Moleskiing: a Trust-aware Decentralized Recommender System

Paolo Avesani , Paolo Massa , Roberto Tiella
ITC/irsT, Trento, Italy


In this paper we present a real world system,, whose goal is to make ski mountaineering safer. Ski mountaineers can provide information about their trips and express their level of trust in other users. Based on this information, the system is able to show only relevant and reliable information to every user. Since we use Semantic Web formats, users are not required to create a login on our system but can receive personalization also by using their already existent blogs and FOAF files.


Ski mountaineering is an exciting outdoor experience but it may become very risky. Avalanches represent an ubiquitous hazard that may arise by an erroneous situation assessment. To know in advance snow conditions plays a key role in performing ski tours safely. To prevent or to reduce the avalanches hazard, ski mountaineers have the habit to share their experiences.

Word of mouth can be profitably supported by Collaborative Filtering (CF) as shown in many applications in the last decade [7,3]. The basic idea is that ski mountaineers can share their diaries where the ski routes are annotated with regard to both quality of the route and present snow conditions. CF techniques look for similar users (neighbours) and recommend to the current user routes liked and judged as sure by them.

Although the idea is quite appealing two kinds of drawbacks prevent an effective deployment in practice of Collaborative Filtering approach [5]. The first set of issues is related to the technique itself: data sparseness and cold start users. The former refers to the lack of data that usually is required to enable an effective similarity assessment between two user profiles; the latter issue affects the new users: the computation of similarity assessment cannot take place whether a diary of a ski mountaineer is still empty.

The well known drawbacks of Collaborative Filtering are even exacerbated by the specificity of the application domain. In the ski mountaineering scenario the annotation of a ski route is highly context dependent. Weather conditions influence snow conditions and therefore the annotation of the same ski route may differ whether it is performed the day after. It is clear that meeting the basic premise of CF, i.e. user profile overlapping [5], becomes even harder. Ski route recommendation would require that two ski mountaineers have annotated the same set of ski routes approximately in the same period.

To overcome these restrictions that prevent an effective support to the word of mouth we refer to another analogy of the community of practice: the notion of trust. In taking decisions, it is common practice to rely on opinions of people we trust. While in CF systems the user is asked to rate resources (in our case, ski routes), in trust-aware systems she is asked to rate other ski mountaineers about the perceived quality of the provided information. The tacit assumption is that the quality of information delivered by a ski mountaineer is usually uniform, therefore a single issued trust statement about another ski mountaineer can be extended to all her annotations.

Moreover, we have chosen an open publishing environment where every user can create annotations about routes she has lately experienced and contribute with her partial knowledge to the overall system. This was done because a single source providing fresh information about the weather and snow conditions about every route was not available. This approach allows to gather lots of information in an easy, decentralized way but introduce a new concern about the reliability of provided information. A trust-aware solution has the additional advantage of being potentially attack-resistant [4] in the sense that it is in principle able to filter out users who are untrustworthy or malicious, at least from the personal point of view of the active user. This is very important for our system whose goal is to increase ski mountaineering security by providing accurate information about routes conditions. is an information aggregator and adaptive web Recommender System. The high level goal of the system is to make ski mountaineering safer by exploiting information and communication technologies.

Precisely, Moleskiing is a catalogue of ski mountaineering routes in Trentino, Italy. Every route is identifiable by means of a unique URL. An user can create an identity on the site and this allows her to keep an online diary (blog), her ``moleskine about skiing'' from which the site takes the name.

In this blog, she can write about her skiing trips and, using some interfaces, annotate the experienced routes about their quality and safety (current snow conditions and present dangers). Besides being published on the user online diary, the blog entries are also exported in RSS1.0 format, a commonly used RDF format for syndication. Ski routes annotations as well are exported with a simple RDF format we have defined (MSSA): an example of it is shown in Table 1. In particular, the property <trip_rate> has value 0 if the user believes this routes is too dangerous based on the current weather and snow conditions and does not recommend it. It is 1 otherwise. Instead <route_rate> captures how much the user usually likes that certain route independently of the present trip. Its value is an integer value in the range from 1 to 5.

Table 1: Example of MSSA RDF format used in for encoding trips annotations.
\begin{table}{\tt \begin{tabbing}
   \=   \=   \=   \=   \\
<?xml version...
...ers> \\
\> </rdf:Description> \\
</rdf:RDF> \\
\end{tabbing} }

Table 2: Example of RDF format used in for expressing trust statements (FOAF with the trust extension presented in [1]). This is the FOAF file of the user bob007 who had issued a trust statement in the user robertotiella
\begin{table}{\tt \begin{tabbing}
   \=   \=   \=   \=   \\
<?xml version...
...a/foaf.rdf''/> \\
\> </Person> \\
</rdf:RDF> \\

Every user can also use some simple interfaces in order to express which other users she trusts (her web of trust) with respect to the quality, quantity and freshness of provided ski mountaineering routes annotations. The web of trust is shown on the left part of the user's blog as a blogroll but is also exported as a FOAF (Friend-Of-A-Friend)1 file. She can also express a numeric degree of trust in other ski mountaineers. We use the trust extension of FOAF presented in [1] to encode this information (see Table 2 for an example). Trust values are integer values ranging from 0 (total distrust) to 10 (total trust). For example the predicate <trust7> means that the object resource is a person who is trusted 7 out of 10. Using dc:resource, it is also possible to express the domain about which this trust is expressed, so that for example it is possible to express a certain level of trust in one person about ski mountaineering and a different one about violin playing.

