ACE-CSR Seminar: Implementing Impossible Requirements - Changing the Role of Trust in Secure Systems Design

Speaker: Prof. Bruce Christianson, University of Hertfordshire
UCL Contact: Jonathan Bootle (Visitors from outside UCL please email in advance).
Date/Time: 03 Dec 15, 16:00 - 17:00
Venue: Galton LT

Abstract

Many accounts of online trust are based upon mechanisms for building reputation. Trust is portrayed as desirable, and handing off trust is easier if trust is modelled to be transitive. But in the analysis of cyber-security protocols, trust is usually used as a substitute for knowledge: it follows that if there is no residual risk, then there is no need for trust. On this grimmer understanding, involuntary transitivity of trust prevents participants from having control—or even knowledge—of the risks to which their trust assumptions expose them.

In this talk, we argue that the epistemic weakness of trust-based belief requires system designers to accept that imaginary (or even impossible) threats can have real consequences that adversely affect online security. But all is not lost: an apparently paradoxical corollary is that the desire of principals to keep their trust assumptions private can actually assist the design of systems so as to satisfy multiple, conflicting, security agendas.

However, this approach requires agents to have the capability to predicate accurately about states of affairs that are logically inconsistent with their beliefs, and consequently designing systems in this way can become more akin to diplomacy than engineering.

Prof. Bruce Christianson

New Zealander Bruce Christianson received his DPhil in Mathematics from Oxford University. He is currently Professor of Informatics at the University of Hertfordshire. His mathematical research centres on Automatic Differentiation, a set of techniques for transforming scientific modelling programs in practical areas such as optimization, simulation, and multidisciplinary design. Bruce is also known for his work on Optimistic Security for Open Distributed Systems, and as convenor of the Cambridge International Workshop on Security Protocols. He is Dean of the Burgon Society, which advises film-makers and other groups on the history and practice of academic dress.