Fuzzy Quantifiable Trust in Secure E-Commerce
Traditional models of trust between vendors and buyers fall short of requirements for an electronic marketplace, where anonymous transactions cross territorial and legal boundaries as well as traditional value chain structures. Fuzzy quantifications of trust may offer better evaluations of transaction risk in this environment.
How do we set measurement criteria to make these distinctions? One way is to quantify trust. This fundamental concept in managing commercial risk refers broadly to the assurance that someone or something will act in exactly the way you expect. Research on this problem in e-commerce has focused on authentication— that is, associating a public key with its owner . However, all these models were based on transitive trust along a transaction path of entities that trust the key to different extents. E-commerce, on the other hand, requires mutual trust among a vendor, a customer, and all transaction intermediaries. This article introduces a notion of fuzzy quantifiable trust and then develops models that can use these metrics to verify e-commerce transactions in ways that might be able to satisfy the requirements of mutual trust. The article attempts to define fuzzy quantifiable trust for an e-commerce infrastructure.
KeywordsSmart Card Versus Versus Versus Versus Trust Relationship Trust Index Trust Authority
Unable to display preview. Download preview PDF.
- 2.Chaum D, Pedersen TP (1993) Wallet Databases with Observers. Advances in Cryptology-Cypto’92Google Scholar
- 4.Cox B, Sirbu M, Tygar JD (1995) NetBill Security and Transaction Protocol. Proceedings of the 1st USENIX Workshop on Electronic Commerce, pp. 77–88Google Scholar
- 6.Dierks T, Allen C (1999) The TLS Protocol Version 1, RFC-2246, http://www.iett.org/rfc/rfc2246.txt
- 7.ITU-T Recommendation X.509 (1997): Information Technology-Open Systems Interconnection-The Directory: Authentication FrameworkGoogle Scholar
- 8.Ketchpel S, Garcia HM (1996) Making Trust Explicit in Distributed Commerce Transactions, 16th International Conference on Distributed Computing Systems (ICDCS `96), Hong KongGoogle Scholar
- 9.Knowledge Systems Laboratory, FuzzyCLIPS, User’s Guide. Institute of Information Technology, National Research Council, CanadaGoogle Scholar
- 10.Neuman BC, Medvinsky G (1995) Requirements for Network Payment: The NetCheque Perspective, In: Proceedings of IEEE Compcom ‘85Google Scholar
- 11.Reiter MK and Stubblebine SG (1997) Toward Acceptable Metrics of Authentication, In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, pp. 10–20Google Scholar
- 12.Roscheisen M, Winograd T (1996) A Communication Agreement Framework of Access/Action Control. Proceedings of the IEEE Symposium on Security and Privacy, OaklandGoogle Scholar
- 13.SET (2000) Secure Electronic Transactions, http://www.mastercard.com/set
- 14.Su J, Manchala DW (1997) Building Trust for Distributed Commerce Transactions, In: 17th International Conference on Distributed Computing Systems (ICDCS ‘87), Baltimore, pp. 322–329Google Scholar
- 15.Su J, Manchala DW (1999) Trust Vs. Threats: Recovery and Survival in Electronic Commerce, In: 19th International Conference on Distributed Computing Systems (ICDCS `99), Austin, pp. 126–133Google Scholar