Users who already have a blog or a FOAF file are not required to create a blog or a FOAF file on in order to participate in the global discourse about ski mountaineering. They can insert ski routes annotations (encoded in MSSA format) in their own blogs or can encode trust statements about ski mountaineering in their FOAF files.

In this way we don't require the user to create another identity and hence the information related to one user are not scattered across different sites but can be kept ``near'' the user and under her control (see [6] for a discussion of the advantages of decentralized publishing of information).

Trust-aware personalization

Since trust statements are published using FOAF, can aggregate trust statements published everywhere on the web. The same argument applies for the comments about routes (for which we have introduced the MSSA semantic format). We use the SeCo scutter [2] to crawl the Semantic Web and aggregate RDF statements relevant to our application. However, while it is easy to detect a new route review or a change in the FOAF file for the users who have a moleskiing hosted blog, in order to let the moleskiing aggregator know about a ``remote'' participant, she can ping the site. In this way the system can aggregate all the route reviews and all the trust statements available across the Semantic Web. In particular, the trust statements form a social network: Figure 3 shows an example of such a network.

Exploiting the social network structure, a trust metric [1,4,8] can use trust propagation and predict a trust value for every ski mountaineers in unknown users.

We choose to use a simple trust metric as a first step. The basic idea is that, considering only ``positive'' trust statements (i.e., over a certain threshold), users closest to the current user in the social network are predicted as more trustworthy than users further away. Over a certain number of hops (currently 4) from current user, trust is no more propagated.

Figure 1: A trust network composed of 5 trust statements. One of them is ``Doc trusts Ben 0.6''. The trust metric is asked to predict 2 of the possible missing edges (in red).
\begin{figure}\psfig{,width=3in} \end{figure}

The used metric is local: it considers the personal views of every single user and can possibly predict a trust value in another target user that is different for every source user. On the other hand, using global trust metrics, every user has just one ``reputation'' value that summarizes what the community as a whole thinks about that certain user.

Local metrics allows to personalize the user experience on the base of her web of trust while global ones tend to uniform judgments, in the sense they offer to every user (nevertheless the singular individual differences) the same view over the space of the other users. Local trust metric also have the advantage of being more resistant to attacks [4]. In fact global metrics are attackable in various ways, the easiest way is to produce a bunch of fake identities all certifying each others as trustworthy. In this way the global metric will probably end up assigning a high global trust value to these fake identities. On the other hand, local trust metrics predict trustworthiness only (or mainly) starting from the user's personal web of trust and hence, as long as the user does not issue trust statements to fake identities, she is not affected by the attack. Anyway it is worth underlining that local trust metrics are usually more computationally expensive since they have to predict different trust values for every user in the system while global ones only need to compute them once for the all community.

We have claimed that using trust metrics we can infer trust of the current user in unknown users. In this way, when an user interacts with, the adaptive system knows how much the information provided by every other user should be taken into account as useful and reliable. In fact, Moleskiing is an adaptive system in the sense that presented web pages are personalized for every different user. The more relevant content in moleskiing is ski mountaineering routes and one of the objective of the system is to show to every user first the routes that are both secure according to present weather and snow conditions and most interesting from her personal point of view, along with comments about them made by trustable users.

While information provided by every user (either ``remote'' or ``local'') is aggregated and used in some way (for example to construct the social network), in order to receive personalization, an user must communicate in some way to the web server her identity. It would be possible to conceive automatic ways of doing it, for example, the user's browser could be able to provide the URL of the user's FOAF file just as it can now provide the ``preferred language'' property. Instead, up to now, the only possible option is to ask the user to create a login. However, the user who already has a FOAF file and a blog can choose to create a ``remote'' user login by providing only a pointer to her FOAF file and to her blog RSS feed. In this way she can enter information in her blog (in MSSA format) or in her FOAF file (expressing trust statements about ski mountaineering in other users) and receive personalization.

The most important adaptive feature is the ranking of routes so that the system shows to an user first the routes predicted as secure and most interesting. The first page of (see Figure 2) presents a list of the routes commented in the last 15 days. In the domain of ski mountaineering security, information becomes old quickly. In fact some of the most important factors for security are the weather and snow conditions and of course these are not expected to remain constant over months.

Figure 2: Screenshots of the homepage and an entry of an user blog.

The property <mssa:trip_rate> of ski route annotations is used to filter out routes that are considered dangerous by trusted users. After that, routes are ordered based on the general appreciation (<mssa:route_rate>) of trustable users. In the following we use the term ``trustable users'' to denote all the users who have a trust value (either explicitly expressed by the user or predicted by the trust metric) greater than 6. Since we use a local trust metric, the ``trustable users'' of one user are probably different from the ones of a different user.

