Abstract
Although the notion of trust is widely used in secure information systems, very few works attempt to formally define it or reason about it. Moreover, in most works, trust is defined as a binary concept—either an entity is completely trusted or not at all. Absolute trust on an entity requires one to have complete knowledge about the entity. This is rarely the case in real-world applications. Not trusting an entity, on the other hand, prohibits all communications with the entity rendering it useless. In short, treating trust as a binary concept is not acceptable in practice. Consequently, a model is needed that incorporates the notion of different degrees of trust. We propose a model that allows us to formalize trust relationships. The trust relationship between a truster and a trustee is associated with a context and depends on the experience, knowledge, and recommendation that the truster has with respect to the trustee in the given context. We show how our model can measure trust and compare two trust relationships in a given context. Sometimes enough information is not available about a given context to evaluate trust. Towards this end we show how the relationships between different contexts can be captured using a context graph. Formalizing the relationships between contexts allows us to extrapolate values from related contexts to approximate the trust of an entity even when all the information needed to calculate the trust is not available. Finally, we show how the semantic mismatch that arises because of different sources using different context graphs can be resolved and the trust of information obtained from these different sources compared.
Similar content being viewed by others
Notes
We would like to thank Stevens and Williams (2007) for suggesting a better modification of the equation for time dependent value.
References
Abdul-Rahman, A., & Hailes, S. (2000). Supporting trust in virtual communities. In Proceedings of the 33rd Annual Hawaii International Conference on System Sciences (pp. 1769–1777). Maui, HI, USA: IEEE Computer Society, January.
Bacharach, M., & Gambetta, D. (2000). Trust as type identification. In C. Castelfranchi & Y. Tan (Eds.), Trust and Deception in Virtual Societies (pp. 1–26). Kluwer.
Beth, T., Borcherding, M., & Klein, B. (1994). Valuation of trust in open networks. In D. Gollmann (Ed.), Proceedings of the 3rd European Symposium on Research in Computer Security, volume 875 of Lecture Notes in Computer Science (pp. 3–18). Brighton, UK: Springer, November.
Burrows, M., Abadi, M., & Needham, R. M. (1990). A logic of authentication. ACM Transactions on Computer Systems, 8(1), 18–36, February.
Cohen, M. S., Parasuraman, R., Serfaty, R. S., & Andes, R. C. (1997). Trust in decision aids: A model and a training strategy. Technical Report USAATCOM TR 97-D-4. Fort Eustis, VA, USA: Cognitive Technologies Inc.
Grandison, T., & Sloman, M. (2000). A survey of trust in internet applications. IEEE Communications Surveys and Tutorials, 3(4), 2–16, Fourth Quarter.
Gruber, T. R. (1993). A translation approach to portable ontology specifications. Knowledge Acquisition, 5(2), 199–220.
Jajodia, S., Samarati, P., & Subrahmanian, V. (1997). A logical language for expressing authorizations. In Proceedings of the 1997 IEEE Symposium on Security and Privacy (pp. 31–42). Oakland, CA, USA: IEEE Computer Society, May.
Jones, A. J. I., & Firozabadi, B. S. (2000). On the characterization of a trusting agent—aspects of a formal approach. In C. Castelfranchi & Y. Tan (Eds.), Trust and Deception in Virtual Societies (pp. 163–174). Kluwer.
Jøsang, A. (1997). Artificial reasoning with subjective logic. In Proceedings of the Second Australian Workshop on Commonsense Reasoning. Perth, Australia, December.
Jøsang, A. (1998). A subjective metric of authentication. In J.-J. Quisquater, et al. (Eds.), Proceedings of the 5th European Symposium on Research in Computer Security, volume 1485 of Lecture Notes in Computer Science (pp. 329–344). Louvain-la-Neuve, Belgium: Springer, September.
Jøsang, A. (1999). An algebra for assessing trust in certification chains. In Proceedings of Network and Distributed Systems Security Symposium. San Diego, CA, USA: Internet Society, February.
Jøsang, A. (2001). A logic for uncertain probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 9(3), 279–311, June.
Jøsang, A., Gray, E., & Kinateder, M. (2006). Simplification and analysis of transitive trust networks. Web Intelligence and Agent Systems Journal, 4(2), 139–161.
Purser, S. (2001). A simple graphical tool for modelling trust. Computers and Security, 20(6), 479–484, September.
Rangan, P. V. (1988). An axiomatic basis of trust in distributed systems. In Proceedings of the 1988 IEEE Symposium on Security and Privacy (pp. 204–211). Oakland, CA, USA: IEEE Computer Society, April.
Ray, I., & Chakraborty, S. (2004). A vector model of trust for developing trustworthy systems. In P. Samarati, P. Ryan, D. Gollmann, & R. Molva (Eds.), Proceedings of the 9th European Symposium on Research in Computer Security, volume 3193 of Lecture Notes In Computer Science (pp. 260–275). Sophia Antipolis, Frech Riviera, France: Springer, September.
Ray, I., Chakraborty, S., & Ray, I. (2005). VTrust: A trust management system based on a vector model of trust. In S. Jajodia, & C. Mazumdar (Eds.), Proceedings of 1st International Conference on Information Systems Security, volume 3803 of Lecture Notes in Computer Science (pp. 91–105). Kolkata, India: Springer, December.
Stevens, M., & Williams, P. D. (2007). Use of trust vectors for cybercraft and the limits of usable data history for trust vectors. In 2007 IEEE Computational Intelligence for Security and Defense Applications. Honolulu, HI, USA, April.
Uschold, M., & Grüninger, M. (1996). Ontologies: Principles, methods, and applications. Knowledge Engineering Review, 11(2), 93–155.
Xiong, L., & Liu, L. (2003). A reputation-based trust model for peer-to-peer ecommerce communities. In Proceedings of IEEE Conference on E-Commerce (pp. 275–284). Newport Beach, CA, USA: IEEE Computer Society, June.
Yahalom, R., & Klein, B. (1994). Trust-based navigation in distributed systems. Computing Systems, 7(1), 45–73, Winter.
Yahalom, R., Klein, B., & Beth, T. (1993). Trust relationship in secure systems: A distributed authentication perspective. In Proceedings of the IEEE Symposium on Security and Privacy, (pp. 150–164). Oakland, CA, USA: IEEE Computer Society, May.
Acknowledgements
This work was partially supported by the US Air Force Research Laboratory (AFRL) and the Federal Aviation Administration (FAA) and the Air Force Office of Scientific Research (AFOSR) under contract numbers F30602-03-1-0101 and FA9550-07-1-0042. The views presented here are solely those of the authors and do not necessarily represent those of the AFRL, the AFOSR or the FAA.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Ray, I., Ray, I. & Chakraborty, S. An interoperable context sensitive model of trust. J Intell Inf Syst 32, 75–104 (2009). https://doi.org/10.1007/s10844-007-0049-9
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10844-007-0049-9