in the master social network information for Fran in a private fashion.

In phase 3 (Reputation Evaluation), assume a user U_J had a transaction with a user U_S, and wants to submit an evaluation about the user U_S to the application server. User U_J sends the evaluation triple <sid_S, item_J, Evalu_S_J> to the application server, where Evalu_S_J=sid_S∥scr_S_J∥Sig_sk_J(E_Digst), Sig_sk_J denotes signature using signing key sk_J, E_Digst is defined as a hash function of (sid_S∥item_J∥scr_S_J), and scr_S_J is the score from user U_J to user U_S. FIG. 6 shows an exemplary provable evaluation, consistent with certain disclosed embodiments of the disclosure. Wherein, user U_J (say Buyer Fran) has a transaction with user U_S (say Seller Simon), and sends the evaluation Evalu_Simon_Fran about the user U_S (Seller Simon) to the application server through an auction website. Note that item_J is not included in Evalu_S_J for privacy. The estimator may retrieve item_J form its own database if he is a friend of user U_J. Then, the application server stores the evaluation triple <sid_S, item_J, Evalu_S_J> in the database.

Phase 4 (Query and Response) runs when an estimator U_I wants to recognize the evaluations submitted to the application server by her friends about an estimatee U_S. Assume estimator U_I has a set X={x_—1, x_2, . . . , x_ki}, where x_—is an item received by estimator U_I from one of her friends during phase 2, and application server has a set Y={y_—1, y_—2, . . . , y_ks} where y_—is the item of one of the users that submitted an evaluation for user U_S. Note that X is a set of 1-distance items. In other words, the holder of the items is a friend of estimator U_I.

In phase 4, the communication flow between estimator U_I and the application server may include the following steps. (1) User U_I sends a query concatenated with sid_I (service ID) to the application server to request the evaluation submitted to the application server by the friends of User U_I about the estimatee U_S. (2) The application server computes an encryption function H, for example, H may be the concatenation of a plurality of Hash functions, such as H=h_—1∥h_—2∥ . . . ∥h_ks, where h_I=Hash(y_I), 1≦I≦ks. (3) The application server sends the encryption function H concatenated with a plurality of the evaluations back to the estimator U_I.

For example, the produced evaluation sent from the application server may be defined as follows.

H∥Evalu_S_—1∥Evalu_S_—2∥ . . . ∥Evalu_S_ks

By using it, only the person who owns/knows the item y_I can decrypt the value Evalu_S_I and know the score inside Evalu_S_I. (4) Estimator U_I compares Hash(x_J), 1≦J≦ki, with h_L, 1≦L≦ks. If h_M is matched, estimator U_I verifies the associated Evalu_S_M by using the public key pk_M which is obtained in phase 2. As a result, estimator U_I learns the scores given by his/her friend and then makes a further decision. However, if none is matched, it means estimator U_I has no friend who has estimation on estimatee U_S. In this case, estimator U_I may learn the scores in Evalu_S_S although it may not be trustworthy.

In other words, evaluation result about the estimatee may be obtained via a concatenation of a plurality of parameters, at least including a service identity of the estimatee, an authentication from other users, and a score evaluated by other users on the estimatee. In addition, the authentication may be through a channel of using signing key with an encrypted function, such as hash function, of the service identity of the estimatee, each matching item of each of other users and the score evaluated by the other users on the estimatee.

FIG. 7 shows exemplary query and respond in phase 4, consistent with certain disclosed embodiments of the disclosure. Wherein, user U_J (say Andy) wants to recognize the evaluation Evalu_Simon_Fran submitted to the application server by her friend (say Buyer Fran) about the estimatee U_S (say Seller Simon).

According to the disclosure, some schema may be taken to increase the matching rate in the protocol of the disclosed exemplary embodiments. One exemplary scheme is to accept more social relationships. If more social relationships are expanded, then there are more items for matching. For example, people working in the same organization may exchange their items. Then, the matching rate may be increased. Another exemplary scheme is to use the items having greater distance. Since the estimator has more items for matching, the matching rate obviously increases.

FIG. 8 shows an exemplary schematic view of a protocol running in the above-identified four phases for estimatee U_S, consistent with certain disclosed embodiments of the disclosure. At first, each user U may produce her/his own parameters pid, sid, pk, sk and mk, and has an associated item. Then, the credentials for both two users, such as user U_I and user U_J, may be exchanged. For example, triple <pid_I, pk_I, item_I> and triple <pid_J, pk_J, item_J> are exchanged via a secure and authenticated channel, marked as 820. Assume that user U_J had a transaction with a user U_S, and wants to submit an evaluation about the user U_S to the application server. After evaluation computation 830a, user U_J sends the evaluation triple <sid_S, item_J, Evalu_S_J> to the application server, marked as 830b. When user U_I (estimator) wants to recognize the evaluations submitted to the application server about the user U_S (estimatee), user U_I may send a query with service ID to the application server, marked as 840a. The application server may compute an encryption function H (marked as 840) and send the encryption function H concatenated with a plurality of the evaluations back to the estimator U_I, marked as 840b. After the verification (marked as 850a) for the evaluation result sent by the application server, user U_I may make a further decision, marked as 850b.

