UNIVERSITY OF HERTFORDSHIRE
             COMPUTER SCIENCE RESEARCH COLLOQUIUM

                            presents


              "Implementing Impossible Requirements - 
         Changing the Role of Trust in Secure Systems Design"

                    Prof. Bruce Christianson
      (School of Computer Science, University of Hertfordshire)

                   16 December 2015  (Wednesday)
                           1 pm -2 pm


                  Hatfield, College Lane Campus
                      Lecture Theatre LF233

                  Everyone is Welcome to Attend

                  Refreshments will be available

Abstract

Many accounts of online trust are based upon mechanisms for building
reputation. Trust is portrayed as desirable, and handing off trust
is easier if trust is modelled to be transitive. But in the analysis
of cyber-security protocols, trust is usually used as a substitute for
knowledge: it follows that if there is no residual risk, then there is no
need for trust. On this grimmer understanding, involuntary transitivity
of trust prevents participants from having control -- or even knowledge --
of the risks to which their trust assumptions expose them.

In this talk, we argue that the epistemic weakness of trust-based
belief requires system designers to accept that imaginary (or even
impossible) threats can have real consequences that adversely affect
online security. But all is not lost: an apparently paradoxical corollary
is that the desire of principals to keep their trust assumptions private
can actually assist the design of systems so as to satisfy multiple,
conflicting, security agendas.

However, this approach requires agents to have the capability to predicate
accurately about states of affairs that are logically inconsistent with
their beliefs, and consequently designing systems in this way can become
more akin to diplomacy than engineering.


---------------------------------------------------
Hertfordshire Computer Science Research Colloquium
http://cs-colloq.stca.herts.ac.uk