As we move towards a data-centric world with shifting threats and perimeters that threatens the realization of network security goals such as availability, integrity, confidentiality, authentication, authorization, privacy, non-repudiation of services and other hard security issues, it has become expedient to shift paradigm in the way trust is established and authenticated. Trust is a subjective human belief. It is one the most essential means to improve security and enable interoperability in existing heterogeneous information ecosystem architecture. Trust models are used widely in information systems with the purpose of measuring the trustworthiness of a set of entities based on their behaviours. Today’s enterprises are open and competitive and relies on distributed infrastructure across various geo-spatial location and various cyber-physical locations in order to offer seamless and effective services to clients. With attendant increasing digitization and decentralization of information technology (IT) and information and control systems (ICS) especially in nuclear installations and associated facilities distributed computing frameworks are becoming more vulnerable to attacks from malicious agents, masquerading as trusted agents, thereby increasing the chances of risks and security compromises. This necessitates a better understanding of trust models used in computing, as trust and reputation management system are tools to mitigate security threats and vulnerabilities. This paper presents a precise and condensed survey of selected trust models used in information systems. The attributes of trust needed for enterprise information systems and networks are identified with the aim of identifying trust characteristics in each model.
Year
2020
Abstract