Skip to main content
SpringerLink
Log in

Trust: Benefits, Models, and Mechanisms

  • Chapter
Secure Internet Programming

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1603))

Abstract

Trust provides many practical benefits in open distributed systems. It enables cooperation between pairs of entities, provides a safe and inexpensive basis for lowering access barriers to secured resources, and facilitates complex transactions among multiple entities. In this paper, we describe a wide range of notions and aspects of trust in open systems, with particular focus on trust between autonomous entities. We argue for computational models and mechanisms that enable trust between entities to be produced, manipulated and degraded and we summarize the state-of-the-art from this perspective.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. M. Abadi, M. Burrows, B. Lampson, and G. Plotkin. A calculus for access control in distributed systems. A CM Transactions on Programming Languages and Systems, 15(4):706–734, October 1993.

    Article  Google Scholar 

  2. S. Berkovits, J. D. Guttman, and V. Swarup. Authentication for mobile agents. Lecture Notes in Computer Science 1419, Special issue on Mobile Agents and Security, 1998.

    Google Scholar 

  3. T. Beth, M. Borcherding, and B. Klein. Valuation of trust in open networks. In D. Gollman, editor, Proceedings of the European Symposium on Research in Computer Security (ESORICS), LNCS 875, pages 3–18. Springer Verlag, 1994.

    Google Scholar 

  4. A. Birrell, B. Lampson, R. Needham, and M. Shroeder. A global authentication service without global trust. In Proceedings of the IEEE Symposium on Security and Privacy, pages 223–230, 1986.

    Google Scholar 

  5. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proceedings of the IEEE Symposium on Security and Privacy, pages 164–173, 1996.

    Google Scholar 

  6. B. Borcherding and M. Borcherding. Covered trust values in distributed systems. In Proceedings of the Working Conference on Multimedia and Communication Security, pages 24–31. Chapman & Hall, 1995.

    Google Scholar 

  7. Michael Burrows, Martin Abadi, and Roger Needham. A logic of authentication. Proceedings of the Royal Society, Series A, 426(1871):233–271, December 1989. Also appeared as SRC Research Report 39 and, in a shortened form, in ACM Transactions on Computer Systems 8, 1 (February 1990), 18–36.

    MATH  MathSciNet  Google Scholar 

  8. G. Edjlali, A. Acharya, and V. Chaudhary. History-based access control for mobile code. In Proceedings of the ACM Conference on Computer and Communications Security, 1998.

    Google Scholar 

  9. C. M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. M. Thomas, and T. Ylonen. Simple public key certificate. Internet Draft (Work in Progress), November 1998.

    Google Scholar 

  10. C. M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. M. Thomas, and T. Ylonen. SPKI certificate theory. Internet Draft (Work in Progress), November 1998.

    Google Scholar 

  11. D. Farmer and W. Venema. SATAN Overview, 1995. http://www.fish.com/.

  12. W. M. Farmer, J. D. Guttman, and V. Swarup. Security for mobile agents: Authentication and state appraisal. In Proceedings of the European Symposium on Research in Computer Security (ESORICS), LNCS 1146, pages 118–130, 1996.

    Google Scholar 

  13. F. Fukuyama. Trust: The Social Virtues and the Creation of Prosperity. Free Press, June 1996.

    Google Scholar 

  14. S. Garfinkel. PGP: Pretty Good Privacy. O’Reilly and Associates, 1994.

    Google Scholar 

  15. E. Gerck. Towards a real-world model of trust: reliance on received information. MCG, 1998. http://www.mcg.org.br/trustdef.htm.

  16. J. D. Guttman. Filtering postures: Local enforcement for global policies. In Proceedings of the IEEE Symposium on Security and Privacy, 1997.

    Google Scholar 

  17. A. Josang. A model for trust in security systems. In Proceedings of the Second Nordic Workshop on Secure Computer Systems, 1997.

    Google Scholar 

  18. R. M. Kramer and T. R. Tyler, editors. Trust in Organizations: Frontiers of Theory and Research. Sage Publications, February 1996.

