Trust: A Collision of Paradigms

Abstract

The technological challenges of securing networks are great, as recently witnessed in widespread denial of service and virus attacks. The human reaction to these attacks may be either a loss of trust or a willingness to tolerate increasing risk having weathered one assault. Examining human and computer interaction with a focus on evaluations the human response to loss of trust is a key part of the search for more secure networks. The success of current efforts to design appropriate security mechanisms depends as much on an understanding of human extensions of trust to computers as it does on an understanding of underlying mathematics. However, the former has not been sufficiently examined.

In this work we survey the findings in social psychology and philosophy with respect to trust. We introduce three hypotheses that remain unanswered with respect to the manner in which humans react to computers. We discuss potential design revisions in light of findings from other disciplines. Then we conclude by noting that research which empowers users in order to be their own security manager may be based on a fundamentally flawed view of human-computer interaction. We close by encouraging designers of computer security systems to examine the humans, which these systems are intended to empower, and recommend that any security system be built on the basis of understanding of human trust provided by the social sciences.