Since its inception in the early 1990s, e-commerce in consumer-to-consumer (C2C) markets has
achieved great success, with significant projected growth. For example, the Internet auction provider,
eBay, has established itself as the largest global player in this market, with $34.2 billion worth of
merchandise being auctioned in 2004 and 135 million registered users in 32 markets worldwide. The
C2C domain, analogous to its conventional physical marketplace equivalent, is built on trust. Buyers
send payments to complete strangers from whom they have purchased goods and trust that the goods
will be sent in return. Sellers trust buyers to make good on their payments. All users risk loss, both
financial and of their time. Users establish reputations about their trustworthiness through an
integrated feedback collection and distribution system, i.e., a reputation management system. Thus,
an online marketplace approximates its traditional predecessors as a system in which the human
concepts of trust, risk, and reputation are critical to performance.
The apparent benefits of interacting in such a strongly-networked global market are accompanied by
innovative adaptations of traditional hazards. The Internet, while connecting disparate user groups to
increase transaction potential and shared knowledge about the marketplace, also permits user
anonymity and transactional intangibility, which can lead to fraud, theft, and collusion. Reputation
management systems attempt to limit incorrect behaviour and to assist decision making by providing
records of feedback about interactions, called recommendations, for each community participant.
These systems are not without their own limitations. First, commercial reputation management
systems typically promote usability over accurate evidentiary analysis, meaning that data which could
be extremely useful to decision-making is disregarded by the evidence collection mechanism so that
ease-of-use is maintained for community members when they are voluntarily providing feedback.
This first issue leads directly to the second, which is inaccurate evidentiary analysis with regard to
regard, trustworthiness is usually linked solely to the overall number of positive recommendations
about a user, regardless of the interaction context being considered. Third, the dynamics of user
interactions are not addressed, and interaction dynamics in such an evidence-rich environment are
difficult, if not impossible, for an average user to manually detect. Without the ability to analyse
interaction dynamics, the fourth and fifth issues arise, namely that the analysis of whether or not a
user provides useful and accurate recommendations about another user or whether or not a group of
users are colluding with malicious intent are both difficult to observe. Sixth, risk is not explicitly
calculated by the reputation system, and may not be assessed by the user at all. Seventh, and finally, a
reputation is often no more than an overall summary of a collection of thousands of individual
recommendations rather than an explicit portrayal of the trust and risk involved in a context-specific
interaction. This thesis describes a trust-based reputation management system (RMS) that addresses each of the
above issues. The system resolves the ease-of-use versus accuracy problem by maintaining usability
but with enhanced collection and analysis of evidence with regard to domain-specific behaviour.
Furthermore, the system provides increased accuracy of evidentiary analysis with regard to context by
assessing evidence in terms of role, timeliness, and environment. Interaction dynamics are also
considered in the system’s decision-making process, thus providing for the ability to limit exposure to
risk from unreliable recommendations as well as the ability to assess the likelihood of colluding
behaviour. The risk of an interaction resulting in malicious behaviour is explicitly analysed and stated
to the user. Finally, the reputation summary is replaced by the explicit assessment of the trust and risk
involved in interacting with another user, providing a security decision as advice to a user on whether
or not to engage in an interaction.
The RMS builds on the work of the SECURE (Secure Environments for Collaboration among
Ubiquitous Roaming Entities) project. Grounded on a formal model, the SECURE trust-based
decision-making framework applies trust and risk to evidence in a manner comparable to the human
decision-making process. We use the SECURE model as a basis with which to design our own
application-specific mechanisms for reputation management in Internet auctions, and these
mechanisms provide for the observation of domain-specific behaviour such as fraud and theft,
assessment of contextual relevance, and analysis of risk in financial terms that is made explicit to the
end user. Additionally, in the reputation management for Internet auctions application domain,
SECURE is deficient in analysing the dynamic aspects of marketplace networks, and therefore we
design additional techniques for interaction management. These techniques underlie an extension to
the SECURE framework that includes methods for the weighting of recommendations based on the
application of recommendation weighting policy to trustworthy recommendation paths within the
graph of marketplace participants; and the identification of colluding behaviour between users within
the marketplace community, by assessing interaction dynamics between users over time.
Our evaluation of the RMS shows that it reduces complexity, increases accuracy, and maintains
usability of reputation management for Internet auction users. It validates that the RMS, in its
observation and identification of normal and abnormal domain-specific behaviour, reduces complexity
by providing accurate decision-making advice to users. Furthermore, the evaluation confirms that the
analysis of context in terms of role, time, and environmental factors can further reduce complexity in
the decision-making process while maintaining usability. Additionally, the evaluation demonstrates
that recommendation weighting can protect a user against the potential unreliability of recommended
evidence. Finally, the evaluation establishes that a reputation management system based on a
computational trust-based decision-making model can counter the issues in existing commercial
reputation management systems and provide increased benefit to users interacting in the Internet
Please note: There is a known bug in some browsers that causes an
error when a user tries to view large pdf file within the browser window.
If you receive the message "The file is damaged and could not be
repaired", please try one of the solutions linked below based on the
browser you are using.
Items in TARA are protected by copyright, with all rights reserved, unless otherwise indicated.