Receipt management- transaction history based trust establishment
In a history-based trust-management system, users and service providers use information about past transactions to make trust-based decisions concerningcurrent transactions. One category of such systems is represented by the reputation systems. However, despite the growing body of experience in building reputation systems, there are several limitations on how they are typically implemented. They often rely on scores that are evaluated by service providers and are often not reliable or well understood. We believe that reputation hasto be based on objective and reliable information. In such context, transaction histories play an important role. In this paper, we present the VeryIDX systemthat implements an electronic receipt infrastructure and supports protocols to build and manage online transaction history of users. The receipt protocols are shown to have several essential security and privacy properties. We present a basic yet reasonably expressive language which provides service providers with a new way to establish trust based on users' transaction history. We alsodescribe the architecture and prototype implementation of VeryIDX, based on several important design considerations of a real-world e-commerce system infrastructure.
authentication, identity, privacy, security, design
Date of this Version
Proceeding: DIM '07 Proceedings of the 2007 ACM workshop on Digital identity management