Specifying and Analysing Trust for Internet Applications

The Internet is now being used for commercial, social and educational interactions, which previously relied on direct face-to-face contact in order to establish trust relationships. Thus, there is a need to be able to establish and evaluate trust relationships relying only on electronic interactions over the Internet. A trust framework for Internet applications should incorporate concepts such as experience, reputation and trusting propensity in order to specify and evaluate trust. SULTAN (Simple Universal Logic-oriented Trust Analysis Notation) is an abstract, logic-oriented notation designed to facilitate the specification and analysis of trust relationships. SULTAN seeks to address all the above issues, although this paper focuses on our initial work on trust specification and analysis.

[1]  Morris Sloman,et al.  A survey of trust in internet applications , 2000, IEEE Communications Surveys & Tutorials.

[2]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[3]  Audun Jøsang,et al.  The right type of trust for distributed systems , 1996, NSPW '96.

[4]  Fulvio Babich,et al.  Formal methods for specification and analysis of communication protocols , 2002, IEEE Communications Surveys & Tutorials.

[5]  R. Chen,et al.  Poblano A Distributed Trust Model for Peer-to-Peer Networks , 2001 .

[6]  Joan Feigenbaum,et al.  REFEREE: Trust Management for Web Applications , 1997, Comput. Networks.

[7]  N. Mamode,et al.  Trust and mistrust , 1994 .

[8]  P. Venkat Rangan,et al.  An axiomatic basis of trust in distributed systems , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[9]  A. Jøsang,et al.  Trust Management for E-Commerce , 2000 .

[10]  Babak Sadighi Firozabadi,et al.  On the characterisation of a trusting agent - aspects of a formal approach , 2001 .

[11]  Vipin Swarup,et al.  Interoperating between Security Domains , 1998, ECOOP Workshops.

[12]  Tadayoshi Kohno,et al.  Trust (and mistrust) in secure applications , 2001, CACM.

[13]  Adam Rifkin,et al.  Trust Management on the World Wide Web , 1998, Comput. Networks.

[14]  Audun Jøsang,et al.  A Subjective Metric of Authentication , 1998, ESORICS.

[15]  Audun Jøsang Prospectives for Modelling Trust in Information Security , 1997, ACISP.