The history of computing and computer network architecture can be viewed as a spectrum falling between a more centralized approach in a Client-Server environment and the decentralized approach of a Peer-to-Peer environment. Each architecture has been used to build electronic communities and create various forms of computer services.
A simple example of a Client-Server environment is a website. A website is a service provided by a web server. Third party computing devices access the website by connecting to the web server through a network connection (via the Internet, through a Local Area Network or the like). One problem associated with Client-Server environments is that the server and the bandwidth required to service the number of request must also be able to scale with the growth of the number of third party devices seeking to access the server.
Alternatively, Peer-to-Peer environments are networks in which each computing device connected to the network can have equivalent capabilities and responsibilities. Peer-to-Peer environments are generally simpler to create and maintain than Client-Server environments and, at present, do not offer the same performance under heavy loads. Examples of Peer-to-Peer networks are file sharing networks such as Napster, E-donkey or Kazaa. Each of these examples allow for direct connections between individual computing devices in the network to exchange files. The problems associated with Peer-to-Peer networks involve, among others a lack of security, control and authenticity of the requested files. There are no limits on access to these networks and therefore users have no way to ascertain the quality or source of the received file. This lack of security hampers the utility of Peer-to-Peer environments because users are unwilling to allow strangers access to their systems.
Mixed Client-Server and Peer-to-Peer system can be developed. For example, U.S. Pat. No. 6,366,907 to Fanning et al. discloses a centralized database to locate resources within a peer-to-peer network. However, Fanning et al. do not address the problems of security or control.
There is therefore a need for an environment that provides for a network that provides a solution to the problems of scalability of Client-Server environments as well as a solution to the security or control problems associated with Peer-to-Peer environments. The present invention addresses such a need as it uses a Client-Server environment to identify, authenticate and control access to a Peer-to-Peer network. In addition, this invention applies the ideas of pre-existing social relationships characterized by trust to the access control of the Peer-to-Peer network to create a flexible and secure network.
The importance of social relationships and social networks were publicly recognized by Milgram in “The Small World Problem”, Psychology Today, May 1967. pp 60-67. His theory, known as the “Six degrees of separation” or “The Small World Problem”, suggests that anyone on the planet can be connected to any other person on the planet through a chain of acquaintances that has no more than five intermediaries. Based on this idea, in U.S. Pat. No. 6,175,831, Weinreich, et al. describe a process to build a database of linkages, and, in U.S. Pat. No. 6,360,222, Quinn describes a process to modify directory structures. However, neither Weinreich nor Quinn address the creation of a flexible network based on the concept of social relationships in a Peer-to-Peer computing environment and do not address the issue of identification and authentication when accessing network services.
U.S. Pat. No. 5,941,947 to Brown et al. describes a system and method for controlling access to data entities in a computer network using the concept of control access rights list (ACL) to assign network privileges to users and groups of users. The disadvantage of this design is that it does not allow users to communicate with one another in a Peer-to-Peer environment.
U.S. patent application Ser. No. 10/165,330 assigned to Yeager et al. and U.S. patent application Ser. No. 10/285,133 assigned to Yeager and Chen, describe the creation and distribution of a trust mechanism within a Peer-to-Peer network. In their implementation, trust is a value that is quantitatively calculated through the interaction of peers or determined a priori as a numerical value by the user. The total trust and risk of an object on their network can then be established as a path summation of the nodes that offers the object. The disadvantage of this design is that it requires a series of interactions between users on the network before a level of trust can truly be established. There is no provision for ratings based on pre-existing relationships of trust. In addition, the work of Yeager et al., does not provide a mechanism to identify and authenticate a user and relied on their defined “Trust mechanism”.
The key element in the establishment of a social network is the implicit understanding of the concept of “trust” between known users of a social network. Trust is defined in Merriam-Webster's Dictionary as “assured reliance on the character, ability, strength, or truth of someone or something”. The nature of trust has proved to be elusive and has been discussed extensively in the context of philosophy. The practical implications of trust can be explained using game theory, human physiology and psychology. The concept of trust also forms the basis of corporate strategy, and economics and sociology.
