April 2009 Theme:
Trust Management
Guest Editor's Introduction by Sotirios Terzis

In recent years, trust in computing has been receiving increased attention. With the emphasis on loosely coupled and decentralized systems and the advent of service orientation, trust management has moved beyond the domains of security, multiagent systems, and e-commerce to become a key concern across all aspects of computing. However, there’s currently little agreement on what trust really means and what the best way of managing it is. In fact, as Steffen Staab pointed out in his aptly named editorial “The Pudding of Trust,” (login required for full text) we have ended up with a pudding of things rather than a solid definition. As time passes, this pudding has become richer in taste and ingredients.

Work on trust management is often divided into security-oriented and non-security-oriented. The former tends to adopt a more restricted view of trust where trustworthiness is equated to the degree to which an entity or object is considered secure. The latter adopts a wider view of trust more akin to the multifaceted view of trust explored in social sciences. In the context of service orientation, this socially oriented concept of trust is extended to include a view of trust as a mechanism for achieving, maintaining, and reasoning about the quality of service and interactions.

However, a closer examination of the concept of trust as used within these different areas reveals that the fundamental difference is in the form that trustworthiness as a property takes. The traditional view is that trustworthiness is an absolute property that an entity either has or doesn’t have. This view of trust was articulated in the context of computing systems in general by the US Department of Defense in the early ’80s and in the context of software by David Parnas and his colleagues in the early ’90s. It has been the basis of much security-oriented work on trust management and is exemplified by the work on credential-based trust management by Matt Blaze and his colleagues.

In credential-based trust, principals’ trustworthiness is determined on the basis of the credentials they possess, and trust management is about specifying and interpreting security policies, credentials, and relationships. In the same area is trust negotiation where, motivated by privacy concerns, principals iteratively disclose certified digital credentials that verify their properties to establish mutual trust. Beyond credential-based trust, security-oriented trust management also includes distributed trust, where replication and threshold cryptography are used to reduce the vulnerability of an ensemble of a service’s replicas, making it more trustworthy. This view of trust has also been the basis of trusted computing, a collection of technologies that, when combined, help establish a more secure operating environment on various hardware platforms. In the context of software engineering, this view of trust has been extended beyond security to include other software qualities, and has been the basis of the work on trusted components and services. In this context, component and service trustworthiness is determined on the basis of provided qualities guaranteed through formal verification (Bertrand Meyer’s “high road” (login required for full text) towards trusted components).

In contrast, the modern view of trust is that trustworthiness is a measurable property that different entities have in various degrees. Trust management is about managing the risks of interactions between entities. Trust is determined on the basis of evidence (personal experiences, observations, recommendations, and overall reputation) and is situational—that is, an entity’s trustworthiness differs depending on the context of the interaction.

This view of trust has been the basis of most work in trust management in multiagent systems. In these systems, trust is used as a measure of agents’ competence and benevolence, often abstracting away from the complex factors that can drive agent behavior. The notion of agent benevolence includes both concerns about malicious behavior, typical in security-oriented work, and about selfish behavior that can be counterproductive for the system. Selfish behavior is also a concern in the context of peer-to-peer systems, where free riding can be a serious problem and trust and reputation schemes have been used to alleviate it.

This view of trust is also similar to the human notion of trust. As a result, it has been the basis of work on computer-mediated trust between users and work on building human trust in computer systems. Both of these aspects are essential in the context of e-commerce systems. When the focus is on human-human interaction, simple models of trust that abstract away from the complex factors that determine human trustworthiness are usually preferable. On the other hand, in the case of human-computer interaction, sophisticated models of trust that try to capture all aspects that affect human trust are often preferable. In the context of service orientation, as services become more sophisticated with autonomic capabilities, sophisticated models of trust and reputation have become the focus of research.

This month on Computing Now, a collection of articles aims to provide a taste of the current pudding of trust. “Dynamic Trust Management” (login required for full text) by Matt Blaze and his colleagues extends previous work on credential-based trust in the context of service-oriented architectures by introducing dynamism with respect to service availability and situation awareness. “Reputation Bootstrapping for Trust Establishment among Web Services” (login required for full text) by Zaki Malik and Athman Bouguettaya focuses on evidence-based trust in the context of service-oriented architectures. It contrasts a number of techniques for bootstrapping the reputation of newcomer services. “How Do We Build Trust into E-Commerce Web Sites?” (login required for full text) by Ejike Ofuonye and his colleagues identifies the principal factors affecting user trust in e-commerce Web sites with the aim of providing developers with some guidance on the issues they should focus on. “A Multiagent System for Coordination Ambulances for Emergency Medical Services” (login required for full text) by Beatriz Lopez, Bianca Innocenti, and Didac Busquets describes a system that uses evidence-based trust as a measure of the competence of emergency transportation agents to accurately estimate the time needed to reach an emergency. Finally, Keith W. Miller and Jeffrey Voas’s article “The Metaphysics of Software Trust” (login required for full text) advocates for a more transparent approach in software licensing to encourage software trust motivated by an analysis of the implications of the nonphysical nature of software and the trust relationships between the stakeholders of software artifacts.

Related Resources

Access these related articles in the IEEE Computer Society Digital Library (login may be required for full text):


Guest Editor

Sotirios Terzis is a lecturer at the Department of Computer and Information Sciences, University of Strathclyde. You can contact him at Sotirios dot Terzis at cis dot strath dot ac dot uk.