Trust basics

Let’s begin with the security state of the art! Today I comment one of the most famous theses about Trust: “Formalising Trust as a Computational Concept”. Written by Stephen Paul Marsh in 1994 this thesis provides a step in the direction of a proper understanding and definition of human trust.

Marsh presents formalism for trust which provides us with a tool for a formal discussion about trust. The formalism is implementable and it can be embedded in an artificial agent enabling it to make trust-based decisions.

Marsh presents trust form psychological, philosophical, sociological and economical points of view, as well as the relevant concepts from Game Theory and Multi-Agent Systems to establish the formalism.

This work is the first trust state of the art, and perhaps the huge value of this thesis came from the different visions that Marsh presents. Marsh reviews the research efforts carried out by Morton Deutsch, Niklas Luhmann, Bernard Barber and Diego Gambetta. These points of view are very important toward a better understanding of trust models.

After the state of the art Marsh presents a basic formalism in which some concepts are presented:

• Situations, trust depends on the specific situation between two agents.
• Agents, computational representation of a human.
• Societies of agents, a number of agents (greater than 1) which is grouped together according to some metric.
• Knowledge, whether one agent knows another.
• Importance, the importance of a specific situation for an agent
• Utility, the amount of utility that an agent gains from an specific situation
• Basic Trust, representation of the general trusting disposition. The higher it is, the more trusting is the agent.
• General Trust, represents general trust in another agent.
• Situational Trust, different situations will require different considerations with regard to trust, so this Trust level is dependent to a specific situation.

These concepts and variables that Marsh identified are the basics for today’s trust management. I think that is a very recommendable thesis to read if you are interested in Trust, so if you want to work on Trust Models you must read it.

Thanks for reading!

Hello world

Today is the first day of Trust & Security blog!

I work as a Security researcher and security is also one of my hobbies so I would like to post here conclusions and opinions about papers and technical articles that usually read.

The purpose of this blog is to disseminate about Digital Security and Trust Management, creating step by step a Trust and Security state of the art (SOTA) about this topics, especially about Trust Management.

Perhaps there are another blogs about these topics, but I think that Trust and Security blog is complementary to others. The huge majority of Security blogs offer technological news about security and Trust and Security blog aims to disseminate the state of the art about security, instead of informing people about the latest technical news. Another point that Trust and Security is expected to achieve is the focus, while other blogs speak much more about specific vulnerabilities Trust and Security will address security from a generic point of view, speaking about more abstract topics than others.

I wish Trust and Security to be useful to the community.

Thanks for reading!