itrust survey graham klyne nine by nine 8 october 2004

iTrust Survey

Graham KlyneNine by Nine

http://www.ninebynine.net/8 October 2004

8 October 2004 iTrust survey 2

Goals of this talk

• Reviewing iTrust activity– exemplified by conference papers

• Looking for multidisciplinary results– what are the contributions from

non-computing disciplines?

• Is there any overall “shape” of new understanding coming from iTrust work?

• System implementation perspective– what guidance is offered?


iTrust

• “The aim of iTrust is to provide a forum for cross-disciplinary investigation of the application of trust as a means of establishing security and confidence in the global computing infrastructure, recognizing trust as a crucial enabler for meaningful and mutually beneficial interactions.”– http://www.itrust.uoc.gr/– (my emphasis)


Method

• Read through all main papers in LNCS proceedings of first two public iTrust conferences– 48 papers– Not including short papers

• Summarize content of each paper– attempt to reflect content, not evaluate

• Pick out key themes in each paper– subjective, subject to differing views


Method (continued)

• Data collected using a variant of RDF (N3)– http://www.ninebynine.org/iTrust/iTrust-survey.n3About Notation3:– http://www.w3.org/DesignIssues/Notation3.html– http://www.w3.org/2000/10/swap/Primer.html

• Auto-generated summary document– http://www.ninebynine.org/iTrust/iTrust-survey.html

• Processed using simple rules (using CWM)– http://www.w3.org/2000/10/swap/doc/cwm.html

• Reviewed summaries looking for themes


Raw data:Multidisciplinary themes

• Computing - 39 papers• Economics - 8 papers• Legal - 4 papers• Philosophy - 1 paper• Logic - 1 paper• Psychology - 4 papers• Sociology - 8 papers• Statistics - 6 papers


Raw data:Other recurring topics

• Privacy - 4 papers• Reputation - 12 papers


Raw data:Computing + topic

• Computing + Economics - 6 papers• Computing + Legal - 2 papers• Computing + Philosophy - 1 paper• Computing + Psychology - 3 papers• Computing + Sociology - 5 papers• Computing + Statistics - 4 papers• Computing + Privacy - 4 papers• Computing + Reputation - 11 papers


Raw data:Paper topics not spotted

• Political science– Informing public policy formation?

• Business/management


Defining trust

• 23 different definitions found– Two economics papers used the same definition!

• Common themes:– Subjective – Expectation or belief about another’s behaviour– Related to specific context– Risk of trusting behaviour– Basis for decision with incomplete information– Based on past evidence


Observations

• Very few papers without a strong computing element

• Many papers about computing with input from some other discipline(s)

• Reputation/recommendation systems lead use of trust in implemented systems

• A strong strand of economic theory informing reputation systems


More observations

• Conference papers are not the whole story

• Work in logic of trust is not yet connecting with systems using trust

• Having existing computational models makes us better able to employ socio-cognitive work?

• Traditional computer security view of trust as an atomic proposition, rather than something to be analyzed


Observations about trust

• Computing with trust necessarily (?) ignores many subtleties

• The 1994 PhD thesis of S. Marsh seems to be seminal in computation of trust

• “First transaction” trust is challenging• Reduced importance of specific identity• Recommendation/reputation systems

– consensus to separate trust in some action from trust in recommendation


Some specific observations (1)

• The social aspect of trust is only lightly acknowledged by computing systems– cf. lncs2995_266_276, lncs2995_146_160– Modelling goodwill, community vs individual

benefit?

• Different approaches to trust with and without 3rd party participation– cf. lncs2692_17_32, lncs2692_46_58


Some specific observations (2)

• Trust may be at the cost of privacy– cf. lncs2995_108_119, lncs2995_108_119

• Empirical data concerning human trusting behaviour is patchy– cf. lncs2692_165_178, lncs2995_206_220

• Two clusters of trust definitions– rational (expected benefit)– social (moral duty, etc)– cf. lncs2995_266_276


On the Web

• This presentation (PPT and PDF)– http://www.ninebynine.org/iTrust/iTrustSurvey.ppt– http://www.ninebynine.org/iTrust/iTrustSurvey.pdf

• Raw survey data (Notation3 and HTML)– http://www.ninebynine.org/iTrust/iTrust-survey.n3– http://www.ninebynine.org/iTrust/iTrust-survey.html

• Survey processing rules (Notation3)– http://www.ninebynine.org/iTrust/TrustRules.n3

• Processed survey data (Notation3)– http://www.ninebynine.org/iTrust/TrustResults.n3


Further activity

• Creating iTrust resource page, links for:– Papers– Tutorials– Presentations– Software– Projects

• Please send me your URLs!– [email protected]– (or: iTrust mailing list)


Discussion

• Are there other major themes?• Most results directed to computing

professionals?• Is trust more than just another technique for

achieving security?• Economic/sociological input seems focused on

reputation/recommender systems?• Can/should computing with trust recognize its

social subtleties?• Can trust sustenance be fully decentralized?• How do other fields influence technical designs?


Notes

• Simon: taking metaphors from human trust to inform system designs is useful. Richer models are useful for organizations coming to terms with trust.

• Reno: trust is different from security. Security is source of Trust. Trust has to cope with a (novel?) environment. Trust is needed when there are risks. Re. Subtleties “the devil is in the detail”. Difficult to reduce the complex model and ignore other parts.

• Moral and rational reasons: even in this case there is a strict link between them; not always possible to distinguish; e.g. why don’t the economic/game theory models cope effectively with trust problems? They deal only with rational elements, but humans aren’t entirely rational.

• Andrew J: the function of rich (and?) formal models. Aims at conceptual analysis, to achieve clearer understanding of complex concepts. Construction should not be constrained by computation. Then move on from conceptual level to computational level, which does involve simplification … but this way it is clear just what is being simplified. This is to be preferred to starting from a naïve informal description and going straight to a computable model. Thus, formal models are bridge from intuitive understanding to computation.– Stefan: w.r.t. FIPA(?) agent standards. Model developers and companies developing code. Industry is impatient and has

huge inertia (!). They understand conceptual models are a Good Thing, but don’t put resources into them. Lack of people who want to follow the process through: specify conceptual model, understand it, and follow through into real engineered systems. There is a perception that conceptual models are too hard for ordinary engineers.

– Theo: … develop very rich models, but don’t have time (?) to determine if they’re realizable. Practioners tend to treat models as specifications rather than guidelines. … building systems bottom up … re social/logical models: question is not whether whether they are realizable, but what they give us.

– Stefan: any approach is flawed, none is ideal. Need to try several.– Peter H: computer scientists always try to bring things (models) into their computers. [Maybe.. Computer scientists

need to learn to put down their computers?]• Simon… that’s (putting trust inside my computer) is going too far


Third iTrust conference

• http://www-rocq.inria.fr/arles/events/iTrust2005

• Paper deadline: 25 November 2004– Tutorials, demos later

• Conference: 24-26 May 2005– Tutorials 23 May 2005

• This is the last conference of the present iTrust series… please join in and get people excited!

itrust survey graham klyne nine by nine 8 october 2004

Documents