In this paper, trust-based recommendations control the exchange of personal information between handheld computers. Combined with explicit risk analysis, this enables unobtrusive information exchange, while limiting access to confidential information. This is illustrated with applications such as personal address books and electronic diaries. Recommendations associate categories with data and with each other, with degrees of trust belief and disbelief. Since categories also in turn confer privileges and restrict actions, they are analogous to rôles in a Rôle-Based Access Control system, while principals represent their trust policies in recommendations. Participants first compute their trust in information, by combining their own trust assumptions with others' policies. Actions are then moderated by a risk assessment, which weighs up costs and benefits, including the cost of the user's time, before deciding whether to allow or forbid the information exchange, or ask for help. By unifying trust assessments and access control, participants can take calculated risks to automatically yet safely share their personal information.
|Number of pages||8|
|Publication status||Published - 2003|
|Event||1st IEEE International Conference on Pervasive Computing and Communications, PerCom 2003 - Fort Worth, TX, United States|
Duration: 23 Mar 2003 → 26 Mar 2003
|Conference||1st IEEE International Conference on Pervasive Computing and Communications, PerCom 2003|
|City||Fort Worth, TX|
|Period||23/03/03 → 26/03/03|