[Log In] []

Exploring the science and magic of Identity and Access Management
Wednesday, October 21, 2020
 

Trust: Vulnerability and Commitment

Identity
Author: Mark Dixon
Friday, September 2, 2005
5:25 am

In
his blog yesterday, Masood
Mortazavi
offered new perspectives on Trust.

He highlighted two related thoughts:

  1. Trust is based on two parties making "credible commitments"
    to each other.
  2. Trust is based on two parties mutually "exposing vulnerabilities."

Both viewpoints are valid:

In any trust relationship, each party exposes vulnerabilties in the process
of establishing that relationship. For example, if I share any of my Identity
attributes with you, I am vulnerable because I run the risk of you exploiting
that attribute in some devious manner. You run the same risk if you share any
element of your Identity with me (although I hope you’ll find me trustworthy.)

In the world of Digital Identity, as vulnerabilities are mutually exposed,
credible commitments are also exchanged.

As a consumer, I can "credibly commit" to pay $1000 for a television.
That "claim" is subject to verification through my credit card company.
In return, a manufacturer can "credibly commit" that the television
is worth $1000. I may choose to authenticate that "claim" by reading
Consumer Reports or some other reputable information source. Mutual trust arising
from the exchange of credible commitments forms the basis for a transaction.

In establishing a trust relationship with another party over the Internet,
I must "credibly commit" or "claim" that my credentials
are authentic. My claim is subject to verification through a trusted third party.
In return, the party with whom I wish to connect must also present credentials
with validity I accept. This exchange of credible commitments forms a trusted
relationship in cyberspace.

p.s. Through Masood, I was also introduced to the Trust
Blog
. I was particularly intrigued by the concept of Assymetric
Trust
. Stuff worth reading.

Tags:



 

One Response to “Trust: Vulnerability and Commitment”

    Hmm. Far be it from me to disagree with Masood, for whom I have huge respect, but…
    ;^)

    I tend to stick to my view that trust is, for all practical purposes, based on experience of prior behaviour. Thus, in your example of a customer making a ‘credible commitment’, I would argue that the commitment to pay $1000 is not credible, unless the retailer has done a lot of business with that customer before. That’s precisely why the retailer won’t give $1000 credit until the customer’s (in-credible) commitment has been backed up by the bank.

    And why does the retailertrust the bank? Because his experience of the bank’s previous behaviour leads him to believe that he will not get stiffed for the $1000.

    In terms of trust models, we are right back to the bills of exchange first conceived of by travelling traders in the early Renaissance… If you need to to business somewhere where you have no trust relationships in place, you have to find a trusted intermediary (banker) who can proxy that role for you.

    Comment by Robin Wilton on September 14, 2005 at 3:32 pm

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.