We have proposed that interacting computing entities can make decisions based on a computational model of trust. As the real world does not have a unique legitimate authority, computing entities are owned by multiple authorities and operated from multiple jurisdictions. As in real life, no administrator can be perpetually present to manage the interactions. A crucial element for the use of trust is to know with whom the entities interact, which corresponds to authentication in traditional computer security. However, this element has been disregarded in computational trust: this is ill fated given that virtual identities are the means for a number of attacks that are less possible in face-to-face settings.
We use another parallel with human social networks, namely the notion of entity recognition (ER). When someone is introduced by a trustworthy recommender, the identity card of the recommended person is not used and it is sufficient to recognize this person. It provides dynamic enrolment and, in doing so, ad-hoc interactions are possible. It also underlines that the full curriculum vitae of the recommender is not required, which translates to a privacy improvement over trust engines that link all interactions to a real-world identity. Our resulting framework follows an ER approach: the virtual identities are, by default, pseudonyms - recognized, but without link to the real-world identities. It is sufficient to recognize a virtual identity in order to build trust based on evidence. The link to the real-world identity may be considered to be useful for security decisions and our framework does not forbid the use of this link. However, in global computing, the possibility to sue the real-world identities behind the virtual identities is not guaranteed since the jurisdictions of the interacting entities may be contradictory. In addition, most authentication schemes linking a real-world identity with a virtual identity do not achieve dynamic enrolment and their usability compromises security.
Still, our framework takes into account the attacks at the level of virtual identity. Instead of authentication, a novel ER process is carried out. The outcome of ER is associated with a level of confidence in recognition rather than a binary authentication outcome: in doing so, weaker recognition schemes can be used. Recognition is a basis for trust computation, which starts the end-to-end trust, which emphasizes that the trust in the technical infrastructure must be taken into account when the trust in the virtual identity is computed. In addition, trust transfer is introduced to encourage self-recommendations without attacks based on the creation and use of a large number of virtual identities owned by the same real-world identity. Since privacy expectations vary, a privacy-trust trade model is introduced for real-world identities to disclose explicit links between their virtual identities. It is currently too early to estimate its commercial potential. As a result, no specific steps have been taken at this stage in order to protect any IPR emanating from it.