• Save
Trust Measurement and Management
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Trust Measurement and Management

on

  • 606 views

Broad outline of research problems in Trust Measurement and Management

Broad outline of research problems in Trust Measurement and Management

Statistics

Views

Total Views
606
Views on SlideShare
606
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Trust Measurement and Management Presentation Transcript

  • 1. Alan Hartman – IBM Haifa Research Lab20 June 2012Trust Measurement and Management Open Research Issues © 2009 IBM Corporation
  • 2. Agenda Motivation Defining Trust Relationship between Risk and Trust Basic Trust Management Scenario More Complex Scenarios2 © 2009 IBM Corporation
  • 3. Why measure and manage trust? Distrust and caution are the parents of security. - Benjamin Franklin The trust of the innocent is the liar’s most useful tool. - Stephen King Trust, but verify. – Ronald Reagan3 © 2009 IBM Corporation
  • 4. Definition of trust Trust is: An expectation about a future behaviour of another person … depending on the degree of trust and the extent of the associated risk (Kasselbaum Ph. D. Thesis in Sociology) Trust is: A function with three parameters: –Trust(Trustee, Trustor, ActivityOutcome), whose value is the probability (degree of trust) that Trustor believes that Trustee will produce ActivityOutcome in the future4 © 2009 IBM Corporation
  • 5. Relationship between trust and risk Working Hypothesis: A decision (by the Trustor) on whether to offer the Trustee the opportunity to participate in an Activity with the Trustor is based on both Trust and Risk Payoff is: a measure of the expected utility to the Trustor associated with all possible outcomes of an activity. Payoff(Trustor, Activity) = sum over all Outcomes (Trust( Trustee, Trustor, ActivityOutcome ) * Value(Outcome)) Rational behavior: If the payoff is positive, then take the risk Also rational: If the worst case is too awful, don’t take the risk5 © 2009 IBM Corporation
  • 6. Academic Interest in Trust Sociology –Who trusts the Internet? –What are the factors that influence a person to trust interactions in cyberspace? Economics –What motivates trust and cooperation? –What reputation and incentive mechanisms to promote trust? Management –Creating and maintaining trust – as part of leadership Computer Science –Creating trust in computing infrastructure and services6 © 2009 IBM Corporation
  • 7. Basic Trust Management Scenario 1. Build Trust 2. Shake Trust 3. Restore Trust7 © 2009 IBM Corporation
  • 8. Building Trust Trustor A trusts Trustee B to produce Outcome C with confidence level P08 © 2009 IBM Corporation
  • 9. ShakingTrust An Event E occurs which causes P0 to decrease to P which is below the threshold Pt determined by Trustee B9 © 2009 IBM Corporation
  • 10. Trust Restoration Trustee B takes mitigation action M and measures new trust level P 10 © 2009 IBM Corporation
  • 11. Basic Scenario For Trust Management1) Initial condition: Trustor A trusts Trustee B to produce outcome C with confidence level P02) Either an Event E occurs which causes P0 to decrease to P which is below the threshold Pt determined by Trustee B Or P0 < Pt in the first place3) Loop on i: I. B takes mitigation action Mi and measures confidence level Pi (Assume Mi are ordered in decreasing order of cost effectiveness) II. Until Pi >= Pt, or no cost effective mitigation actions remain in the arsenal of B © 2009 IBM Corporation
  • 12. Research Challenges for Trust Management• How to measure P for a given A, B, and C• How to determine an appropriate threshold Pt for a given A, B, C• What are appropriate mitigation actions Mi for a given A, B, C, E• How to detect and report trust breach events E• How to measure cost effectiveness of Mi• When to give up – i.e. what is the law of diminishing returns in the context of A, B, C, E, and P0, P1, P2, ...Pi © 2009 IBM Corporation
  • 13. Measuring Trustworthiness of ICT SystemsQuantifying TrustworthinessUsing Quantifiable Properties* Dependability Security Performability13 *University of Kansas, Resilinets Wiki © 2009 IBM Corporation
  • 14. Measuring Trustworthiness of Individuals orOrganizations Quantifiable Properties Trustworthy actions Observed Reported by trusted source Evidence Trustworthy reputation Reputation measure Trusted reputation system Membership of trusted organization Trusted guarantor14 © 2009 IBM Corporation
  • 15. Ideas on How to measure trust Measure trusting actions in the past and assume that the future is like the (immediate) past Measure non-trusting actions Create a trust model and measure the antecedents of trust: Create a population model and a trustor classifier15 © 2009 IBM Corporation
  • 16. Mutual trust scenario Alice trusts BigBank to maintain the integrity of her credit card with P=99% BigBank trusts Alice to be honest with it with Q=95% E is an unauthorized credit card transaction from Alices account – reported to BigBank by Alice (P=85%, Q=75%) What actions should Alice and BigBank take to rebuild mutual trust? What is the protocol for mutual trust negotiation? © 2009 IBM Corporation
  • 17. B2B trust scenario OmahaInsurance is negotiating with IBM to outsource their health insurance claims processing Trust is held between IBM and Omaha and also between Omaha and its customers Event = break in to IBM office in Bangalore Action C is contract negotiation between IBM and Omaha © 2009 IBM Corporation
  • 18. Trust me, I’m a doctor18 © 2009 IBM Corporation