Modeling Trust Relationships for Developing Trustworthy Information Systems

Introduction

Information systems exist in every aspect of our life and our society is critically dependent on them. Despite this reliance, these systems are often unreliable, prone to errors, and are vulnerable to attack. We are often faced with a choice between using a valuable (or even an essential) system that is not fully trustworthy, or else forgoing the services it provides (Cofta, 2007; Islam et al., 2010a; Houmb et al., 2010). Trust, therefore, is an increasingly important issue for systems that process and manage sensitive user and organizational information. Modern Information Systems (ISs) are socio-technical systems that include large numbers of actors, both human and computational (Doherty & King, 2005; Reyes-Luna et al., 2005; Islam et al., 2011). IT elements of ISs need to interact with other humans and systems and depend on them to accomplish tasks and operations that are necessary to achieve their goals. For instance, assume a scenario, where an information system A depends on specific information from another system B and a human C to meet its key objective. In such a scenario, trust in both the human C and system B is important for the system A. System A depends on entities that may not have direct control over them. It is necessary to understand the risks involved in such dependencies, in particular various trust relationships that an information system might be part of (Pavlidis et al., 2012a; Pavlidis et al., 2012b; Zarrabi et al., 2012). However, trust is a complex notion and depends upon both technical and non-technical aspects of the social and organizational setting. When trust is used properly, it is an enabler of building collaborations among the participating actors, a necessary antecedent for cooperation (Axelrod, 1984). However, when trust is abused, it can act as a stopping block for successfully achieving a goal.

Depending on the context, the level of trust and trustworthiness of the overall system can vary (Pavlidis et al., 2012b). To establish systems trustworthiness, it is important that trust relationships between the system and other entities and trust assumptions, which are usually made during the development process, are properly identified and analyzed. Therefore it is important, in order to understand the consequences that trust relationships might have on the operation of an information system, to be able to analyze in a systematic and structured way the various trust assumptions that are usually made during the development process of information systems (Cofta et al., 2011; Cofta, 2007). By trust assumptions, we refer to the assumptions that are made by developers and/or stakeholders related to the various trust relationships that exist within the system context. There are several works in the literature that consider trust and related issues of information systems (Yu & Liu, 2001; Josang et al., 2005; Lo Presti et al., 2006; Pourshahid & Tran, 2007; Uddin & Zulckerine, 2008; Giorgini et al., 2004; Bimrah, 2009). But these works do not provide adequate guidelines that support the analysis of trust assumptions and relationships in a systematic way. Therefore, the research questions this paper is addressing are: a) how we can model trust relationships in a systematic way and b) how trust relationships influence development decisions. Analyzing trust from the early stages of the development process is critical because at this phase the possible trust relationships and assumptions are formed, and changes need to take place if the relevant trust assumptions do not hold. Early analysis enables us to identify and analyze the threats and risks in terms of the overall system trustworthiness. It also helps in a cost effective way to select appropriate control actions to address those threats and risks in proactive way.