iTrust Survey

1
iTrust Survey

• Graham Klyne
• Nine by Nine
• http//www.ninebynine.net/
• 8 October 2004

2
Goals of this talk

• Reviewing iTrust activity
• exemplified by conference papers
• Looking for multidisciplinary results
• what are the contributions from non-computing
  disciplines?
• Is there any overall shape of new understanding
  coming from iTrust work?
• System implementation perspective
• what guidance is offered?

3
iTrust

• The aim of iTrust is to provide a forum for
  cross-disciplinary investigation of the
  application of trust as a means of establishing
  security and confidence in the global computing
  infrastructure, recognizing trust as a crucial
  enabler for meaningful and mutually beneficial
  interactions.
• http//www.itrust.uoc.gr/
• (my emphasis)

4
Method

• Read through all main papers in LNCS proceedings
  of first two public iTrust conferences
• 48 papers
• Not including short papers
• Summarize content of each paper
• attempt to reflect content, not evaluate
• Pick out key themes in each paper
• subjective, subject to differing views

5
Method (continued)

• Data collected using a variant of RDF (N3)
• http//www.ninebynine.org/iTrust/iTrust-survey.n3
• About Notation3
• http//www.w3.org/DesignIssues/Notation3.html
• http//www.w3.org/2000/10/swap/Primer.html
• Auto-generated summary document
• http//www.ninebynine.org/iTrust/iTrust-survey.htm
  l
• Processed using simple rules (using CWM)
• http//www.w3.org/2000/10/swap/doc/cwm.html
• Reviewed summaries looking for themes

6
Raw dataMultidisciplinary themes

• Computing - 39 papers
• Economics - 8 papers
• Legal - 4 papers
• Philosophy - 1 paper
• Logic - 1 paper
• Psychology - 4 papers
• Sociology - 8 papers
• Statistics - 6 papers

7
Raw dataOther recurring topics

• Privacy - 4 papers
• Reputation - 12 papers

8
Raw dataComputing topic

• Computing Economics - 6 papers
• Computing Legal - 2 papers
• Computing Philosophy - 1 paper
• Computing Psychology - 3 papers
• Computing Sociology - 5 papers
• Computing Statistics - 4 papers
• Computing Privacy - 4 papers
• Computing Reputation - 11 papers

9
Raw dataPaper topics not spotted

• Political science
• Informing public policy formation?
• Business/management

10
Defining trust

• 23 different definitions found
• Two economics papers used the same definition!
• Common themes
• Subjective
• Expectation or belief about anothers behaviour
• Related to specific context
• Risk of trusting behaviour
• Basis for decision with incomplete information
• Based on past evidence

11
Observations

• Very few papers without a strong computing
  element
• Many papers about computing with input from some
  other discipline(s)
• Reputation/recommendation systems lead use of
  trust in implemented systems
• A strong strand of economic theory informing
  reputation systems

12
More observations

• Conference papers are not the whole story
• Work in logic of trust is not yet connecting with
  systems using trust
• Having existing computational models makes us
  better able to employ socio-cognitive work?
• Traditional computer security view of trust as an
  atomic proposition, rather than something to be
  analyzed

13
Observations about trust

• Computing with trust necessarily (?) ignores many
  subtleties
• The 1994 PhD thesis of S. Marsh seems to be
  seminal in computation of trust
• First transaction trust is challenging
• Reduced importance of specific identity
• Recommendation/reputation systems
• consensus to separate trust in some action from
  trust in recommendation

14
Some specific observations (1)

• The social aspect of trust is only lightly
  acknowledged by computing systems
• cf. lncs2995_266_276, lncs2995_146_160
• Modelling goodwill, community vs individual
  benefit?
• Different approaches to trust with and without
  3rd party participation
• cf. lncs2692_17_32, lncs2692_46_58

15
Some specific observations (2)

• Trust may be at the cost of privacy
• cf. lncs2995_108_119, lncs2995_108_119
• Empirical data concerning human trusting
  behaviour is patchy
• cf. lncs2692_165_178, lncs2995_206_220
• Two clusters of trust definitions
• rational (expected benefit)
• social (moral duty, etc)
• cf. lncs2995_266_276

16
On the Web

• This presentation (PPT and PDF)
• http//www.ninebynine.org/iTrust/iTrustSurvey.ppt
• http//www.ninebynine.org/iTrust/iTrustSurvey.pdf
• Raw survey data (Notation3 and HTML)
• http//www.ninebynine.org/iTrust/iTrust-survey.n3
• http//www.ninebynine.org/iTrust/iTrust-survey.htm
  l
• Survey processing rules (Notation3)
• http//www.ninebynine.org/iTrust/TrustRules.n3
• Processed survey data (Notation3)
• http//www.ninebynine.org/iTrust/TrustResults.n3

17
Further activity

• Creating iTrust resource page, links for
• Papers
• Tutorials
• Presentations
• Software
• Projects
• Please send me your URLs!
• gk-itrust_at_ninebynine.org
• (or iTrust mailing list)

18
Discussion

• Are there other major themes?
• Most results directed to computing professionals?
• Is trust more than just another technique for
  achieving security?
• Economic/sociological input seems focused on
  reputation/recommender systems?
• Can/should computing with trust recognize its
  social subtleties?
• Can trust sustenance be fully decentralized?
• How do other fields influence technical designs?

19
Notes

• Simon taking metaphors from human trust to
  inform system designs is useful. Richer models
  are useful for organizations coming to terms with
  trust.
• Reno trust is different from security. Security
  is source of Trust. Trust has to cope with a
  (novel?) environment. Trust is needed when there
  are risks. Re. Subtleties the devil is in the
  detail. Difficult to reduce the complex model
  and ignore other parts.
• Moral and rational reasons even in this case
  there is a strict link between them not always
  possible to distinguish e.g. why dont the
  economic/game theory models cope effectively with
  trust problems? They deal only with rational
  elements, but humans arent entirely rational.
• Andrew J the function of rich (and?) formal
  models. Aims at conceptual analysis, to achieve
  clearer understanding of complex concepts.
  Construction should not be constrained by
  computation. Then move on from conceptual level
  to computational level, which does involve
  simplification but this way it is clear just
  what is being simplified. This is to be
  preferred to starting from a naïve informal
  description and going straight to a computable
  model. Thus, formal models are bridge from
  intuitive understanding to computation.
• Stefan w.r.t. FIPA(?) agent standards. Model
  developers and companies developing code.
  Industry is impatient and has huge inertia (!).
  They understand conceptual models are a Good
  Thing, but dont put resources into them. Lack
  of people who want to follow the process through
  specify conceptual model, understand it, and
  follow through into real engineered systems.
  There is a perception that conceptual models are
  too hard for ordinary engineers.
• Theo develop very rich models, but dont have
  time (?) to determine if theyre realizable.
  Practioners tend to treat models as
  specifications rather than guidelines.
  building systems bottom up re social/logical
  models question is not whether whether they are
  realizable, but what they give us.
• Stefan any approach is flawed, none is ideal.
  Need to try several.
• Peter H computer scientists always try to bring
  things (models) into their computers. Maybe..
  Computer scientists need to learn to put down
  their computers?
• Simon thats (putting trust inside my computer)
  is going too far

20
Third iTrust conference

• http//www-rocq.inria.fr/arles/events/iTrust2005
• Paper deadline 25 November 2004
• Tutorials, demos later
• Conference 24-26 May 2005
• Tutorials 23 May 2005
• This is the last conference of the present iTrust
  series please join in and get people excited!