Abstract
In this paper, trust-based recommendations control the exchange of personal information between handheld computers. Combined with explicit risk analysis, this enables unobtrusive information exchange, while limiting access to confidential information. This is illustrated with applications such as personal address books and electronic diaries. Recommendations associate categories with data and with each other, with degrees of trust belief and disbelief. Since categories also in turn confer privileges and restrict actions, they are analogous to rôles in a Rôle-Based Access Control system, while principals represent their trust policies in recommendations. Participants first compute their trust in information, by combining their own trust assumptions with others' policies. Actions are then moderated by a risk assessment, which weighs up costs and benefits, including the cost of the user's time, before deciding whether to allow or forbid the information exchange, or ask for help. By unifying trust assessments and access control, participants can take calculated risks to automatically yet safely share their personal information.
Original language | English |
---|---|
Pages | 153-160 |
Number of pages | 8 |
Publication status | Published - 2003 |
Externally published | Yes |
Event | 1st IEEE International Conference on Pervasive Computing and Communications, PerCom 2003 - Fort Worth, TX, United States Duration: 23 Mar 2003 → 26 Mar 2003 |
Conference
Conference | 1st IEEE International Conference on Pervasive Computing and Communications, PerCom 2003 |
---|---|
Country/Territory | United States |
City | Fort Worth, TX |
Period | 23/03/03 → 26/03/03 |