Designing trust into online experiences
Communications of the ACM
The network in the garden: an empirical analysis of social media in rural life
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Predicting tie strength with social media
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
All your contacts are belong to us: automated identity theft attacks on social networks
Proceedings of the 18th international conference on World wide web
Understanding scam victims: seven principles for systems security
Communications of the ACM
Challenges in access right assignment for secure home networks
HotSec'10 Proceedings of the 5th USENIX conference on Hot topics in security
Does deterrence work in reducing information security policy abuse by employees?
Communications of the ACM
Towards a theory of trust in networks of humans and computers (transcript of discussion)
SP'11 Proceedings of the 19th international conference on Security Protocols
On the foundations of trust in networks of humans and computers
Proceedings of the 2012 ACM conference on Computer and communications security
| Hi-index | 0.00 |
The problem of determining whether a receiver may safely accept attributes (e.g., identity, credentials, location) of unknown senders in various online social protocols is a special instance of a more general problem of establishing trust in interactive protocols. We introduce the notion of interactive trust protocols to illustrate the usefulness of social collateral in reducing the inherent trust asymmetry in large classes of online user interactions. We define a social collateral model that allows receivers to accept attributes from unknown senders based on explicit recommendations received from social relations. We use social collateral as a measure of both social relations and "tie strength" among individuals to provide different degrees of accountability when accepting attribute information from unknown senders. Our model is robust in the face of several specific attacks, such as impersonation and tie-strength-amplification attacks. Preliminary experiments with visualization of measured tie strength among users of a social network indicate that the model is usable by ordinary protocol participants.