Upload
ictseserv
View
218
Download
0
Embed Size (px)
Citation preview
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
1/18
2009 IBM Corporation
Trust Measurement and Management
Alan Hartman IBM Haifa Research Lab
20 June 2012
Open Research Issues
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
2/18
2009 IBM Corporation
Agenda
Motivation
Defining Trust
Relationship between Risk and Trust
Basic Trust Management Scenario
More Complex Scenarios
2
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
3/18
2009 IBM Corporation3
Why measure and manage trust?
Distrust and caution are the parents of security. - BenjaminFranklin
The trust of the innocent is the liars most useful tool. -Stephen King
Trust, but verify. Ronald Reagan
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
4/18
2009 IBM Corporation
Definition of trust
Trust is: An expectation about a future behaviour ofanother person depending on the degree of trustand the extent of the associated risk (Kasselbaum
Ph. D. Thesis in Sociology)
Trust is: A function with three parameters:Trust(Trustee, Trustor, ActivityOutcome), whose
value is the probability (degree of trust) thatTrustor believes that Trustee will produceActivityOutcome in the future
4
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
5/18
2009 IBM Corporation
Relationship between trust and risk
Rational behavior: If the payoff is positive, then take therisk
Also rational: If the worst case is too awful, dont take the
risk5
Working Hypothesis: A decision (by the Trustor) on whether to offerthe Trustee the opportunity to participate in an Activity with theTrustor is based on both Trust and Risk
Payoffis: a measure of the expected utility to theTrustor associated with all possible outcomes of anactivity.Payoff(Trustor, Activity) = sum over all Outcomes(Trust( Trustee, Trustor, ActivityOutcome ) * Value(Outcome))
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
6/18
2009 IBM Corporation
Academic Interest in Trust
SociologyWho trusts the Internet?What are the factors that influence a person to trust
interactions in cyberspace?
EconomicsWhat motivates trust and cooperation?What reputation and incentive mechanisms to promote
trust?
ManagementCreating and maintaining trust as part of leadership
Computer Science
Creating trust in computing infrastructure and services6
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
7/18 2009 IBM Corporation
Basic Trust Management Scenario
7
1. Build Trust
2. Shake Trust
3. Restore Trust
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
8/18 2009 IBM Corporation
Building Trust
8
Trustor A trusts Trustee B to produce Outcome C with confidence level P0
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
9/18 2009 IBM Corporation
ShakingTrust
An Event E occurs whichcauses P0 to decrease to P'which is below the thresholdPt determined by Trustee B
9
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
10/18 2009 IBM Corporation
Trust Restoration
Trustee B takes mitigationaction M and measures newtrust level P ''
10
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
11/18 2009 IBM Corporation
Basic Scenario For Trust Management
1) Initial condition: Trustor A trusts Trustee B toproduce outcome C with confidence level P0
2) Either an Event E occurs which causes P0 todecrease to P' which is below the threshold Pt
determined by Trustee B Or P0 < Pt in the firstplace
3) Loop on i:I. B takes mitigation action Mi and measures
confidence level Pi (Assume Mi are orderedin decreasing order of cost effectiveness)
II. Until Pi >= Pt, or no cost effective mitigationactions remain in the arsenal of B
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
12/18
2009 IBM Corporation
Research Challenges for Trust Management
How to measure P for a given A, B, and C
How to determine an appropriate threshold Pt for agiven A, B, C
What are appropriate mitigation actions Mi for agiven A, B, C, E
How to detect and report trust breach events E
How to measure cost effectiveness of Mi
When to give up i.e. what is the law ofdiminishing returns in the context of A, B, C, E,and P0, P1, P2, ...Pi
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
13/18
2009 IBM Corporation
Measuring Trustworthiness of ICT Systems
Quantifying TrustworthinessUsing Quantifiable Properties*
Dependability
Security
Performability
13 *University of Kansas, Resilinets Wiki
https://wiki.ittc.ku.edu/resilinets/Main_Pagehttps://wiki.ittc.ku.edu/resilinets/Main_Pagehttps://wiki.ittc.ku.edu/resilinets/Performabilityhttps://wiki.ittc.ku.edu/resilinets/Securityhttps://wiki.ittc.ku.edu/resilinets/Image:Disciplines-trustworthiness.pnghttps://wiki.ittc.ku.edu/resilinets/Image:Disciplines-trustworthiness.png7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
14/18
2009 IBM Corporation
Measuring Trustworthiness of Individuals orOrganizations
14
Quantifiable Properties
Trustworthy actions
ObservedReported by trusted sourceEvidence
Trustworthy reputationReputation measureTrusted reputation systemMembership of trusted organizationTrusted guarantor
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
15/18
2009 IBM Corporation
Mutual trust scenario
Alice trusts BigBank to maintain the integrity ofher credit card with P=99%
BigBank trusts Alice to be honest with it with
Q=95%E is an unauthorized credit card transaction
from Alice's account reported to BigBank byAlice (P'=85%, Q'=75%)
What actions should Alice and BigBank take torebuild mutual trust?
What is the protocol for mutual trustnegotiation?
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
16/18
2009 IBM Corporation
B2B trust scenario
OmahaInsurance is negotiating with IBM tooutsource their health insurance claimsprocessing
Trust is held between IBM and Omaha andalso between Omaha and its customers
Event = break in to IBM office in Bangalore
Action C is contract negotiation between IBM
and Omaha
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
17/18
2009 IBM Corporation
Trust me, Im a doctor
18
7/31/2019 Alan Hartman - Trust Measurement and Management - SESERV SE Workshop June 2012
18/18
2009 IBM Corporation19