A formal notion of trust – enabling reasoning about security properties

Andreas Fuchs, Sigrid Gürgens, Carsten Rudolph

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

12 Citations (Scopus)

Abstract

Historically, various different notions of trust can be found, each addressing particular aspects of ICT systems, e.g. trust in electronic commerce systems based on reputation and recommendation, or trust in public key infrastructures. While these notions support the understanding of trust establishment and degrees of trustworthiness in their respective application domains, they are insufficient for the more general notion of trust needed when reasoning about security in ICT systems. In this paper we present a formal definition of trust to be able to exactly express trust requirements from the view of different entities involved in the system and to support formal reasoning such that security requirements, security and trust mechanisms and underlying trust assumptions can be formally linked and made explicit. Integrated in our Security Modeling Framework this formal definition of trust can support security engineering processes and formal validation and verification by enabling reasoning about security properties w.r.t. trust.

Original languageEnglish
Title of host publicationTrust Management IV - 4th IFIP WG 11.11 International Conference, IFIPTM 2010, Proceedings
PublisherSpringer
Pages200-215
Number of pages16
Volume321
ISBN (Print)9783642134456
Publication statusPublished - 2010
Externally publishedYes
Event4th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2010 - Morioka, Japan
Duration: 16 Jun 201018 Jun 2010

Publication series

NameIFIP Advances in Information and Communication Technology
Volume321
ISSN (Print)18684238

Conference

Conference4th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2010
CountryJapan
CityMorioka
Period16/06/1018/06/10

Cite this