Receipt Management- Transaction History based Trust Establishment
Author
Abhilasha Bhargav-Spantzel, Jungha Woo, Elisa Bertino
Tech report number
CERIAS TR 2007-32
Abstract
In a history-based trust-management system, users and service providers use
information about past transactions to make trust-based decisions concerning
current transactions. One category of such systems is represented by the
reputation systems. However, despite the growing body of experience in building
reputation systems, there are several limitations on how they are typically
implemented. They often rely on scores that are evaluated by service providers
and are often not reliable or well understood. We believe that reputation has
to be based on objective and reliable information. In such context, transaction
histories play an important role. In this paper, we present the VeryIDX system
that implements an electronic receipt infrastructure and supports protocols to
build and manage online transaction history of users. The receipt protocols are
shown to have several essential security and privacy properties. We present a
basic yet reasonably expressive language which provides service providers with
a new way to establish trust based on users' transaction history. We also
describe the architecture and prototype implementation of VeryIDX, based on
several important design considerations of a real-world e-commerce system
infrastructure.
Booktitle
In the Proceedings of the ACM CCS DIM '07
Institution
Purdue University
Key alpha
Identity Management, History Based Access Control, Trust, Security, Privacy
School
Computer Science Department
Publication Date
2007-01-01
Subject
Identity Management, Security, Privacy, History based Access COntrol