Overview[1]#
Trust, In a social context, has several connotations.Definitions of Trust typically refer to a context characterized by the following aspects:
- One party (trustor) is willing to rely on the actions of another party (trustee)
- the situation is directed to the future.
Security exists to facilitate Trust [4]#
Bruce Schneier's book "Liars and Outliers", goes into great detail on the Relationship between Trust that Society.In addition, the trustor (voluntarily or forcedly) allows delegation of control over the actions performed by the trustee. As a consequence, the trustor
- is uncertain about the outcome of the trustee's actions;
- can only develop and evaluate expectations based on evidence.
Trust can be attributed to relationships between people. It can be demonstrated that humans have a natural disposition to Trust and to judge trustworthiness that can be traced to the neurobiological structure and activity of a human brain. Some studies indicate that Trust can be altered e.g. by the application of oxytocin.
Trust is also attributable to relationships within and between social groups (families, friends, communities, organisations, companies, Governments etc.). Trust is a popular approach to frame the dynamics of inter-group and intra-group interactions in terms of Trust.
When it comes to the relationship between people and technology, the attribution of Trust is a matter of dispute. The intentional stance demonstrates that Trust can be validly attributed to human relationships with complex technologies. However, rational reflection leads to the rejection of an ability to Trust technological artefacts.
One of the key current challenges in the social sciences is to re-think how the rapid progress of technology has impacted constructs such as Trust. This is specifically true for information Technology that dramatically alters causation in Social Websites.
Trust and Creation of Wealth[3]#
- Every transaction creating wealth first requires an affirmative decision to Trust.
- Building Trust creates new wealth.
- Sustaining Trust creates recurring wealth.
- Achieving Trust superior to your competition achieves market dominance.
- Leadership rises based on Trust (or falls the absence of Trust).
Trust is...[2]#
- the belief that a person or system will behave predictably, even under stress
- based on experience and/or evidence
- based on fundamental properties (identity, integrity)
- easy to lose and hard to regain
A trusted system is…[2]#
- predictable, even under stress
- trusted based on experience and/or evidence
- based on fundamental properties (identity, integrity)
The Trouble with Trust, & the case for Accountability Frameworks for NSTIC [5]#
In Kaliya Hamlin speaks as to the The Trouble with Trust, & the case for Accountability Frameworks for NSTIC
Facets Of Building Trust#
We have gathered several "Facets" for building Trust. Although primarly gathered from the aspect of Information Technology, we believe these are Universal.| FACET | Description |
|---|---|
| Identification | Ask Who Are You? |
| Authentication | Prove Identification |
| Authorization | Are you allowed to Do this Transaction? |
| Integrity | Is the data you sent the same as Was Received? |
| Confidentiality | Did anyone else read what you sent? |
| Auditing | Record Transaction/Communications for Audit |
| Non-Repudiation | Can prove who sent the message? |
| Transparency | Did a Community of Interest see HOW you did it? |
| Accountability | answerability, blameworthiness, liability |
| Evidence | Did a Community of Interest see you do it? |
| Reputation | Did other Entities say they Trust you? |
| Context | You may Trust you at work but not in a bar |
More Information#
There might be more information for this subject on one of the following:- Auditing
- Authentication
- Authoritative Entity
- Authorization
- Automated Biometric Identification System
- BeyondCorp
- Biometric Data Challenges
- BitShares
- Blockchain
- Blockchain 2.0
- Blockstack
- Book
- CL Signature
- CONIKS
- Center for Internet Security
- CertiPath
- Certificate
- Certificate Authority
- Certificate Level Of Assurance
- Certificate Pinning
- Circle of Trust
- Claim
- Confidentiality
- CoreID
- Cross-site request forgery
- Cryptocurrency
- Cryptography
- Data Ownership
- Data Protection
- Decentralized Public Key Infrastructure
- Delegation
- Deming
- Device Inventory Service
- Digital Identity
- Digital Identity Acceptance Policy
- Digital Signature
- Direct Anonymous Attestation
- Distributed Consensus
- Distributed Ledger Technology
- DunbarS Numbers
- Electronic IDentification Authentication and trust Services
- Enterprise Mobility Management
- Evidence
- Fast Healthcare Interoperability Resources
- Federal Deposit Insurance Corporation
- Federation
- Governance
- Hyperledger Indy
- IDSA Integration Framework
- Identity Assurance Framework
- Identity Assurance Work Group
- Identity Broker
- Identity Certificate
- Identity Provider (IDP)
- Identity Trust Framework
- If men were angels
- Integrity
- Internal Attacker
- JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants
- Kerberos
- LIGHTest
- Law of Justifiable Parties
- Law of User Control and Consent
- Legitimacy of Social Login
- Level Of Assurance
- Liars and Outliers
- Local Security Authority
- Messaging Layer Security
- MsDS-TrustForestTrustInfo
- Multi-Source Identity
- NIST Privacy Framework
- NIST.SP.800-63B
- National Strategy for Trusted Identities in Cyberspace
- Non Permissioned System
- Non-Repudiation
- OAuth 2.0 Security Best Current Practice
- Open Identity Trust Framework
- OpenID Connect Federation
- OpenID Connect Federation Async
- Organization Validated Certificate
- Perfect Security
- Perspectives Project
- Privacy Considerations
- Provenance
- Public Key Infrastructure
- Public Key Infrastructure Weaknesses
- Rap Back
- Relative IDentifier
- Relying Party
- Reputation
- Reputation System
- Resource Owner Password Credentials Grant
- SSL-TLS Interception
- Sarbanes-Oxley Act
- Security
- Social Engineering Attack
- Sovrin Foundation
- Stellar Consensus Protocol
- Transparency
- Trent
- Trust
- Trust Model
- Trust No One
- Trust Tier
- Trusted Certificate
- Trusted Domain Object
- Trusted Execution Environment
- Trusted network
- Trustee
- Trustless
- Untrusted network
- User-Managed Access
- Vectors of Trust
- Verifying Certificate Signatures
- Visibility and Transparency
- W3C Decentralized Identifiers
- Web Blog_blogentry_010117_1
- Web Blog_blogentry_110718_1
- Web Blog_blogentry_111017_1
- Web Blog_blogentry_120418_1
- Web Blog_blogentry_190617_1
- Web Blog_blogentry_210819_1
- Web Blog_blogentry_250719_1
- Web Blog_blogentry_301018_1
- Web of Trust
- WebID
- WebView
- XDAS Trust Management Events
- Zero Trust
- [#1] - Trust - based on data observed:2015-05-18
- [#2] - Trust Is - based on data observed: 2015-08-26
- [#3] - Achieving Digital Trust: The New Rules for Business at the Speed of Light - based on data observed: 2016-08-16
- [#4] - Bruce Schneier on Trust - based on data observed: 2012-09-16
- [#5] - The Trouble with Trust, & the case for Accountability Frameworks for NSTIC - based on data observed: 2015-09-16
