Trust* : Extending the Reach of Trust in Distributed Systems

Building trust is a common requirement in distributed environments especially since many transactions now occur on a person-to-person basis. Examples range from e-commerce on the Internet to peer-to-peer and grid resource sharing. Many solutions to the problem of requiring trust among unknown entities rely on the use of a reputation metric to assess the risk of a potential transaction. However, such reputation systems require (often implicitly) that trust is transitive which can be a problematic assumption. This dissertation proposes a novel mechanism which we call trust*. The trust* model uses guarantees to extend local trust between unknown end-points. Trust* can be used as a substitution for end-to-end trust. Principals provide guarantees within existing (local) trust relationships to build a chain of localised agreements between the unknown end-points. The guarantees are backed by local micropayments to provide deterrents and incentives. Trust* relationships can be composed transitively, and the guarantees reduce the risk for the trusting party when doing so. This is because a guarantee is only ever provided locally by a directly trusted principal. Thus, trust management can be reduced to a locally solved problem. This work aims to develop a new technique for assessing and reducing the risk involved in trusting others in a distributed environment. The thesis of this dissertation is that an electronic analogue of real-world guarantees, is a useful and interesting way to provide these assurances. We develop an extension of the notion of trust, which we call trust*, which is built upon local guarantees, and which provides a novel conceptual framework for analysing and reasoning about a wide variety of trust-related problems in distributed systems. We present the concept of trust* and apply it to a number of application scenarios where it would be beneficial. We simulate the trust* model in these environments for analysis. Also, we describe the key features and other issues related to the trust* model which became evident during its investigation and which are of wider interest.