A trust assignment model based on alternate actions payoff

The human component is a determining factor in the success of the security subsystem. While security policies dictate the set of permissible actions of a user, best practices dictate the efficient mode of execution for these actions. Unfortunately, this efficient mode of execution is not always the easiest to carry out. Users, unaware of the implications of their actions, seek to carry out the easier mode of execution rather than the efficient one, thereby introducing a certain level of uncertainty unacceptable in high assurance information systems. In this paper, we present a dynamic trust assignment model that evaluates the system's trust on user actions over time. We first discuss the interpretation of trust in the context of the statement "the system trusts the users' actions" as opposed to "the system trusts the user." We then derive the intuition of our trust assignment framework from a game-theoretic model, where trust updates are performed through "compensatory transfer." For each efficient action by a user, we assign a trust value equal to the "best claim for compensation", defined as the maximum difference between the benefits of an alternate action and the selected efficient action by the user. The users' initial trust and recent actions are both taken into account and the user is appropriately rewarded or penalized through trust updates. The utility of such a model is two-fold: It helps the system to identify and educate users who consistently avoid (or are unaware of) implementing the organization's best practices and secondly, in the face of an action whose conformance to the organizational policies is contentious, it provides the system or a monitoring agent with a basis, viz. the trust level, to allow or disallow the action. Finally we demonstrate the application of this model in a Document Management System.