ACM Transactions on Computer Systems (TOCS)
A semantics for a logic of authentication (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Trust-based navigation in distributed systems
Computing Systems
Trust breaks down in electronic contexts but can be repaired by some initial face-to-face contact
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
TRUSTe: an online privacy seal program
Communications of the ACM
Internet privacy concerns confirm the case for intervention
Communications of the ACM
Building consumer trust online
Communications of the ACM
Privacy interfaces for information management
Communications of the ACM
Predictors of online buying behavior
Communications of the ACM
Communications of the ACM
Valuation of Trust in Open Networks
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Trust Relationships in Secure Systems-A Distributed Authentication Perspective
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
On Unifying Some Cryptographic Protocol Logics
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Threat Modelling in User Performed Authentication
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Explanation and trust: what to tell the user in security and AI?
Ethics and Information Technology
Acceptance of voting technology: between confidence and trust
iTrust'06 Proceedings of the 4th international conference on Trust Management
Pools, clubs and security: designing for a party not a person
Proceedings of the 2012 workshop on New security paradigms
| Hi-index | 0.00 |
The underlying belief and knowledge models assumed by various kinds of authentication protocols have been studied for well over 10 years now. On the other hand, the related question of the generic trust assumptions, which underlie the settings where the protocols are run, has received less attention. Furthermore, the notion of trust, as it is typically defined, has more been based on the formal model used than the real user requirements posed by the application context and the actual people using the system. In this paper, we approach that problem from the users' point of view. We briefly describe what are the psychological bases on which typical people build their trust assumptions on, and consider how these are reflected in a typical e-commerce setting today. Given this background, we proceed to contemplate how the systems could be made more trustworthy by explicitly representing the trust assumptions and requirements, and how these digital expressions of trust could be instrumented to and integrated with actual authentication protocols. Thus, our aim is to broaden the view from a protocol centric approach towards considering the actual users, and to provide some initial requirements for future operating systems and user interface design.