Research talks are informal sessions held for faculty and students. These talks are not webcast, nor recorded, due to informal nature and topic relevance.
CERT and SEI Training schedules, as well as other related events can also be found on this list.
Seminar: On the Foundations of Trust in Networks of Humans and Computers
| Date: | September 24, 2012 |
| Talk Title: | On the Foundations of Trust in Networks of Humans and Computers |
| Speaker: | Virgil Gligor |
| Time & Location: | 12:00pm - 1:00pm CIC Building, Pittsburgh |
Abstract
A general theory of trust which focuses on the establishment
of new trust relations where none were possible before would help create new
economic opportunities. New trust relations would increase the pool of services
available to users, remove cooperation barriers, and enable the “network effect”
where it really matters; i.e., at the application level. Hence, it seems
important that security research should enable and promote trust-enhancement
infrastructures in human and computer networks; e.g., trust networks that
exploit established social relations. A general theory of trust in networks of humans and computers
must be built on both a theory of behavioral
trust and a theory of computational
trust.1 This argument is motivated by increased participation of
people in online social networking, crowdsourcing, human computation, and
socio-economic protocols; e.g., protocols modeled by trust and gift-exchange
games, norms-establishing contracts, and scams/deception. In this talk I
illustrate a class of interactive trust
protocols (ITP) that relies both on trustworthy properties of commodity
systems2 (e.g., verifiable
end-to-end trusted path) and new trust relations between protocol participants,
since on-line verification of protocol compliance is often impractical; e.g.,
it can lead to undecidable problems, co-NP complete test procedures, and user
inconvenience. New trust relations are established in ITPs using both selected
social relations and social ties. I illustrate these concepts in specific
instances of ITPs, namely protocols that help authenticate attributes of
unknown parties,3 services, and software in a safe manner. References Virgil
D. Gligor received his B.Sc., M.Sc., and Ph.D. degrees from the University of
California at Berkeley. He taught at the University of Maryland between 1976
and 2007, and is currently a Professor of Electrical and Computer Engineering
at Carnegie Mellon University and co-Director of CyLab. Over the past
thirty-five years, his research interests ranged from access control
mechanisms, penetration analysis, and denial-of-service protection to
cryptographic protocols and applied cryptography. Gligor was an editorial board
member of several IEEE and ACM journals, and the Editor in Chief of the IEEE
Transactions on Dependable and Secure Computing. He received the 2006 National
Information Systems Security Award jointly given by NIST and NSA in the US, and
the 2011 Outstanding Innovation Award given by the ACM Special Interest Group
on Security, Audit and Control.
[1] Gligor, V. and Wing, J. 2011. Towards a Theory of Trust in Networks of
Humans and Computers. In Proc. of the 19th
International Workshop on Security Protocols. (Cambridge, UK, March
28-30, 2011). LNCS 7114, Springer
Verlag, pp. 223 – 242.
[2] Zhou,
Z., Gligor, V., Newsome, J., and
McCune, J. 2012. Building Verifiable
Trusted Path on Commodity X86 Computers. In Proc. of IEEE Security and Privacy Symposium. (San Francisco, California, May 2012) pp. 616 – 630.
[3] Kim, T. H-J., Gligor V., and Perrig, A. 2012.
Street-Level Trust Semantics for Attribute Authentication. In Proc. of 20th
Security Protocols Workshop, Cambridge University, April 2012.Speaker Bio
