The role of trust in computer security

Summary form only given. Traditional security technologies are based on numerous assumptions about the environment in which systems are used. This includes assumptions about the enforcement of legislative and contractual frameworks, limitations of particular technologies and the constraints on human behaviour imposed by social and religious norms. Most of these assumptions, however, are implicit and they will fail when the environment of the systems change, e.g., when systems are used on a global scale on the Internet. This talk identifies such implicit assumptions in current security technologies and show how many of them concern the placement of trust on human or system agents. We argue that making such assumptions about trust explicit is an essential requirement for the future of system security and argue why the formalisation of computational trust is necessary when we wish to reason about system security.