Requirements For AHuman-CentricTrustManagementSystemInAnOpenDe-PerimeterisedNetworkEnvironment

Date: 2008-08-25

Time: 14:00

Room: Went N017

Speaker: Andor Demarteau

Title: Requirements for a Human-Centric Trust Management System in an Open De-Perimeterised Network Environment (thesis defense)

Abstract

In an ever changing business environment where online collaboration between individuals and companies becomes more and more important, the way we used to think about network security is rapidly becoming obsolete and insufficient. The current practise revolves around perimeter protection with firewalls and access control lists for network and system security and access control. Companies deal with the new ways of online communication by creating openings in the current perimeter to allow them to pass through the security barriers, often without any validation or other security mechanisms in place. This is how security holes are created in the current network design, introducing vulnerabilities in the current system. Trying to fix this with "Simple" introducing detection systems will not be enough. Instead a radical change in thinking about security is required to solve these issues. The Jericho Forum (http://www.jerichoforum.org), which is part of the Open Group (http://www.opengroup.org), proposes a new way of thinking about security, based on user-centric authentication and access-controls placed on access to data rather than access to networks and systems.

In this paper we will look at the trust broker part within the Jericho Architecture. More specifically, the trust management system, which is the basis of access-control within Jericho and is based upon identity recognition, trust relationships based on recommendation and observation. Before we can define trust and reputation in a technical context, we need some method of describing them and the meaning they have in the human-centric real world context of everyday life. For this purpose we will use the Perceptual Control Theory (PCT). This theory, based in the social sciences, gives a description of how human behaviour works by using closed causal loops of control. These loops are part of an entire hierarchy which defines a complete "living" control system. As our definitions of human trust relationships will be based on this theory, we also will use it as a natural basis for designing the trust management system itself.

It is time that not only a new and radical change is proposed in the we design our security, but also in the way we construct and work with access control. A more human an natural approach to this topic would mean a more natural way integration of such systems in the working environment. In this paper we propose such a system by creating a foundation in definitions and design based on a solid and understandable theory of humans as "living" control systems. Not only the integration of human-modelled control systems is a beneficial choice, the present literature on the field of trust management is often too narrow in its views and implementations to be of any use within the Jericho architecture. We need a system that can with reasonable certainty (100% is not achievable) give the answer to two of the important issues we have in granting access to data in this system: is this person who he says he is and is he trustworthy enough to be allowed access to that piece of data with this specific security level attached to it. In this paper we will design a system that is able to answer the above posed questions in way that comes as natural to its administrators and users alike.