Abstract
Trust provides many practical benefits in open distributed systems. It enables cooperation between pairs of entities, provides a safe and inexpensive basis for lowering access barriers to secured resources, and facilitates complex transactions among multiple entities. In this paper, we describe a wide range of notions and aspects of trust in open systems, with particular focus on trust between autonomous entities. We argue for computational models and mechanisms that enable trust between entities to be produced, manipulated and degraded and we summarize the state-of-the-art from this perspective.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
M. Abadi, M. Burrows, B. Lampson, and G. Plotkin. A calculus for access control in distributed systems. A CM Transactions on Programming Languages and Systems, 15(4):706–734, October 1993.
S. Berkovits, J. D. Guttman, and V. Swarup. Authentication for mobile agents. Lecture Notes in Computer Science 1419, Special issue on Mobile Agents and Security, 1998.
T. Beth, M. Borcherding, and B. Klein. Valuation of trust in open networks. In D. Gollman, editor, Proceedings of the European Symposium on Research in Computer Security (ESORICS), LNCS 875, pages 3–18. Springer Verlag, 1994.
A. Birrell, B. Lampson, R. Needham, and M. Shroeder. A global authentication service without global trust. In Proceedings of the IEEE Symposium on Security and Privacy, pages 223–230, 1986.
M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proceedings of the IEEE Symposium on Security and Privacy, pages 164–173, 1996.
B. Borcherding and M. Borcherding. Covered trust values in distributed systems. In Proceedings of the Working Conference on Multimedia and Communication Security, pages 24–31. Chapman & Hall, 1995.
Michael Burrows, Martin Abadi, and Roger Needham. A logic of authentication. Proceedings of the Royal Society, Series A, 426(1871):233–271, December 1989. Also appeared as SRC Research Report 39 and, in a shortened form, in ACM Transactions on Computer Systems 8, 1 (February 1990), 18–36.
G. Edjlali, A. Acharya, and V. Chaudhary. History-based access control for mobile code. In Proceedings of the ACM Conference on Computer and Communications Security, 1998.
C. M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. M. Thomas, and T. Ylonen. Simple public key certificate. Internet Draft (Work in Progress), November 1998.
C. M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. M. Thomas, and T. Ylonen. SPKI certificate theory. Internet Draft (Work in Progress), November 1998.
D. Farmer and W. Venema. SATAN Overview, 1995. http://www.fish.com/.
W. M. Farmer, J. D. Guttman, and V. Swarup. Security for mobile agents: Authentication and state appraisal. In Proceedings of the European Symposium on Research in Computer Security (ESORICS), LNCS 1146, pages 118–130, 1996.
F. Fukuyama. Trust: The Social Virtues and the Creation of Prosperity. Free Press, June 1996.
S. Garfinkel. PGP: Pretty Good Privacy. O’Reilly and Associates, 1994.
E. Gerck. Towards a real-world model of trust: reliance on received information. MCG, 1998. http://www.mcg.org.br/trustdef.htm.
J. D. Guttman. Filtering postures: Local enforcement for global policies. In Proceedings of the IEEE Symposium on Security and Privacy, 1997.
A. Josang. A model for trust in security systems. In Proceedings of the Second Nordic Workshop on Secure Computer Systems, 1997.
R. M. Kramer and T. R. Tyler, editors. Trust in Organizations: Frontiers of Theory and Research. Sage Publications, February 1996.
B. Lampson, M. Abadi, M. Burrows, and E. Wobber. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10(4):265–310, November 1992.
R. Levien and A. Aiken. Attack-resistant trust metrics for public key certification. In Proceedings of the 7th USENIX Security Symposium, 1998.
S.P. Marsh. Formalising Trust as a Computational Concept. PhD thesis, Department of Computer Science and Mathematics, University of Sterling, April 1994.
U. Maurer. Modeling a public-key infrastructure. In Proceedings of the European Symposium on Research in Computer Security (ESORICS), LNCS 1146, pages 118–130. Springer Verlag, 1996.
D.H. McKnight and N.L. Chervany. The meanings of trust. Working paper, Carlson School of Management, University of Minnesota, 1996. http://www.misrc.umn.edu/wpaper/wp96-04.htm.
B. A. Misztal. Trust in Modern Societies: The Search for the Bases of Social Order. Polity Press, December 1995.
P. Venkat Rangan. An axiomatic basis of trust in distributed systems. In Proceedings of the IEEE Symposium on Security and Privacy, pages 204–210, 1988.
J.M. Reagle. Trust in a cryptographic economy and digital security deposits: Protocols and policies. Master’s thesis, Technology and Policy Program, Massachusetts Institute of Technology, May 1996.
J.M. Reagle. Trust in electronic markets: The convergence of cryptographers and economists. First Monday, 1(2), August 1996. http://www.firstmonday.dk/issues/issue2/markets/index.html.
M. K. Reiter and S. G. Stubblebine. Path independence for authentication in large-scale systems. In Proceedings of the 4th ACM Conference on Computer and Communications Security, pages 57–66, 1997.
M. K. Reiter and S. G. Stubblebine. Toward acceptable metrics of authentication. In Proceedings of the IEEE Symposium on Security and Privacy, pages 3–18, 1997.
T. Sander and C. Tschudin. Towards mobile cryptography. In Proceedings of the IEEE Symposium on Security and Privacy, 1998.
A. Tarah and C. Huitema. Associating metrics to certification paths. In Proceedings of the European Symposium on Research in Computer Security (ESORICS), LNCS 648, pages 175–189. Springer Verlag, 1992.
Bernard Williams. Formal structures and social reality. In D. Gambetta, editor, Trust: Making and Breaking Cooperative Relations, pages 3–13. Basil Blackwell, 1988.
R. Yahalom, B. Klein, and Th. Beth. Trust relationships in secure systems-a distributed authentication perspective. In Proceedings of the IEEE Symposium on Security and Privacy, 1993.
R. Yahalom, B. Klein, and Th. Beth. Trust-based navigation in distributed systems. Computing Systems, 7(1):45–73, 1994.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Swarup, V., Fábrega, J.T. (1999). Trust: Benefits, Models, and Mechanisms. In: Vitek, J., Jensen, C.D. (eds) Secure Internet Programming. Lecture Notes in Computer Science, vol 1603. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48749-2_1
Download citation
DOI: https://doi.org/10.1007/3-540-48749-2_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66130-6
Online ISBN: 978-3-540-48749-4
eBook Packages: Springer Book Archive