This document discusses measuring and managing trust in complex systems. It defines trust as an expectation of future behavior depending on risk. A basic trust management scenario involves building initial trust, events that can shake trust, and actions to restore trust. Key challenges include measuring trust levels, determining trust thresholds, identifying appropriate mitigation actions, and balancing costs of restoration against diminishing returns. The document also discusses scenarios involving mutual trust between entities, business-to-business relationships, and healthcare contexts.

1. © 2009 IBM Corporation
Trust Measurement and Management
Alan Hartman – IBM Haifa Research Lab
20 June 2012
Open Research Issues

2. © 2009 IBM Corporation
Agenda
 Motivation
 Defining Trust
 Relationship between Risk and Trust
 Basic Trust Management Scenario
 More Complex Scenarios
2

3. © 2009 IBM Corporation
3
Why measure and manage trust?
Distrust and caution are the parents of security. - Benjamin
Franklin
The trust of the innocent is the liar’s most useful tool. -
Stephen King
Trust, but verify. – Ronald Reagan

4. © 2009 IBM Corporation
Definition of trust
 Trust is: An expectation about a future behaviour of
another person … depending on the degree of trust
and the extent of the associated risk (Kasselbaum
Ph. D. Thesis in Sociology)
 Trust is: A function with three parameters:
–Trust(Trustee, Trustor, ActivityOutcome), whose
value is the probability (degree of trust) that
Trustor believes that Trustee will produce
ActivityOutcome in the future
4

5. © 2009 IBM Corporation
Relationship between trust and risk
 Rational behavior: If the payoff is positive, then take the
risk
 Also rational: If the worst case is too awful, don’t take the
risk
5
 Working Hypothesis: A decision (by the Trustor) on whether to offer
the Trustee the opportunity to participate in an Activity with the
Trustor is based on both Trust and Risk
 Payoff is: a measure of the expected utility to the
Trustor associated with all possible outcomes of an
activity.
Payoff(Trustor, Activity) = sum over all Outcomes
(Trust( Trustee, Trustor, ActivityOutcome ) * Value(Outcome))

6. © 2009 IBM Corporation
Academic Interest in Trust
 Sociology
–Who trusts the Internet?
–What are the factors that influence a person to trust
interactions in cyberspace?
 Economics
–What motivates trust and cooperation?
–What reputation and incentive mechanisms to promote
trust?
 Management
–Creating and maintaining trust – as part of leadership
 Computer Science
–Creating trust in computing infrastructure and services
6

7. © 2009 IBM Corporation
Basic Trust Management Scenario
7
1. Build Trust
2. Shake Trust
3. Restore Trust

8. © 2009 IBM Corporation
Building Trust
8
Trustor A trusts Trustee B to produce Outcome C with confidence level P0

9. © 2009 IBM Corporation
ShakingTrust
An Event E occurs which
causes P0 to decrease to P'
which is below the threshold
Pt determined by Trustee B
9

10. © 2009 IBM Corporation
Trust Restoration
 Trustee B takes mitigation
action M and measures new
trust level P ''
10

11. © 2009 IBM Corporation
Basic Scenario For Trust Management
1) Initial condition: Trustor A trusts Trustee B to
produce outcome C with confidence level P0
2) Either an Event E occurs which causes P0 to
decrease to P' which is below the threshold Pt
determined by Trustee B Or P0 < Pt in the first
place
3) Loop on i:
I. B takes mitigation action Mi and measures
confidence level Pi (Assume Mi are ordered
in decreasing order of cost effectiveness)
II. Until Pi >= Pt, or no cost effective mitigation
actions remain in the arsenal of B

12. © 2009 IBM Corporation
Research Challenges for Trust Management
• How to measure P for a given A, B, and C
• How to determine an appropriate threshold Pt for a
given A, B, C
• What are appropriate mitigation actions Mi for a
given A, B, C, E
• How to detect and report trust breach events E
• How to measure cost effectiveness of Mi
• When to give up – i.e. what is the law of
diminishing returns in the context of A, B, C, E,
and P0, P1, P2, ...Pi

13. © 2009 IBM Corporation
Measuring Trustworthiness of ICT Systems
Quantifying Trustworthiness
Using Quantifiable Properties*
Dependability
Security
Performability
13 *University of Kansas, Resilinets Wiki

14. © 2009 IBM Corporation
Measuring Trustworthiness of Individuals or
Organizations
14
Quantifiable Properties
Trustworthy actions
Observed
Reported by trusted source
Evidence
Trustworthy reputation
Reputation measure
Trusted reputation system
Membership of trusted organization
Trusted guarantor

15. © 2009 IBM Corporation
Mutual trust scenario
Alice trusts BigBank to maintain the integrity of
her credit card with P=99%
BigBank trusts Alice to be honest with it with
Q=95%
E is an unauthorized credit card transaction
from Alice's account – reported to BigBank by
Alice (P'=85%, Q'=75%)
What actions should Alice and BigBank take to
rebuild mutual trust?
What is the protocol for mutual trust
negotiation?

16. © 2009 IBM Corporation
B2B trust scenario
OmahaInsurance is negotiating with IBM to
outsource their health insurance claims
processing
Trust is held between IBM and Omaha and
also between Omaha and its customers
Event = break in to IBM office in Bangalore
Action C is contract negotiation between IBM
and Omaha

17. © 2009 IBM Corporation
Trust me, I’m a doctor
18

18. © 2009 IBM Corporation
19