The Use of Formal Methods in the Analysis of Trust (Position Paper) [chapter]

Michael Butler, Michael Leuschel, Stéphane Lo Presti, Phillip Turner
2004 Lecture Notes in Computer Science  
Security and trust are two properties of modern computing systems that are the focus of much recent interest. They play an increasingly significant role in the requirements for modern computing systems. Security has been studied thoroughly for many years, particularly the sub-domain of cryptography. The use of computing science formal methods has facilitated cryptanalysis of security protocols. At the moment, trust is intensively studied, but not well understood. Here we present our approach
more » ... ed on formal methods for modelling and validating the notion of trust in computing science. Recent years have seen a growing concern with security properties of computing systems. This concern is mainly caused by two reasons. First, there is an increasing number of faults in computing systems. This increase in turn ensues from two facts. The penetration of computing science in our professional and personal lives is still expanding, as new computing paradigms such as pervasive computing show. At the same time, programs become overly cluttered and computationally and semantically more complex. The second reason explaining security concerns is that the concept of security itself is widening. This is illustrated by recent problems like privacy breaches (e.g. spam) or violations of legal obligations (e.g. liability via software license). Notions of trust are constituent in several cryptographic methods, representing the confidence in the association of a cryptographic key to the identity of a principal. Recent multidisciplinary studies on trust envisage the concept as a more general and richer notion than security. Many models of trust have been devised, each concentrating on disparate aspects, among which are recommendations and reputation, belief theory, or risk and uncertainty. It appears that the vast number of notions composing trust defies its systematic analysis. Computing science formal methods [11] stem from mathematics and aim to help design, develop, analyse and validate software so that it is correct, error-free and robust. Formal models are built on well-known mathematical elements, like sets or functions, and can be analysed against accurate properties, such as consistency or completeness. Formal methods include Petri nets, abstract state machines, process calculi, temporal This work has been funded in part by the T-SAS (Trusted Software Agents and Services in Pervasive Information Environment) project of the UK Department of Trade and Industry's Next Wave Technologies and Markets Programme.
doi:10.1007/978-3-540-24747-0_25 fatcat:ic6aolgqnfbn3oypj3k4jiwiqi