15:30:00 - 17:00:00,
Thursday 7 December, 2006
How can Internet fraud be prevented by technical means when the primary threat is one of misplaced human trust? The human element is the core of confidence scams, so any solution must have the human element at its core. For example, a phishing attack works when it convinces a person to place trust in a criminally untrustworthy party who is masquerading as a trusted party. Better indicators about who on the network is trustworthy can enable individuals to make informed trust decisions and thus decrease the efficacy of masquerade attacks. Physical indicators, as embodied in the marble and brass of a bank, obviously cannot be used on the network. Therefore this presentation describes the theoretical underpinning, design, and human subjects testing of Net Trust. Net Trust is a mechanism to use social networks to create reliable trust indicators. Note that Net Trust offers to inform human trust decisions, as opposed to a security infrastructure that makes technical trust decisions for the user.
NetTrust uses ratings from a users’ social network and from user-selected third parties. NetTrust informs user decisions, as opposed to altering security settings. The end user selects a set of roles, i.e. psuedonyms. These psuedonyms are associated with social networks. Test users declared this security technology as ‘fun to use’.
Data Dump to delete
- Name: Jean Camp
- Affiliation: Associate Professor of Informatics, Indiana University
- URL: http://www.ljean.net/