In practice, estimator U_I may upload the request and download the result via an application connecting to the server. The FNP scheme disclosed in “Efficient Private Matching and Set Intersection” may be chosen over the other private matching protocols because of its flexibility and extensibility. The extension schemes will be discussed in the followings.

The disclosure may be extended to achieving more features. For example, the first feature is the disclosure may provide variants of private matching algorithm to protect some privacy-sensitive transaction, such as set cardinality private matching which let a user know only the number, instead of who, of his/her friends that had reputation on estimatee U_S. In this case, the application server does not send encrypted Evalu_S_I to estimator U_I for protecting the privacy of the items those link identities.

The second feature is the disclosure may provide query by using n-distance items. For example, n=2, i.e., if the estimator is a friend's friend, it is possible to match his/her reputation record without revealing any private information. For example, assume Andy's friend F receives the item FF (i.e. the item B in FIG. 1) and the public key pk_FF from F's friend FF, whom Andy does not know before. F may just send Andy the item FF and the public key pk_FF from FF without telling Andy who FF is. Therefore, Andy may use item FF and key pk_FF to match FF's reputation record without revealing any private relationship between F and FF. This may be done in Phase 2. However, if FF is Andy's friend, then Andy will know F and FF are friends.

In the real world, the strength of relationship may not be estimated by just “YES” or “NO”, that means having relationship or not. Different relationships may give different weights, which denote the strength of trust. For example, kinship often has higher weight than friendship. Of course, users may be able to decide the weights.

The third feature is the disclosure may provide group-based matching. One may choose to generate two or more items and send one or more of these items to their different friends. The items may be for public, group, personal or private usage which is used in different purposes depending on how private they are or how public they are desired to be revealed. For example, for trades for public use and trades for private use, different items may be used. This may prevent private transaction information from disclosing to unclose friends such as co-workers.

The followings give some working examples to illustrate the controlling method for a network reputation system of the disclosure.

The first working example may be described as follows. (1) User B's friend or friend's friend A makes an evaluation about an estimatee S. (2) User B derives a formula P by using the social network information of A. (3) User B requests an application server for the evaluation about estimatee S made by A. (4) Through the social network information of A, user B gets the evaluation about the estimatee S from the application server, and verifies its correctness. FIG. 9 shows an exemplary communication flow of the first working example, consistent with certain disclosed embodiments of the disclosure.

Referring to FIG. 9, the exemplary communication flow may comprise the following steps. (1) building a master social network information for a user A (step 910); (2) producing the social network information of user A through the conversion of the master social network information (step 920); (3) making an evaluation about an estimatee S to compute an evaluation value Evalu_S_A, then sending the evaluation value Evalu_S_A to an application server (step 930); (4) sharing the social network information of user A with a friend B (step 940); (5) the friend B deriving a formula P by using the social network information of user A, and requesting the application server for the evaluation about the estimatee S by using the formula P (step 950); (6) the application server replying to the friend B with another derived formula Q according to the formula P, the evaluation value Evalu_S_A and other evaluation values Evalu_S_I, where user I is different from user A (step 960); and (7) the friend B learning the evaluation value Evalu_S_A through the formula Q (step 970).

In the communication protocol of the first working example, such as private matching scheme may be used to achieve the privacy preserving for both user identity and social network information. It may also use a way of signature to achieve the authentication. In other words, private matching and signature are bounded together in the communication protocol.

The first working example gives some features, such as (1) friend B may learn the evaluation value submitted to the application server by only the user A about the estimatee S, but may not learn the evaluation value about the estimatee S from others, this will protect other strangers' privacy; (2) the application server learns nothing about the social network of user A or friend B, therefore, the application server learns nothing about the relationship between user A and friend B; (3) friend B may verify the correctness of the evaluation value Evalu_S_A via the formula Q and the social network information, and guarantee the contents of the evaluation value not being changed; and (4) no one may forge any data successfully.