    Google Scholar 

  19. B. Lampson, M. Abadi, M. Burrows, and E. Wobber. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10(4):265–310, November 1992.

    Article  Google Scholar 

  20. R. Levien and A. Aiken. Attack-resistant trust metrics for public key certification. In Proceedings of the 7th USENIX Security Symposium, 1998.

    Google Scholar 

  21. S.P. Marsh. Formalising Trust as a Computational Concept. PhD thesis, Department of Computer Science and Mathematics, University of Sterling, April 1994.

    Google Scholar 

  22. U. Maurer. Modeling a public-key infrastructure. In Proceedings of the European Symposium on Research in Computer Security (ESORICS), LNCS 1146, pages 118–130. Springer Verlag, 1996.

    Google Scholar 

  23. D.H. McKnight and N.L. Chervany. The meanings of trust. Working paper, Carlson School of Management, University of Minnesota, 1996. http://www.misrc.umn.edu/wpaper/wp96-04.htm.

  24. B. A. Misztal. Trust in Modern Societies: The Search for the Bases of Social Order. Polity Press, December 1995.

    Google Scholar 

  25. P. Venkat Rangan. An axiomatic basis of trust in distributed systems. In Proceedings of the IEEE Symposium on Security and Privacy, pages 204–210, 1988.

    Google Scholar 

  26. J.M. Reagle. Trust in a cryptographic economy and digital security deposits: Protocols and policies. Master’s thesis, Technology and Policy Program, Massachusetts Institute of Technology, May 1996.

    Google Scholar 

  27. J.M. Reagle. Trust in electronic markets: The convergence of cryptographers and economists. First Monday, 1(2), August 1996. http://www.firstmonday.dk/issues/issue2/markets/index.html.

  28. M. K. Reiter and S. G. Stubblebine. Path independence for authentication in large-scale systems. In Proceedings of the 4th ACM Conference on Computer and Communications Security, pages 57–66, 1997.

    Google Scholar 

  29. M. K. Reiter and S. G. Stubblebine. Toward acceptable metrics of authentication. In Proceedings of the IEEE Symposium on Security and Privacy, pages 3–18, 1997.

    Google Scholar 

  30. T. Sander and C. Tschudin. Towards mobile cryptography. In Proceedings of the IEEE Symposium on Security and Privacy, 1998.

    Google Scholar 

  31. A. Tarah and C. Huitema. Associating metrics to certification paths. In Proceedings of the European Symposium on Research in Computer Security (ESORICS), LNCS 648, pages 175–189. Springer Verlag, 1992.

    Google Scholar 

  32. Bernard Williams. Formal structures and social reality. In D. Gambetta, editor, Trust: Making and Breaking Cooperative Relations, pages 3–13. Basil Blackwell, 1988.

    Google Scholar 

  33. R. Yahalom, B. Klein, and Th. Beth. Trust relationships in secure systems-a distributed authentication perspective. In Proceedings of the IEEE Symposium on Security and Privacy, 1993.

    Google Scholar 

  34. R. Yahalom, B. Klein, and Th. Beth. Trust-based navigation in distributed systems. Computing Systems, 7(1):45–73, 1994.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The MITRE Corporation, 202 Burlington Road, Bedford, MA, 01730, USA

    Vipin Swarup & Javier Thayer Fábrega

Authors
  1. Vipin Swarup
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Javier Thayer Fábrega
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Object Systems Group, University of Geneva, CH-1211, Geneva 4, Switzerland

    Jan Vitek

  2. Department of Computer Science, O’Reilly Institute, Trinity College Dublin, Dublin 2, Ireland

    Christian D. Jensen

Rights and permissions

Reprints and permissions

Copyright information

© 1999 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Swarup, V., Fábrega, J.T. (1999). Trust: Benefits, Models, and Mechanisms. In: Vitek, J., Jensen, C.D. (eds) Secure Internet Programming. Lecture Notes in Computer Science, vol 1603. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48749-2_1

Download citation

  • DOI: https://doi.org/10.1007/3-540-48749-2_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-66130-6

  • Online ISBN: 978-3-540-48749-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation