Computational Trust

In Information security, computational trust is the generation of trusted authorities or user trust through cryptography. In centralised systems, security is typically based on the authenticated identity of external parties. Rigid authentication mechanisms, such as Public Key Infrastructures (PKIs) or Kerberos have allowed this model to be extended to distributed systems within a few closely collaborating domains or within a single administrative domain. During the last years, Computer Science has moved from centralised computer systems to distributed computing. This evolution has several implications on the security models, the policies and the mechanisms needed to protect users’ information and resources in an increasingly interconnected computing infrastructure.

Identity-based security mechanisms cannot authorise an operation without authenticating the claiming entity. This means that no interaction can occur unless both parties known their authentication frameworks. Spontaneous interactions would, therefore, require a single, or a few trusted certificate authorities (CAs). In the present context, PKI has not been considered since they have shown difficulties to emerge, thus it is not so probable that they will establish themselves as a reference standard in the near future. In the present, a user who wishes to join spontaneous collaboration with another party can choose between enabling security and thereby disabling spontaneous collaboration, or disabling security and enabling spontaneous collaboration. It is fundamental that mobile users and devices can authenticate in an autonomous way without relying on a common authentication infrastructure. In order to face this problem, we need to examine the challenges introduced by ”Global Computing“, a term coined by the EU for the future of the global information society, and to identify their impact on security.