Trust Measurement and Management


Published on

Broad outline of research problems in Trust Measurement and Management

Published in: Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Trust Measurement and Management

  1. 1. Alan Hartman – IBM Haifa Research Lab20 June 2012Trust Measurement and Management Open Research Issues © 2009 IBM Corporation
  2. 2. Agenda Motivation Defining Trust Relationship between Risk and Trust Basic Trust Management Scenario More Complex Scenarios2 © 2009 IBM Corporation
  3. 3. Why measure and manage trust? Distrust and caution are the parents of security. - Benjamin Franklin The trust of the innocent is the liar’s most useful tool. - Stephen King Trust, but verify. – Ronald Reagan3 © 2009 IBM Corporation
  4. 4. Definition of trust Trust is: An expectation about a future behaviour of another person … depending on the degree of trust and the extent of the associated risk (Kasselbaum Ph. D. Thesis in Sociology) Trust is: A function with three parameters: –Trust(Trustee, Trustor, ActivityOutcome), whose value is the probability (degree of trust) that Trustor believes that Trustee will produce ActivityOutcome in the future4 © 2009 IBM Corporation
  5. 5. Relationship between trust and risk Working Hypothesis: A decision (by the Trustor) on whether to offer the Trustee the opportunity to participate in an Activity with the Trustor is based on both Trust and Risk Payoff is: a measure of the expected utility to the Trustor associated with all possible outcomes of an activity. Payoff(Trustor, Activity) = sum over all Outcomes (Trust( Trustee, Trustor, ActivityOutcome ) * Value(Outcome)) Rational behavior: If the payoff is positive, then take the risk Also rational: If the worst case is too awful, don’t take the risk5 © 2009 IBM Corporation
  6. 6. Academic Interest in Trust Sociology –Who trusts the Internet? –What are the factors that influence a person to trust interactions in cyberspace? Economics –What motivates trust and cooperation? –What reputation and incentive mechanisms to promote trust? Management –Creating and maintaining trust – as part of leadership Computer Science –Creating trust in computing infrastructure and services6 © 2009 IBM Corporation
  7. 7. Basic Trust Management Scenario 1. Build Trust 2. Shake Trust 3. Restore Trust7 © 2009 IBM Corporation
  8. 8. Building Trust Trustor A trusts Trustee B to produce Outcome C with confidence level P08 © 2009 IBM Corporation
  9. 9. ShakingTrust An Event E occurs which causes P0 to decrease to P which is below the threshold Pt determined by Trustee B9 © 2009 IBM Corporation
  10. 10. Trust Restoration Trustee B takes mitigation action M and measures new trust level P 10 © 2009 IBM Corporation
  11. 11. Basic Scenario For Trust Management1) Initial condition: Trustor A trusts Trustee B to produce outcome C with confidence level P02) Either an Event E occurs which causes P0 to decrease to P which is below the threshold Pt determined by Trustee B Or P0 < Pt in the first place3) Loop on i: I. B takes mitigation action Mi and measures confidence level Pi (Assume Mi are ordered in decreasing order of cost effectiveness) II. Until Pi >= Pt, or no cost effective mitigation actions remain in the arsenal of B © 2009 IBM Corporation
  12. 12. Research Challenges for Trust Management• How to measure P for a given A, B, and C• How to determine an appropriate threshold Pt for a given A, B, C• What are appropriate mitigation actions Mi for a given A, B, C, E• How to detect and report trust breach events E• How to measure cost effectiveness of Mi• When to give up – i.e. what is the law of diminishing returns in the context of A, B, C, E, and P0, P1, P2, ...Pi © 2009 IBM Corporation
  13. 13. Measuring Trustworthiness of ICT SystemsQuantifying TrustworthinessUsing Quantifiable Properties* Dependability Security Performability13 *University of Kansas, Resilinets Wiki © 2009 IBM Corporation
  14. 14. Measuring Trustworthiness of Individuals orOrganizations Quantifiable Properties Trustworthy actions Observed Reported by trusted source Evidence Trustworthy reputation Reputation measure Trusted reputation system Membership of trusted organization Trusted guarantor14 © 2009 IBM Corporation
  15. 15. Ideas on How to measure trust Measure trusting actions in the past and assume that the future is like the (immediate) past Measure non-trusting actions Create a trust model and measure the antecedents of trust: Create a population model and a trustor classifier15 © 2009 IBM Corporation
  16. 16. Mutual trust scenario Alice trusts BigBank to maintain the integrity of her credit card with P=99% BigBank trusts Alice to be honest with it with Q=95% E is an unauthorized credit card transaction from Alices account – reported to BigBank by Alice (P=85%, Q=75%) What actions should Alice and BigBank take to rebuild mutual trust? What is the protocol for mutual trust negotiation? © 2009 IBM Corporation
  17. 17. B2B trust scenario OmahaInsurance is negotiating with IBM to outsource their health insurance claims processing Trust is held between IBM and Omaha and also between Omaha and its customers Event = break in to IBM office in Bangalore Action C is contract negotiation between IBM and Omaha © 2009 IBM Corporation
  18. 18. Trust me, I’m a doctor18 © 2009 IBM Corporation