The Price of Belief: Insuring Credible Trust?

  • Paul Wernick
  • Bruce ChristiansonEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10368)


Today, the majority of distributed system users are not systems programmers, nor do they aspire to be. The problem with existing access control mechanisms is not that they don’t work, it is that users despise them and will not interact with them in the way the security model requires. We argue that this is not primarily a user-education issue; instead the user interface needs to be re-factored in a way that will involve a radical change to the way security is modelled.


  1. 1.
    Adams, A., Sasse, M.A.: Users are not the enemy. Commun. ACM 42(12), 41–46 (1999). doi: 10.1145/322796.322806 CrossRefGoogle Scholar
  2. 2.
    Bella, G., Viganò, L.: Security is beautiful. In: Christianson, B., Švenda, P., Matyáš, V., Malcolm, J., Stajano, F., Anderson, J. (eds.) Security Protocols 2015. LNCS, vol. 9379, pp. 247–250. Springer, Cham (2015). doi: 10.1007/978-3-319-26096-9_25 CrossRefGoogle Scholar
  3. 3.
    Chuang, S., Wernick, P.: A credibility-based model of computer system security. In: Proceedings of New Security Paradigms 1996, Lake Arrowhead CA, 17–19 September 1996, pp. 53–58. ACM Press (1996)Google Scholar
  4. 4.
    Clarke, S., Christianson, B., Xiao, H.: Trust*: using local guarantees to extend the reach of trust. In: Christianson, B., Malcolm, J.A., Matyáš, V., Roe, M. (eds.) Security Protocols 2009. LNCS, vol. 7028, pp. 171–178. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36213-2_21 CrossRefGoogle Scholar
  5. 5.
    Maw, H.A., Xiao, H., Christianson, B., Malcolm, J.: An evaluation of break-the-glass access control model for medical data in wireless sensor networks. In: Proceedings of IEEE 16th International Conference on e-Health Networking, Applications and Services (Healthcom), 15–18 October 2014, Natal, United Kingdom, pp. 130–135. IEEE (2015). doi: 10.1109/HealthCom.2014.7001829
  6. 6.
    Osborne, H., Hartley, E.: Contactless payments mean card fraud now happens after cancellation. Guardian Money (2015). Accessed 22 Jan 2016
  7. 7.
    Wheeler, D.: Transactions using bets. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 89–92. Springer, Heidelberg (1997). doi: 10.1007/3-540-62494-5_7 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.University of HertfordshireHatfieldEngland

Personalised recommendations