As part of a panel discussion at the Trust in the Digital world summit in Vienna, Intel's trust & security technology & policy manager Claire Vishik spoke about why we need a new language to quantify trust in the digital world.
The technology environment has always been diverse. If you read literature even as long ago as 150 years, this diversity was reason for complaints, as the industrial revolution took over and machines become more complicated.
Today we have complex architectures at the micro and macro levels that no one understands completely. Now we have mainframe like architectures, we have applications built different ways for different purposes.
Data resides sometimes on the endpoint, sometimes on a different platform, or a low-power endpoint. Some of it's in the cloud, some of it could be on the server. And this is the environment that we're having to learn to trust.
If you take an application for your online banking provider, for instance, you have a secure application that you access from your computing platform. It has certain requirements and certain limitations. Then you have the application for Android, or your iPhone or BlackBerry, all using the same datasets with similar interfaces. We haven't yet learned what that means for the user, what that means for our data, and what that means for trust.
Nowadays we generate a lot of data when we do anything. When we connect to networks from mobile phones, when we synchronise our devices, when we use wireless access points, when we pass under cameras in big cities, when we travel on aeroplanes. What does this data mean in the long run? I'm sure we don't know. And in terms of future potentialities, we don't yet know what we don't know.
There have been a lot of achievements in trusted computing, and have gone a long way to developing new models of trust and new ways of interfacing with applications.
In most systems we consider trusted, you either trust someone or you don't. You don't trust them a little bit, or trust them in some ways but not others.
Trust is important when we operate in these environments that interoperate and interact with each other. Where trust comes into this, we haven't yet worked out.
If we could come up with a language, a pure XML language, perhaps, that could express the intentions of the developers and the users, that would be one potential area of research we could think about.
For technologists, trust is usually something simple. A system or an element is trusted if it behaves as expected under well-defined circumstances. It's an appropriate definition, but it defines a boundary.
In today's environment, developing simple, straightforward applications has become much more difficult. We need a language of trust, a system of trust metrics, if we're to navigate this bumpy landscape at all.
The Trust in the Digital World conference runs from 7-8 April, and ITProPortal will be covering the ins and outs of what's being discussed here in the Austrian Chamber of Commerce.