Trust Models Vishwas Patil TIFR Trust Models Presentation

Trust Models Vishwas Patil, TIFR. Trust Models Presentation

Trust Models: Introduction § What is Trust ? 9 assured reliance on the character, ability, strength, or truth of someone or something. [Webster] 9 The confidence that participants in commerce have that their activities (transactions and other exchanges of information, goods, and services) will be protected and conducted as intended. § Real World v/s Internet 9 Seeing is believing - in real world 9 ? - Internet Vishwas Patil, TIFR. Trust Models Presentation 2

Trust Models: Why is it required ? § 1. 2. 3. 4. 5. While transacting over the Internet, the entities need to trust each other at various stages of the transaction. So the entities specifically : Trust that the other entity is really who it claims to be Trust the process and mechanisms by which they exchange information Trust the actual information exchanged Trust the negotiation process and final contract Trust that the other party will complete its contract and not defect Vishwas Patil, TIFR. Trust Models Presentation 3

Trust Models: Overview/Related § PGP 9 Web of Trust § X. 509 9 9 § Direct Cross-certification 2 -tier hierarchy Hub certification authority Hub authentication authority SPKI/SDSI 9 Local trust domain Vishwas Patil, TIFR. Trust Models Presentation 4

Trust Models: § How does these technologies (PKIs) help? Trust that the other entity is really who it claims to be AUTHENTICATION / AUTHORIZATION § Trust the process and mechanisms by which they exchange information ENCRYPTION § Trust the actual information exchanged DATA INTEGRITY § Trust the negotiation process and final contract DIGITAL SIGNATURE § Trust that the other party will complete its contract and not defect NON-REPUDIATION Vishwas Patil, TIFR. Trust Models Presentation 5

Trust Models: Constituents of Trust § § § Authentication Message Confidentiality Message Integrity Non-Repudiation Transparent Process Traceability and Accountability Vishwas Patil, TIFR. Trust Models Presentation 6

Trust Models: Enhancing Trust § Social Factors Invoke and establish trust § Organizational and Procedural Factors Enable trust § Technology Enable and enforce trust § Legal Systems Enforce trust Vishwas Patil, TIFR. Trust Models Presentation 7

Trust Models: Design § By Imitating real world practices in the digital world Organizational Reputation Model 9 Trusted Communities • • • Localize trust Allow continuous changes in the trust relationships amongst the users of a local domain Allow the administrators of local domains to establish / abolish the relations with other domains as and when required Support mechanism to express intentional transitivity of trust These characteristics can be achieved under SPKI/SDSI framework. 9 Certification for trust • Involves reputation, so responsibility / accountability. 9 Legal Enforcement 9 Trust in Unenforced Environment • Mechanism like Secret-Sharing will help. Vishwas Patil, TIFR. Trust Models Presentation 8

Trust Models: Discussion § § Policy. Maker Key. Note PGP, X. 509 SPKI/SDSI Vishwas Patil, TIFR. Trust Models Presentation 9