Jean-Marc Seigneur

Using trust for secure collaboration in uncertain environments

The SECURE project investigates the design of security mechanisms for pervasive computing based on trust. It addresses how entities in unfamiliar pervasive computing environments can overcome initial suspicion to provide secure collaboration.

Trust propagation in small worlds

The possibility of a massive, networked infrastructure of diverse entities partaking in collaborative applications with each other increases more and more with the proliferation of mobile devices and the development of ad hoc networking technologies. In this context, traditional security measures do not scale well. We aim to develop trust-based security mechanisms using small world concepts to optimise formation and propagation of trust amongst entities in these vast networks. In this regard, we surmise that in a very large mobile ad hoc network, trust, risk, and recommendations can be propagated through relatively short paths connecting entities. Our work describes the design of trust-formation and risk-assessment systems, as well as that of an entity recognition scheme, within the context of the small world network topology.

Trading privacy for trust

Both privacy and trust relate to knowledge about an entity. However, there is an inherent conflict between trust and privacy: the more knowledge a first entity knows about a second entity, the more accurate should be the trustworthiness assessment; the more knowledge is known about this second entity, the less privacy is left to this entity. This conflict needs to be addressed because both trust and privacy are essential elements for a smart working world. The solution should allow the benefit of adjunct trust when entities interact without too much privacy loss. We propose to achieve the right trade-off between trust and privacy by ensuring minimal trade of privacy for the required trust. We demonstrate how transactions made under different pseudonyms can be linked and careful disclosure of such links fulfils this right trade-off.

Extracting trust from domain analysis: a case study on the wikipedia project

The problem of identifying trustworthy information on the World Wide Web is becoming increasingly acute as new tools such as wikis and blogs simplify and democratize publications. Wikipedia is the most extraordinary example of this phenomenon and, although a few mechanisms have been put in place to improve contributions quality, trust in Wikipedia content quality has been seriously questioned. We thought that a deeper understanding of what in general defines high-standard and expertise in domains related to Wikipedia – i.e. content quality in a collaborative environment – mapped onto Wikipedia elements would lead to a complete set of mechanisms to sustain trust in Wikipedia context. Our evaluation, conducted on about 8,000 articles representing 65% of the overall Wikipedia editing activity, shows that the new trust evidence that we extracted from Wikipedia allows us to transparently and automatically compute trust values to isolate articles of great or low quality.

End-to-End Trust Starts with Recognition

Pervasive computing requires some level of trust to be established between entities. In this paper we argue for an entity recognition based approach to building this trust which differs from starting from more traditional authentication methods. We also argue for the concept of a ”pluggable” recognition module which allows different recognition schemes to be used in different circumstances. Finally, we propose that the trust in the underlying infrastructure has to be taken into account when considering end-to-end trust.

Trust enhanced ubiquitous payment without too much privacy loss

Computational models of trust have been proposed for use in ubicomp environments for deciding whether to allow customers to pay with an e-purse or not. In order to build trust in a customer, a means to link transactions using the same e-purse is required. Roughly, trust is a result of knowledge. As the number of transactions increases, the resulting increase in knowledge about the user of the e-purse threatens privacy due to global profiling. We present a scheme (and its prototype) that mitigates this loss of privacy without forbidding the use of trust for smoothing payment by giving the opportunity to the user to divide trust (i.e. transactions) according to context (e.g. location, users current activity or subset of shops).

Privacy recovery with disposable email addresses

Disposable e-mail address (DEA) services are a privacy recovery mechanism for the growing spam problem. However, this problem is clearly more complex than simply closing DEA; as the rolling e-mail address protocols (REAP) system demonstrates, recovery approaches must accommodate different normal states.

Virtual currency and reputation-based cooperation incentives in user-centric networks

Cooperation incentives are essential in user-centric networks to motivate users to share services and resources (including bandwidth, computational power, and storage space) and to avoid selfish nodes to hinder the functioning of the entire system. Virtual currency and reputation mechanisms are commonly adopted in online communities to boost participation, but their joint application has not been deeply explored, especially in the context of wireless communities, where not only the services, but even the enabling infrastructure is opportunistically built by community members. This paper investigates the combined use of virtual currency and reputation-based incentives in the specific context of a community of users with Wi-Fi enabled devices capable of establishing ad-hoc connections.

Trust transfer: encouraging self-recommendations without sybil attack

Trading privacy for trust thanks to the linkage of pseudonyms has been proposed to mitigate the inherent conflict between trust and privacy. This necessitates fusionym, that is, the calculation of a unique trust value supposed to reflect the overall trustworthiness brought by the set of linked pseudonyms. In fact, some pieces of evidence may overlap and be overcounted, leading to an incorrect trust value. In this approach, self-recommendations are possible during the privacy/trust trade. However, this means that Sybil attacks, where thousands of virtual identities belonging to the same real-world entity recommend each other, are potentially easier to carry out, as self-recommendations are an integral part of the attack. In this paper, trust transfer is used to achieve safe fusionym and protect against Sybil attacks when pieces of evidence are limited to direct observations and recommendations based on the count of event outcomes. Trust transfer implies that recommendations move some of the trustworthiness of the recommending entity to the trustworthiness of the trustee. It is demonstrated and tailored to email anti-spam settings.

Demonstration of security through collaboration in the digital business ecosystem

Trustworthy decentralised identity mechanisms are promising to foster the digital business ecosystem (DBE), an EU-funded FP6 1ST Integrated Project. Progress has been made and driver small and medium enterprises (SMEs) users, which rely on the DBE technical commons, lobby for more security. However, such decentralised security mechanisms still remain on the research agenda. This demonstration presents the current state of security in the DBE.