The second working example may be described as follows. (1) User B's friend or friend's friend A makes an evaluation about an estimatee S. (2) User B requests an application server for the evaluation of the estimatee S made by A. (3) The application server replies with all evaluations about the estimatee S. (4) User B gets the evaluation about the estimatee S from the application server by using A's social network information, and verifies its correctness. FIG. 10 shows an exemplary communication flow of the second working example, consistent with certain disclosed embodiments of the disclosure.

Referring to FIG. 10, the exemplary communication flow may comprise the steps 910-940 and the following steps 1050-1070. Step 1050 is that the friend B requests the application server for the evaluation about the estimatee. Step 1060 is that the application server replies to the friend B with the evaluation value Evalu_S_A and other evaluation values Evalu_S_I, where user I is different from user A. Step 1070 is that the friend B learns the evaluation value Evalu_S_A through user A's social network information, the evaluation value Evalu_S_A and other evaluation values Evalu_S_I.

In the communication protocol of the second working example, such as sharing bridge identity may be used to achieve the privacy preserving for user identity. It may also use a way of signature to achieve the authentication. The application server may sends (Bridge ID, Signature)/Bridge ID contained in the entire or partial evaluation values to friend B to protect the privacy of social information. In practice, some designs may be employed as follows, during the initialization, the evaluation submission and the evaluation retrieval. (1) During the initialization, a user may use a pseudonym to register at the review site. When exchange credentials with friends, the user may use real name, and the public keys are exchanged with and only given to friends. However, a Bridge ID for the user may be given to both the review site and friends. (2) During the evaluation submission, a user may submit a signed evaluation to the review site after a transaction with a seller. The review site may store the signed evaluation. (3) During the evaluation retrieval, a user may retrieve all evaluations about the seller when considering a transaction with the seller, and distinguish reviews by friends. The privacy of friendship relationships may be preserved through the Bridge ID.

The second working example gives some features, such as (1) friend B may learn all the evaluation values submitted to the application server about the estimatee S, and the contents of the evaluation values may also be encrypted by their own private keys inside their own social network information; (2) the application server learns nothing about the social network of user A or friend B, and this will protect the user A's privacy and friend B's privacy; and (3) friend B may verify the correctness of the evaluation value Evalu_S_A via the social network information, and guarantee the contents of the evaluation value not being changed.

Compared with the second working example, the major feature of the third working example is that before the step 1050, friend B builds or adds a personal social group SG_B via A's social network information, and allows the application server learn the social group SG_B. FIG. 11 shows an exemplary communication flow of the third working example, consistent with certain disclosed embodiments of the disclosure.

Referring to FIG. 11, the exemplary communication flow may comprise the steps 910-940, step 1150, step 1050, and step 1160. In step 1150, friend B builds or adds a personal social group SG_B via A's social network information, and allows the application server to learn the social group SG_B. Step 1160 is that the application server computes the evaluation about S through the social group SG_B, the evaluation value Evalu_S_A and other evaluation values Evalu_S_I, then replies to friend B with the evaluation result. In the third working example, the application server computes the evaluation about S made by the social group SG_B. Therefore, the privacy of the personal ID of users may be protected, which makes a user learn whether his/her friends had reputation only if the friends make him/her the same group.

Continuing now with an exemplary network reputation system by implementing the network reputation system in conjunction with one or more estimator's social networks and one estimatee's reputation network like any of those discussed above, the network reputation system may comprise a credential exchange component 1201, a reputation evaluation component 1203 and a query and response component 1205, as shown in FIG. 12. Credential exchange component 1201 permits a user to generate credential exchange matching items with those persons having a social relationship with the user. The credential exchange matching items may be generated via a secure and authenticated channel. Reputation evaluation component 1203 enables other users having a transaction with an estimatee to make evaluations about the estimatee via the sharing of social network information. Query and response component 1205 is capable of receiving a query from one person of having a social relationship with the user for requesting an evaluation about the estimatee, and responding with an associated evaluation result to the person having a social relationship with the user via the sharing of social network information and the evaluations made by the other users about the estimatee.

The query may be further sent to an application server via query and response component 1205, and the associated evaluation result may be also generated by the application server then sent to the person via query and response component 1205.

The exemplary communication protocol depicted in the first working example of FIG. 9, i.e. private matching and signature are bounded together to achieve privacy preserving and data authentication, may be employed in the network reputation system. Another exemplary communication protocol depicted in the second working example of FIG. 10, i.e. sharing bridge identity and a way of signature to respectively achieve privacy preserving and data authentication, may also be employed in the network reputation system. In addition, the exemplary communication protocol depicted in the third working example of FIG. 11, i.e. server matching to achieve data authentication, may be employed in the network reputation system.

