ACE Seminar: Implementing Impossible Requirements - changing the role of trust in secure systems design.

Speaker: Prof. Bruce Christianson

Date/Time: 01-Jan-1970, 00:00 UTC




Many accounts of online trust are based upon mechanisms for building

reputation. Trust is portrayed as desirable, and handing off trust is easier if trust is

modelled to be transitive. But in the analysis of cyber-security protocols, trust is usually

used as a substitute for knowledge: it follows that if there is no residual risk, then

there is no need for trust. On this grimmer understanding, involuntary transitivity of trust

prevents participants from having control—or even knowledge—of the risks to which

their trust assumptions expose them.

In this talk, we argue that the epistemic weakness of trust-based belief requires

system designers to accept that imaginary (or even impossible) threats can have real

consequences that adversely affect online security. But all is not lost: an apparently

paradoxical corollary is that the desire of principals to keep their trust assumptions

private can actually assist the design of systems so as to satisfy multiple, conflicting,

security agendas.

However, this approach requires agents to have the capability to predicate accurately

about states of affairs that are logically inconsistent with their beliefs, and consequently

designing systems in this way can become more akin to diplomacy than engineering.


New Zealander Bruce Christianson received his DPhil in Mathematics from Oxford University. He is currently Professor of Informatics at the University of Hertfordshire. His mathematical research centres on Automatic Differentiation, a set of techniques for transforming scientific modelling programs in practical areas such as optimization, simulation, and multidisciplinary design. Bruce is also known for his work on Optimistic Security for Open Distributed Systems, and as convenor of the Cambridge International Workshop on Security Protocols. He is Dean of the Burgon Society, which advises film-makers and other groups on the history and practice of academic dress.

This page was last modified on 27 Mar 2014.