Precisely, only routes that are rated as secure (<mssa:trip_rate>=1) in the last 15 days by the majority of ``trustable users'' can be displayed in the list of recommended routes. These routes are then ranked based on the general rating (<mssa:route_rate>) given by trustable users at any time. The predicted importance of $Route$ for user $A$ is

Rating(Route,A) = \sum_{U \in TrustableUsers(A)}[Trust(A,U) Rating(Route,U)] / \sum_{U \in TrustableUsers(A)}[Trust(A,U)]
\end{displaymath} (1)

where Trust(A,U) is either the trust explicitly provided by $A$ on $U$ or the trust predicted by the trust metric.

Routes are then ranked in decreasing order of $Rating(Route,A)$ and everyone of them is showed with links to the comments made by trustable users.

Ranking routes based on local trust metrics has also the advantage of being potentially attack-resistant [4] and to not let malicious users influence the personalization of users who don't trust them explicitly. For example, consider the case of a malicious users that knows a route is currently dangerous because of the snow condition but nevertheless wants to push a lot of people into going into it. This could be either in good mood because she thinks risk is what ski mountaineers look for or in bad mood because she likes to see people in danger, but this is not important. In order to fulfill the attack, she can create many users in the system and rate with all of them very highly the dangerous trip. In this way, a global metric would probably aggregate all these ratings and finish in recommending to every user the dangerous trip. Since skiing security is one of the goal of the site, this aspect carries a great importance.

Moreover, an user can always see the list of users not yet rated ordered by predicted trust or ask the system how much it predicts she should trust a specific ski mountaineer. In this way, the user has the possibility to fine-tune, expand and control her social network and to correct the system in predicting trustable users if needed. This will lead to a more precise, complete and correct social network and hence to better personalization.

Users who have issued no trust statements cannot beneficiate of a personalized web experience while on For them, trust in other users is predicted using a global trust metric and routes are ranked accordingly.

The adaptive part of is still under development. The most problematic issue seems to be the ability to deploy an easy to use, intuitive and simple interface. Our goal is to deploy the adaptive system before the beginning of the 2004 winter season.


In this paper we have presented a trust-aware decentralized Recommender System: The goal of the system is to make ski mountaineering trips safer by leveraging information provided by users.

Every user can create reviews about ski mountaineering routes (using the MSSA Semantic Web format) and express how much she trusts other ski mountaineers (using a trust extension of FOAF format). Users can participate with their already existent blogs and FOAF files and hence there is no need to split her profile on the nth different server. However, they can also choose to use a hosted blog and FOAF file.

A scutter crawls the Web and aggregates these RDF statements. Based on the collected information, a trust network is constructed and a local trust metric is periodically run in order to predict the trust values of every user in every other user. This information is used to provide a personalized and adaptive experience to the logged user on the site, by showing her only routes that are considered both secure and enjoyable by trusted users.


Jennifer Golbeck, James Hendler, and Bijan Parsia.
Trust networks on the Semantic Web.
In Proceedings of Cooperative Intelligent Agents, 2003.

A. Harth.
SECO: Mediation services for semantic web data.
In IEEE Intelligent Systems, Special Issue on Semantic Web Challenge. Volume 19, Number 3, 2004.

J. Herlocker, J. Konstan J., A. Borchers, and J. Riedl.
An Algorithmic Framework for Performing Collaborative Filtering.
In Proceedings of the 1999 Conference on Research and Development in Information Retrieval, 1999.

R. Levien.
Advogato Trust Metric., 2000.

P. Massa and B. Bhattacharjee.
Using trust in recommender systems: an experimental analysis.
In Proc. of 2nd Int. Conference on Trust Management, 2004.

Paolo Massa.
Trust-aware Decentralized Recommender Systems.
Phd Proposal, 2003, University of Trento,

P. Resnick, N. Iacovou, M. Suchak, P. Bergstrom, and J. Riedl.
Grouplens: An Open Architecture for Collaborative Filtering of Netnews.
In Proceedings of ACM 1994 Conference on Computer Supported Cooperative Work, Pages 175-186, Chapel Hill, 1994.

C. Ziegler and G. Lausen.
Spreading activation models for trust propagation.
In IEEE International Conference on e-Technology, e-Commerce, and e-Service (EEE'04), 2004.

About this document ...

Moleskiing: a Trust-aware Decentralized Recommender System

This document was generated using the LaTeX2HTML translator Version 2002 (1.62)

Copyright © 1993, 1994, 1995, 1996, Nikos Drakos, Computer Based Learning Unit, University of Leeds.
Copyright © 1997, 1998, 1999, Ross Moore, Mathematics Department, Macquarie University, Sydney.

The command line arguments were:
latex2html -split 0 -nonavigation -noreuse moleskiing_trust_aware_recommender_system.tex

The translation was initiated by Paolo Massa on 2004-08-18


... (Friend-Of-A-Friend)1
See for a description of FOAF format

Paolo Massa 2004-08-18

Valid HTML 3.2! Get Firefox