Abstract
In this paper, trust-based recommendations control the exchange of personal information between handheld computers. Combined with explicit risk analysis, this enables unobtrusive information exchange, while limiting access to confidential information. The same model can be applied to a wide range of mobile computing tasks, such as managing personal address books and electronic diaries, to automatically provide an appropriate level of security. Recommendations add structure to the information, by associating categories with data and with each other, with degrees of trust belief and disbelief. Since categories also in turn confer privileges and restrict actions, they are analogous to rôles in a Rôle-Based Access Control system, while principals represent their trust policies in recommendations. Participants first compute their trust in information, by combining their own trust assumptions with others' policies. Recommendations are thus linked together to compute a considered, local trust assessment. Actions are then moderated by a risk assessment, which weighs up costs and benefits, including the cost of the user's time, before deciding whether to allow or forbid the information exchange, or ask for help. By unifying trust assessments and access control, participants can take calculated risks to automatically yet safely share their personal information.
Similar content being viewed by others
References
A. Abdul-Rahman, Problems with trusting recommenders to recommend arbitrarily deep chains (March 1998), available at http:// www.cs.ucl.ac.uk/staff/F.AbdulRahman/docs/ levnprob.html
A. Abdul-Rahman and S. Hailes, Supporting trust in virtual communities. in: Proceedings of the 33th Hawaii International Conference on System Sciences (IEEE, 2000) pp. 1769–1777.
J. Bacon, K. Moody and W. Yao, Access control and trust in the use of widely distributed services, in: Proceedings of Middleware 2001, Lecture Notes in Computer Science, Vol. 2218 (Springer, 2001) pp. 295–310.
V. Cahill, B. Shand, E. Gray, C. Bryce, N. Dimmock, A. Twigg, J. Bacon, C. English, W. Wagealla, S. Terzis, P. Nicon, G. di Marzo Serugendo, J.-M. Seigneur, M. Carbone, K. Krukow, C. Jensen, Y. Chen and M. Nielsen, Using trust for secure collaboration in uncertain environments, IEEE Pervasive Computing 2(3) (2003) 52–61.
M. Carbone, M. Nielsen and V. Sassone, A formal model for trust in dynamic networks, Research Series RS-03-04, BRICS, Department of Computer Science, University of Aarhus, EU Project SECURE IST-2001-32486 Deliverable 1.1 (January 2003).
T. Finin, A. Joshi, L. Kagal, O. Ratsimor, V. Korolev and H. Chen, Information agents for mobile and embedded devices, Lecture Notes in Computer Science, Vol. 2182 (Springer, 2001) pp. 264–286.
D. Garlan, D. Siewiorek, A. Smailagic and P. Steenkiste, Project Aura: Towards distraction-free pervasive computing, IEEE Pervasive Computing 1(2) (2002) 22–31.
A. Jøsang, A logic for uncertain probabilities, International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 9(3) (2001) 279–311.
D.H. McKnight and N.L. Chervany, Conceptualizing trust: a typology and e-commerce customer relationships model, in: Proceedings of the 34th Hawaii International Conference on System Sciences, Vol. 7 (IEEE, January 2001) p. 7022.
G. Stoneburner, A. Goguen and A. Feringa, Risk management guide for IT systems, Technical Report SP800-30, National Institute for Science and Technology (January 2002).
S. Weeks, Understanding trust management systems, in: IEEE Symposium on Security and Privacy (2001) pp. 94–105.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Shand, B., Dimmock, N. & Bacon, J. Trust for Ubiquitous, Transparent Collaboration. Wireless Networks 10, 711–721 (2004). https://doi.org/10.1023/B:WINE.0000044030.65959.91
Issue Date:
DOI: https://doi.org/10.1023/B:WINE.0000044030.65959.91