Advertisement

Introduction: Motivations for a New Trust Model

  • Michael G. Harvey
Chapter
Part of the SpringerBriefs in Electrical and Computer Engineering book series (BRIEFSELECTRIC)

Abstract

The key technical and security requirements of the mobile Internet are summarized to identify threats that have to be addressed by a cybersecurity protection strategy. The limitations of current protection strategies using cognitive-computational approaches to trust based on identity are discussed. Socio-cognitive trust models provide the most promising approach to trust without identity and modeling human social interaction in an open and dynamic environment such as the mobile Internet. A virtue-based trust model is proposed as an example of such trust models, which emphasize a more dynamic conception of trust that is not reducible to the belief state of one entity regarding the intentions or future actions of another entity. Network entities establish trust on their own independently of centralized authentication and authorization services, and proper trust is defined as the mean between being too trusting of other entities and not trusting enough of them.

References

  1. 1.
    Misztal BA (1996) Trust in modern societies: the search for the bases of social order. Blackwell, Cambridge, pp 1–8Google Scholar
  2. 2.
    Ross R et al (2013) Security and privacy controls for federal information systems and organizations. Joint Task Force Transformation Initiative Interagency Working Group, NIST, Special Publication 800-53, rev 4. doi: 10.6028/NIST.SP.800-53r4
  3. 3.
    Souppaya M, Scarfone K (2013) Guidelines for managing the security of mobile devices in the enterprise. NIST, Special Publication 800-124, rev 1. http://www.nist.gov/customcf/get_pdf.cfm?pub_id=913427. Accessed 15 Jul 2014
  4. 4.
    NIST (2014) Framework for improving critical infrastructure cybersecurity. NIST, ver 1, pp 3–5. http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf. Accessed 15 Jul 2014
  5. 5.
    TalebiFard P et al (2010) Access and service convergence over the mobile internet–a survey. Comput Netw 54(4):545–557. doi: 10.1016/j.comnet.2009.08.017 CrossRefzbMATHGoogle Scholar
  6. 6.
    Li T, Hu A (2013) Trust relationships in secured mobile systems. In: 2013 IEEE wireless communications and networking conference (WCNC 2013), Shanghai, China, 7–10 Apr 2013, pp 1882–1887Google Scholar
  7. 7.
    Zheng Y et al (2005) Trusted computing-based security architecture for 4G mobile networks. In: 6th international conference on parallel and distributed computing, applications and technologies (PDCAT 2005), Dalian, China, 5–8 Dec 2005, pp 251–255Google Scholar
  8. 8.
    Cheng J et al (2007) SmartSiren: virus detection and alert for smartphones. In: 5th international conference on mobile systems, applications and services (MobiSys ’07), San Juan, PR, 11–14 Jun 2007, pp 258–271Google Scholar
  9. 9.
    Sailer R et al (2004) Design and implementation of a TCG-based integrity measurement architecture. In: 13th conference on USENIX security symposium, San Diego, CA, 9–13 Aug 2004, pp 223–238Google Scholar
  10. 10.
    Curran CD (2006) Combatting spam, spyware, and other desktop intrusions: legal considerations in operating trusted intermediary technologies. IEEE Secur Priv 4(3):45–51. doi: 10.1109/MSP.2006.60 CrossRefGoogle Scholar
  11. 11.
    Galinović A (2010) Automated trust negotiation models. In: 33rd international convention on information and communication technology, electronics and microelectronics (MIPRO 2010), Opatija, Croatia, 24–28 May 2010, pp 1197–1202Google Scholar
  12. 12.
    Villata S et al (2013) A socio-cognitive model of trust using argumentation theory. Int J Approximate Reasoning 54(4):551–556. doi: 10.1016/j.ijar.2012.09.001 CrossRefMathSciNetGoogle Scholar
  13. 13.
    Castelfranchi C, Falcone R (2005) Socio-cognitive theory of trust. In: Pitt J (ed) Open agent societies: normative specifications in multi-agent systems. Wiley, New York, pp 58–89Google Scholar
  14. 14.
    Hill CA, O’Hara EA (2006) A cognitive theory of trust. Wash Univ Law Rev 84(7):1717–1796. doi: 10.2139/ssrn.869423 Google Scholar
  15. 15.
    Rangan PV (1992) An axiomatic theory of trust in secure communication protocols. Comput Secur 11(2):163–172. doi: 10.1016/0167-4048(92)90043-Q CrossRefGoogle Scholar

Copyright information

© The Author(s) 2014

Authors and Affiliations

  1. 1.Johns Hopkins UniversityPittsburghUSA

Personalised recommendations