Download - Academy Publisher
Download - Academy Publisher
Download - Academy Publisher
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
ISBN 978-952-5726-09-1 (Print)<br />
Proceedings of the Second International Symposium on Networking and Network Security (ISNNS ’10)<br />
Jinggangshan, P. R. China, 2-4, April. 2010, pp. 271-274<br />
Cloud Trust Model in E-Commerce<br />
Min Wu<br />
Jiaxing College, Jia Xing, China<br />
Email: swjtu_wm@163.com<br />
Abstract—Trust is one of the most important concerns in the<br />
E-commerce’development. In view of the significance of<br />
trust management in E-commerce, a model of trust in<br />
Electronic commerce based on the cloud computing is<br />
prospered in the paper. The Cloud Trust Model (CTM)<br />
offers cloud trust services to solve the issues of trust<br />
management in E-commerce,such as the computing of .<br />
social network analysis (SNA).<br />
Index Terms—Electronic Commerce , Trust Model , Cloud<br />
Computing , SNA<br />
I. INTRODUCTION<br />
During the Internet age, online environment is now<br />
part of everyday life. As a result, Web applications have<br />
become a major tool for connecting consumers, partners,<br />
and employees to company applications using the<br />
Internet as an open and global network.E-commerce is a<br />
popular and growing Web application which enables<br />
customers to achieve a variety of purposes and services.<br />
Electronic commerce lets companies integrate internal<br />
and external business processes through information and<br />
communication technologies. Companies conduct these<br />
business processes over intranets, extranets, and the<br />
Internet. E-commerce lets businesses reduce costs, attain<br />
greater market reach, and develop closer partner<br />
relationships. Numerous e-commerce companies have<br />
created very profitable businesses since pioneering<br />
e-commerce traders (such as Amazon.com) emerged.<br />
However, using the Internet as the underlying backbone<br />
network has led to new risks and concerns. Often,<br />
industry analysts cite trust and security as the main<br />
hurdles in growing e-commerce.[1][2]<br />
In the abstract sense, trust is the extent to which one<br />
party measures the other party’s willingness and ability to<br />
act in the measuring party’s interest.[3] The notion of<br />
trust varies in different contexts. Broadly speaking, there<br />
are two classes of trust computing: security-oriented trust<br />
computing and non-security-oriented trust computing. [4]<br />
In consequence, security can be regarded as one of the<br />
trust issues.<br />
In security-oriented trust computing, trust provides a<br />
mechanism for enhancing security, covering issues of<br />
authentication, authorization, access control, and privacy.<br />
[4]Trust is the degree by which a target object (such as<br />
software, a device, a server, or any data they deliver) is<br />
considered secure.<br />
Reputation-based trust evaluation correlates to<br />
non-security-oriented trust computing. In general, a<br />
service gains a good reputation after it has accumulated<br />
good quality services over a long time period. The<br />
evaluation is usually based on customer ratings. However,<br />
to compute the final reputation value correctly, studies on<br />
relationships among raters and ratees are necessary, and<br />
might help reduce the rating noise (which we discuss<br />
further later on) and obtain more objective trust<br />
results.[5]<br />
We can view security-oriented trust and<br />
non-security-oriented trust as the trust in EC respectively<br />
from a technological perspective and a systemic<br />
perspective. In this paper, we will discuss mainly the<br />
latter.<br />
II. CATEGORY OF TRUST EVALUATION<br />
Three are three types of trust management in EC<br />
according to trust management architecture.<br />
A. Centralized Trust Management<br />
Centralized trust management system puts up a<br />
centralized management server, in which service clients<br />
or buyers report ratings to a trust authority after<br />
transactions. The server manages service providers’ and<br />
clients’ portfolio data as well as service providers’ trust<br />
data. Some well-known e-commerce websites have taken<br />
Centralized trust management system to build up trust,<br />
such as eBay and Taobao set forth internal credit rating<br />
mechanisms.<br />
For purposes of E-Commerce, we can define a<br />
trusted third party as a widely accepted, reliable,<br />
independent, and highly secure entity that generates trust<br />
through attestation or certification.[2]Compared with the<br />
legal mechanism, credit mechanism is a kind of<br />
lower-cost mechanism, which can also apply to<br />
E-Commerce environment. [6] To guarantee security and<br />
reliability of e-commerce, dozens of third-party online<br />
authorities has been fostered out of the legal framework,<br />
among which the online authentication institution<br />
through guarantee or implementation supervision by a<br />
third party to prevent deceptive acts is the most effective.<br />
One of the most typical third-party payment method is<br />
‘Zhi-Fu-Bao’, which has applied by many web sites. At<br />
Taobao, after each transaction, a buyer can give feedback<br />
to the system about the seller’s service quality that can<br />
be positive, neutral, or negative. Taobao stores this rating<br />
at a centralized management location. It calculates the<br />
feedback score via S = P – N, where P is the number of<br />
positive ratings left by members (customers) and N is the<br />
number of negative ratings. Taobao displays the S value<br />
on the seller’s Web page. Another value R = (P – N)/(P<br />
+ N) (1 ≥ R ≥ 0) is the positive feedback rate.<br />
B. Decentralized Trust Management<br />
A decentralized (such as P2P) architecture trust<br />
management, which also has its benefits.[7]The typic<br />
example of the decentraliazed trust management of<br />
© 2010 ACADEMY PUBLISHER<br />
AP-PROC-CS-10CN006<br />
271