Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Alan hartman trust measurement and management - seserv se workshop june 2012


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Alan hartman trust measurement and management - seserv se workshop june 2012

  1. 1. Alan Hartman – IBM Haifa Research Lab20 June 2012Trust Measurement and Management Open Research Issues © 2009 IBM Corporation
  2. 2. Agenda Motivation Defining Trust Relationship between Risk and Trust Basic Trust Management Scenario More Complex Scenarios2 © 2009 IBM Corporation
  3. 3. Why measure and manage trust? Distrust and caution are the parents of security. - Benjamin Franklin The trust of the innocent is the liar’s most useful tool. - Stephen King Trust, but verify. – Ronald Reagan3 © 2009 IBM Corporation
  4. 4. Definition of trust Trust is: An expectation about a future behaviour of another person … depending on the degree of trust and the extent of the associated risk (Kasselbaum Ph. D. Thesis in Sociology) Trust is: A function with three parameters: –Trust(Trustee, Trustor, ActivityOutcome), whose value is the probability (degree of trust) that Trustor believes that Trustee will produce ActivityOutcome in the future4 © 2009 IBM Corporation
  5. 5. Relationship between trust and risk  Working Hypothesis: A decision (by the Trustor) on whether to offer the Trustee the opportunity to participate in an Activity with the Trustor is based on both Trust and Risk  Payoff is: a measure of the expected utility to the Trustor associated with all possible outcomes of an activity. Payoff(Trustor, Activity) = sum over all Outcomes (Trust( Trustee, Trustor, ActivityOutcome ) * Value(Outcome)) Rational behavior: If the payoff is positive, then take the risk Also rational: If the worst case is too awful, don’t take the risk5 © 2009 IBM Corporation
  6. 6. Academic Interest in Trust Sociology –Who trusts the Internet? –What are the factors that influence a person to trust interactions in cyberspace? Economics –What motivates trust and cooperation? –What reputation and incentive mechanisms to promote trust? Management –Creating and maintaining trust – as part of leadership Computer Science –Creating trust in computing infrastructure and services6 © 2009 IBM Corporation
  7. 7. Basic Trust Management Scenario 1. Build Trust 2. Shake Trust 3. Restore Trust7 © 2009 IBM Corporation
  8. 8. Building Trust Trustor A trusts Trustee B to produce Outcome C with confidence level P08 © 2009 IBM Corporation
  9. 9. ShakingTrustAn Event E occurs which causes P0 to decrease to P which is below the threshold Pt determined by Trustee B9 © 2009 IBM Corporation
  10. 10. Trust Restoration Trustee B takes mitigation action M and measures new trust level P 10 © 2009 IBM Corporation
  11. 11. Basic Scenario For Trust Management1) Initial condition: Trustor A trusts Trustee B to produce outcome C with confidence level P02) Either an Event E occurs which causes P0 to decrease to P which is below the threshold Pt determined by Trustee B Or P0 < Pt in the first place3) Loop on i: I. B takes mitigation action Mi and measures confidence level Pi (Assume Mi are ordered in decreasing order of cost effectiveness) II. Until Pi >= Pt, or no cost effective mitigation actions remain in the arsenal of B © 2009 IBM Corporation
  12. 12. Research Challenges for Trust Management• How to measure P for a given A, B, and C• How to determine an appropriate threshold Pt for a given A, B, C• What are appropriate mitigation actions Mi for a given A, B, C, E• How to detect and report trust breach events E• How to measure cost effectiveness of Mi• When to give up – i.e. what is the law of diminishing returns in the context of A, B, C, E, and P0, P1, P2, ...Pi © 2009 IBM Corporation
  13. 13. Measuring Trustworthiness of ICT SystemsQuantifying TrustworthinessUsing Quantifiable Properties* Dependability Security Performability13 *University of Kansas, Resilinets Wiki © 2009 IBM Corporation
  14. 14. Measuring Trustworthiness of Individuals orOrganizations Quantifiable Properties Trustworthy actions Observed Reported by trusted source Evidence Trustworthy reputation Reputation measure Trusted reputation system Membership of trusted organization Trusted guarantor14 © 2009 IBM Corporation
  15. 15. Mutual trust scenario Alice trusts BigBank to maintain the integrity of her credit card with P=99% BigBank trusts Alice to be honest with it with Q=95% E is an unauthorized credit card transaction from Alices account – reported to BigBank by Alice (P=85%, Q=75%) What actions should Alice and BigBank take to rebuild mutual trust? What is the protocol for mutual trust negotiation? © 2009 IBM Corporation
  16. 16. B2B trust scenario OmahaInsurance is negotiating with IBM to outsource their health insurance claims processing Trust is held between IBM and Omaha and also between Omaha and its customers Event = break in to IBM office in Bangalore Action C is contract negotiation between IBM and Omaha © 2009 IBM Corporation
  17. 17. Trust me, I’m a doctor18 © 2009 IBM Corporation
  18. 18. 19 © 2009 IBM Corporation