Robustness Verification of Trust Systems

Trust and reputation are known social concepts which have an important role in human society. Nowadays, these concepts are also employed in computer science as computational trust and reputation systems (TRSs) that are able to compute the trustworthiness rank of entities based on a collection of experiments and recommendations. Since it is expected that a dishonest entity has a lower trust, the trust values can help the entities to detect and isolate the malicious or selfish entities. TRSs have been applied in many modern computer systems, and also are the most important tool in soft security as the next generation of security mechanisms. Despite the importance and applications of these systems, they are vulnerable to some kind of attack in which the attacker deceives the system using a sequence of misleading behavior. These attacks enable the attacker to manipulate the computation of trust values in his favor. A vulnerable system not only can’t help detecting the malicious entities, but also may be used by them to empower their attack. Hence, robustness evaluation is a critical step before using TRSs. Simulation and formal verification are two main approaches for robustness evaluation of TRSs. Despite the wide usage of simulation in evaluation of TRSs, it is an approximation method that can be used to validate the behavior of the system just for some particular computation paths. In contrast, formal verification based methods provide guarantees for the validation of the whole computation paths of the given system, thus not only their results are exact and provable but also may be used to find whole possible attacks against a given system. Considering the advantages of verification based methods, there is a narrow but progressing trend for proposing such methods in recent years. In this paper, both formal and simulation based methods for robustness evaluation of TRSs are reviewed and compared with each other.