In the Republic (Plato, 390 BC), Plato suggests that trust exists because of the rules governing social transactions and the fear of punishment for disobedience. In this world view, self interest is the major component of trust (see for example, Niccolo Machiavelli (1513), The Prince and Thomas Hobbes (1651), Leviathan, or the Matter, Forme, and Power of a Commonwealth, Ecclesiasticall and Civil). In contrast, other worldviews introduce the properties of innate goodness of man, sympathy (for example, David Hume (1739), A Treatise of Human Nature) or shared morality (Immanuel Kant (1790), The Science of Right) as the basis for trust.
Strategic interactions among humans can be described using mathematics. This was first demonstrated by Von Neumann in Theory of Games and Economic Behavior (1944) in the field of game theory. In game theory, it can be shown that there are optimum strategies for dealing with given situations or confrontations and the strategy depends on the goals of rational participants. For example, there are different strategies depending on whether one's objective is to maximize the probability of achieving a goal, maximizing one's gains, minimizing one's losses or risk, or ensuring that one's opponent suffers the greatest damage. A classical example of game theory is known as the “Prisoners' Dilemma” (A. W. Tucker (1950), memo republished in On Jargon: The Prisoner's Dilemma, UMAP Journal 1, 101, 1980) which established the value of trust among participants. In this hypothetical situation, the best possible outcome for the group as a whole occurs if each user trusts each other. In contrast, the worst possible results for the group occur when each user acts in their own interest.
Social organizations both formal and informal are a trait shared by all human beings. Interaction between relatives, family and kin can be explained based on a biological imperative. By including the element of trust to the psychological development of man, explanation of human interactions can be extended to friends and other members of social groups, businesses, communities, cultures and even nations. Elements involved in trust in a sociological context includes an expectation of future cooperation and a sense of reciprocity.
Trust is also recognized as a valuable component of business strategy (see for example, Robert Bruce Shaw and Jossey-Bass (1997), Trust in the Balance: Building Successful Organizations on Results, Integrity, and Concern, Jossey-Bass Business & Management Series). Trust exists within the human behaviour spectrum of confidence (result of specific knowledge built on reason and facts) and faith (belief that is largely immune to contradictory information or events). Trust for an individual can be characterized as a belief that those on whom the individual depends will fulfill that individual's expectations of them. In a sense, therefore, predictability of behaviour engenders trust. For individuals, varying levels of trust can be established based on fulfilling expectations, acting with integrity and being empathetic.
The concept of trust is also a key element in the theories of macro-economics. In this context, trust can be characterized as an expectation within a community that users of the community will exhibit regular, honest, and cooperative behaviour, based on commonly shared norms. The existence of trust creates social capital, which in turn determines the size of firms, businesses and even economies.
The ability to collaborate on and to edit documents, share views and activities is an important function of a network. Previously, such activities were carried out in two ways: either via a Web-based content management system (CMS) or through a Peer-to-Peer collaborative environment. In a Web-based system, the resources are located in one central location with specific functions provided by a web server and a database (see for example, CMS Review 2005). In decentralized systems, individual machines execute local programs to create a shared environment connected by a network (see for example, U.S. Pat. Nos. 6,859,821; 6,640,241; and 6,446,113 to Ozzie et al.). However, in a web-based system, a central computer is required which can be complicated to setup and maintain. In a pure Peer-to-Peer system, the management of access control can be quite burdensome. There is therefore a need for a network which can be easily established, added to and maintained but where authentication of users is managed. In the present invention, where the users are all connected by pre-existing relationships characterized by trust, access issues are easily dealt with and each trusted peer computer can collaborate and edit information using local resources.
Traditionally, borrowing and lending activities are carried out through financial institutions such as banks or informally. In 2005, Zopa.™. launched the first peer-to-peer lending network in the United Kingdom. Zopa.™. syndicates loans requested by “borrower” members out to “lender” members, based on criteria and parameters set by both parties. One main important criterion for lending is the credit-worthiness of the borrower. Zopa.™. allows strangers to lend money to strangers. Access to the system is contingent upon the users passing a credit check.the users passing a credit check.