Page 259 - Trust in ICT 2017
P. 259
Trust in ICT 5
8.1 Data collection
Data collection process conducts to collect raw data for trust information. Data collection should be
deliberated on what and how many data should be collected. Collection of data are tightly related to the
purpose of trust provisioning. Data should be collected with acceptable expense to extract relevant trust
information because excessive collection of data may cause privacy problems.
8.2 Data management
In this process, the collected data is used to generate trust information. Data are carefully handled with the
regard of trustworthiness. As the number of data sources and types are dramatically increased, the
trustworthiness of data itself is significant. Because false data will lead to degrade the accuracy of trust
information and increase waste of resources, it is important to detect corrupt or polluted data. In the
perspective of data management, the data should be protected to extract the correct trust information.
8.3 Trust information analysis
Trust information analysis process extracts the meaningful trust information from data. Because trust can be
measured by considerations of the complicate relationship between the trustor and the trustee, trust
information explicitly reflects the trust relationship in the objective and subjective manners.
As much as the ICT environments are emerging, building trust is much more challenging. Since trust is difficult
to be quantified, the exact trustworthiness value of an entity may have different interpretation. The trust
attributes should be defined as mutually independent characteristics of entities. They may reflect the
dynamic characteristics of trust.
A trust model is a method to specify, build, evaluate and ensure trust relationships among entities. The trust
model is used to obtain the trust information. The trust model is designed to understand trust characteristics
and account trust factors. Since a trust model is domain-specific, there exist numerous ways to define a trust
model according to application domains. In order to calculate a trust index for specific applications, the
common indicators should be developed to identify trust characteristics of an entity and compare with trust
indices of different entities.
8.4 Dissemination of trust information
Dissemination of trust information means a way to distribute trust information to others. There are various
ways of disseminating trust information in different domains (e.g., binary data transmission in the physical
world, service/product recommendations in the cyber world, and information visualization considering
human perceptions in the social world). The efficient, effective, and suitable dissemination methods should
be developed so that a trustor can determine trust of the trustee with the subjective criteria of trust
information.
8.5 Trust information lifecycle management
Because of the dynamic characteristic of trust, trust information is created, updated and abolished as time
goes. The trust information is replaced due to the change of a trust component. The feedback from the
trustor who receives trust information of the trustee also could be used to recalculate trust values during the
update phase. At the update phase, the trust index is updated and trust value is re-evaluated.
NOTE – Appendix III provides trust provisioning use cases.
9 Security considerations
Trust is the concept that can cover security and privacy. Security is considered as technological aspects, and
privacy is considered as user aspects. By utilizing security and privacy mechanisms, trust can be realized in
ICT infrastructures and services.
251