The network reputation system may be embodied in a reputation system model such as depicted in FIG. 1 and in conjunction with one or more computer-readable medium. The disclosed exemplary embodiments of the disclosure may be applicable to many different scenarios like Internet auctions, online games, social networks, etc. And, the exemplary embodiments of the disclosure may be partially or wholly implemented on one or more computer-readable medium having computer-executable instructions for running the four phases of Initialization, Credential Exchange, Reputation Evaluation, and Query and Response.

For estimating the performance of the disclosure, a simulation is performed by using maplesoft in the 2Gmhz-CPU with 1G-RAN PC environment. FIG. 13 illustrates an exemplary simulation result on probability of matching for different average number of friends for a single estimator (f), average number of reputing users for a single estimatee (t), and number of users in the system (N), consistent with certain disclosed embodiments of the disclosure. The result shows that the disclosed network reputation system of the disclosure may practically work if t and f are reasonably large. It also shows that the query for 2-distance items may highly increase the probability of matching since the number of friends becomes almost f×f.

In summary, the exemplary disclosed embodiments of the disclosure provide a trustable network reputation system and its controlling method thereof, which may enable users to recognize evaluations submitted by those persons having social relationships with the users. The disclosure may preserve the privacy of the social relationships from the website and the privacy of the mapping between the real identity of a user and her online identity from other users including her friends.

Although the disclosure has been described with reference to the exemplary disclosed embodiments, it will be understood that the invention is not limited to the details described thereof. Various substitutions and modifications have been suggested in the foregoing description, and others will occur to those of ordinary skill in the art. Therefore, all such substitutions and modifications are intended to be embraced within the scope of the invention as defined in the appended claims.

Claims

1. A network reputation system, comprising:

an application server producing master social network information of a user via a social network, the master social network information including a personal identity of said user, a service identity that said user registers with said application server, and a matching key of said user;

a credential generation and exchange unit for generating, sharing and exchanging social network information of said user with other users having a social relationship with said user over said social network, the exchanged social network information being generated through conversion of said master social network information and including a matching item computed from a cryptographic hash function of said matching key by a computer of said user;

a reputation evaluation unit for sending an evaluation submitted by said user about an estimatee to said application server, said evaluation including an evaluation value evaluated by said user about said estimatee, a service identifier of said estimatee and said matching item of said user; and

a query and response unit for sending a request by one of said other users having said social relationship with said user to said application server for the evaluation about said estimatee, the request utilizing a private matching scheme derived from said matching item of said user,

wherein said application server generates an evaluation result derived from said request, said matching item of said user, said evaluation value evaluated by said user, said private matching scheme, and the evaluation submitted by said user about said estimatee, replies to said one of said other users with said evaluation result about said estimatee through said query and response unit, and said one of said other users obtains said evaluation value evaluated by said user from said evaluation result by using said matching item of said user.

2. The network reputation system as claimed in claim 1, wherein said master social network information further includes a public key of said user, and a private key of said user.

3. The network reputation system as claimed in claim 2, wherein the evaluation value of said user inside said evaluation result is verified by the public key of said user.

4. The network reputation system as claimed in claim 1, wherein said matching key is a random value chosen by said user.

5. The network reputation system as claimed in claim 1, wherein said evaluation result about said estimatee is further derived from evaluation values evaluated by one or more said other users.

6. The network reputation system as claimed in claim 5, wherein each of said user and the one or more said other users has respective social network information in said master social network information and a private key inside the respective social network information, and the evaluation values evaluated by said user and the one or more said other users are encrypted by their respective private keys inside their respective social network information.

7. The network reputation system as claimed in claim 6, wherein said evaluation result about said estimatee is a concatenation of a plurality of parameters including the service identity of said estimatee, authentication of said user and the one or more said other users, and scores evaluated on said estimatee by said user and the one or more said other users.

8. The network reputation system as claimed in claim 1, wherein the network reputation system is associated with more than one social network.

9. The network reputation system as claimed in claim 1, wherein the private matching scheme is selected from HP, AgES or FNP scheme.

10. The network reputation system as claimed in claim 1, wherein a communication protocol with private matching and signature bounded together to achieve user identity's privacy preserving and data authentication is used in said network reputation system.

11. The network reputation system as claimed in claim 1, wherein a communication protocol with a sharing bridge identity and a way of signature to respectively achieve user identity's privacy preserving and data authentication is used in said network reputation system.

12. The network reputation system as claimed in claim 1, wherein a communication protocol with server matching to achieve data authentication is used in said network reputation system.

13. The network reputation system as claimed in claim 1, wherein said social network information is chosen from a group of personal identities of said user, a public key of said user and said matching item of said user.

14. The network reputation system as claimed in claim 1, wherein the private matching scheme is a set cardinality private matching.