Trust and privacy

In this chapter we demonstrate how to increase the value of shared information by providing context on its quality via trust metrics. In order to evaluate the achieved level of trust, a trust evaluation system is described. This system assesses the quality of information based on past behaviour, direct experience, recommendation, referral, and roles. This management process filters and prioritises information provided by Semantic Room (SR) members while dynamically adjusting the trust level of members. Sharing of sensitive information in a commons requires that precautions be taken to safeguard the interest of members and to uphold codes of privacy. In the case of financial institutions, the requisites for security and privacy place demands on the CoMiFin platform that are satisfied using advanced modelling techniques, rigorous data analysis, and information management. To this end, in this chapter we present a distributed SR architecture which is capable of correlating events coming from SR members while preserving the privacy of sensitive data items. The SR consists of SR Gateways deployed at each financial institution and a set of private clouds forming the SR collaborative processing system (CSP). SR Gateways perform data pre-processing and anonymize data items, as prescribed by the SR contract, using the Shamir secret sharing scheme. Anonymous data are sent to the CPS, which aggregates information through MapReduce-based computations. The anonymous data resulting from the collaborative computation are revealed to the SR members only if suspicious activities are detected. We show how this SR can be leveraged for detecting Man-in-the-Browser attacks.