Section 25.5. Gaming and Anti-gaming


25.5. Gaming and Anti-gaming

Gaming is the process by which an entity manipulates a system to serve her personal interests while harming other users. A system that uses social processes is susceptible to gaming by an entity, whether the entity is a single user, a group of users, or an organization that is acting through users. Using basic economics[26] as an analysis lens, we can infer the conditions under which gaming will occur; these conditions are:

[26] Campbell R. McConnell and Stanley L. Brue, Economics, 15th Edition (New York: McGraw-Hill, 2001).

  • There is an entity with an incentive to game the system.

  • The benefit that the entity obtains from gaming the system is greater than the cost incurred by the entity to game the system.

Consider a hypothetical instance of gaming in Acumen: a group of employees working for a company decide to block cookies from a competitor's web site, hoping that other users will follow suit, either manually or using rules. Many web sites are dependent upon cookies in order for their site to perform well and provide a good user experience; hence, for users who block its cookies, the competitor's site may offer only a limited user experience. Consequently, these users may be less likely to use the competitor's site and more likely to use the web site of the employees' company. Thus, the employees have gamed the system; they have successfully modified the system to obtain an outcome that is desirable for them but not for the larger community.

It is difficult to make a system that utilizes social processes completely immune to gaming, but there are techniques that can make gaming more difficult. A general rule of thumb is

ACUMEN ARCHITECTURE

Four component types comprise the Acumen system: (1) remote web proxies; (2) a central database; (3) Acumen's toolbar; and (4) web services that act as data intermediaries between the database and the toolbar. The components, shown in Figure 25-6, communicate securely using Secure Sockets Layer (SSL) channels.

All users' web traffic goes through one of Acumen's web proxies. A proxy performs two actions: it records the web sites that a user has visited and the cookies used by those sites; and it blocks cookies from web page requests and responses if a user has explicitly or by rule blocked the site's cookies.

Acumen's database acts as a central repository for all data used by the system. For each web site that a user has visited, the database maintains a user web site history; the history contains the cookies that the site uses for the user, whether a user blocks or allows the site's cookies, and, if cookies are blocked, how so.

Acumen's web service acts as the intermediary between its database and its toolbar. When a user visits a web page, the toolbar obtains data about the page from the service; the data is in the form of an XML file. The service also handles user actions (e.g., blocking a cookie, changing a rule) and updates the database accordingly.

Acumen's web proxies and web services are the performance bottlenecks in the architecture . In order to make these components as responsive as possible, Acumen supports dynamic replication and deployment of the components and uses caches in both components.

Acumen attempts to mitigate privacy concerns by ensuring that user data is anonymous at both the user interface level and the system level. Acumen's interface enables users to view only aggregated data; users are never able to view another individual's data. Acumen does not record any identifying information about its users beyond a persistent identifier, and it records a user's browsing activities only if she is logged into the system. Finally, Acumen provides a simple interface for users to see what data the system has collected about them; this interface enables a user to exclude some or all of her data from Acumen's community data.

Acumen's architecture ensures that the system's complexity is hidden from users. To use Acumen, a user needs only to install Acumen's toolbar, set her browser to use Acumen's proxy, and create a pseudonym for persistent identification by Acumen.


that it should be difficult (and sometimes forbidden) for a single user or a small group of users to significantly alter the system. Instead, users should be able to produce only incremental changes, and there should be a cost for performing such changes. The cost should be sufficient to discourage manipulative behavior.

Ultimately, more research is needed about gaming and anti-gaming techniques in social systems, especially those used to support privacy management. Exploring how people game a social system is difficult, however, because an environment that encourages gaming must be fostered; often a system must be in sustained use over a significant period of time in order for an instance of gaming to arise.

Figure 25-6. Acumen architecture


25.5.1. Anti-gaming Techniques in Acumen

Acumen's anti-gaming techniques are quite rudimentary. Recall that Acumen's maven formula uses a square root function and a summation function to make it difficult for users to become mavens artificially.

We are currently exploring other methods to prevent gaming in Acumen. Acumen could decrease a user's maven rating over time; such decay would increase the effort it takes for users to remain mavens. A related problem is that of a user signing up for multiple accounts and using these accounts to exert more than his fair share of influence in the system. To address this problem, we are experimenting with an activity threshold such that data from users with less than a certain amount of activity (e.g., less than a certain number of sites visited) would not be included in the data shown by Acumen's interface.



Security and Usability. Designing Secure Systems that People Can Use
Security and Usability: Designing Secure Systems That People Can Use
ISBN: 0596008279
EAN: 2147483647
Year: 2004
Pages: 295

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net