A formal notion of trust – enabling reasoning about security properties

Andreas Fuchs; Sigrid Gürgens; Carsten Rudolph

A formal notion of trust – enabling reasoning about security properties

Andreas Fuchs, Sigrid Gürgens, Carsten Rudolph

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

Abstract

Historically, various different notions of trust can be found, each addressing particular aspects of ICT systems, e.g. trust in electronic commerce systems based on reputation and recommendation, or trust in public key infrastructures. While these notions support the understanding of trust establishment and degrees of trustworthiness in their respective application domains, they are insufficient for the more general notion of trust needed when reasoning about security in ICT systems. In this paper we present a formal definition of trust to be able to exactly express trust requirements from the view of different entities involved in the system and to support formal reasoning such that security requirements, security and trust mechanisms and underlying trust assumptions can be formally linked and made explicit. Integrated in our Security Modeling Framework this formal definition of trust can support security engineering processes and formal validation and verification by enabling reasoning about security properties w.r.t. trust.

Original language	English
Title of host publication	Trust Management IV - 4th IFIP WG 11.11 International Conference, IFIPTM 2010, Proceedings
Publisher	Springer
Pages	200-215
Number of pages	16
Volume	321
ISBN (Print)	9783642134456
Publication status	Published - 2010
Externally published	Yes
Event	4th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2010 - Morioka, Japan Duration: 16 Jun 2010 → 18 Jun 2010

Publication series

Name	IFIP Advances in Information and Communication Technology
Volume	321
ISSN (Print)	18684238

Conference

Conference	4th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2010
Country	Japan
City	Morioka
Period	16/06/10 → 18/06/10

Access to Document

Link to publication in Scopus

Cite this

@inproceedings{2a12b5f123d24c738a984da874a652b3,

title = "A formal notion of trust – enabling reasoning about security properties",

abstract = "Historically, various different notions of trust can be found, each addressing particular aspects of ICT systems, e.g. trust in electronic commerce systems based on reputation and recommendation, or trust in public key infrastructures. While these notions support the understanding of trust establishment and degrees of trustworthiness in their respective application domains, they are insufficient for the more general notion of trust needed when reasoning about security in ICT systems. In this paper we present a formal definition of trust to be able to exactly express trust requirements from the view of different entities involved in the system and to support formal reasoning such that security requirements, security and trust mechanisms and underlying trust assumptions can be formally linked and made explicit. Integrated in our Security Modeling Framework this formal definition of trust can support security engineering processes and formal validation and verification by enabling reasoning about security properties w.r.t. trust.",

author = "Andreas Fuchs and Sigrid G{\"u}rgens and Carsten Rudolph",

year = "2010",

language = "English",

isbn = "9783642134456",

volume = "321",

series = "IFIP Advances in Information and Communication Technology",

publisher = "Springer",

pages = "200--215",

booktitle = "Trust Management IV - 4th IFIP WG 11.11 International Conference, IFIPTM 2010, Proceedings",

note = "4th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2010 ; Conference date: 16-06-2010 Through 18-06-2010",

}

Fuchs, A, Gürgens, S & Rudolph, C 2010, A formal notion of trust – enabling reasoning about security properties. in Trust Management IV - 4th IFIP WG 11.11 International Conference, IFIPTM 2010, Proceedings. vol. 321, IFIP Advances in Information and Communication Technology, vol. 321, Springer, pp. 200-215, 4th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2010, Morioka, Japan, 16/06/10.

A formal notion of trust – enabling reasoning about security properties. / Fuchs, Andreas; Gürgens, Sigrid; Rudolph, Carsten.

Trust Management IV - 4th IFIP WG 11.11 International Conference, IFIPTM 2010, Proceedings. Vol. 321 Springer, 2010. p. 200-215 (IFIP Advances in Information and Communication Technology; Vol. 321).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - A formal notion of trust – enabling reasoning about security properties

AU - Fuchs, Andreas

AU - Gürgens, Sigrid

AU - Rudolph, Carsten

PY - 2010

Y1 - 2010

N2 - Historically, various different notions of trust can be found, each addressing particular aspects of ICT systems, e.g. trust in electronic commerce systems based on reputation and recommendation, or trust in public key infrastructures. While these notions support the understanding of trust establishment and degrees of trustworthiness in their respective application domains, they are insufficient for the more general notion of trust needed when reasoning about security in ICT systems. In this paper we present a formal definition of trust to be able to exactly express trust requirements from the view of different entities involved in the system and to support formal reasoning such that security requirements, security and trust mechanisms and underlying trust assumptions can be formally linked and made explicit. Integrated in our Security Modeling Framework this formal definition of trust can support security engineering processes and formal validation and verification by enabling reasoning about security properties w.r.t. trust.

AB - Historically, various different notions of trust can be found, each addressing particular aspects of ICT systems, e.g. trust in electronic commerce systems based on reputation and recommendation, or trust in public key infrastructures. While these notions support the understanding of trust establishment and degrees of trustworthiness in their respective application domains, they are insufficient for the more general notion of trust needed when reasoning about security in ICT systems. In this paper we present a formal definition of trust to be able to exactly express trust requirements from the view of different entities involved in the system and to support formal reasoning such that security requirements, security and trust mechanisms and underlying trust assumptions can be formally linked and made explicit. Integrated in our Security Modeling Framework this formal definition of trust can support security engineering processes and formal validation and verification by enabling reasoning about security properties w.r.t. trust.

UR - http://www.scopus.com/inward/record.url?scp=84883347644&partnerID=8YFLogxK

M3 - Conference Paper

AN - SCOPUS:84883347644

SN - 9783642134456

VL - 321

T3 - IFIP Advances in Information and Communication Technology

SP - 200

EP - 215

BT - Trust Management IV - 4th IFIP WG 11.11 International Conference, IFIPTM 2010, Proceedings

PB - Springer

T2 - 4th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2010

Y2 - 16 June 2010 through 18 June 2010

ER -