Название: Trust in Computer Systems and the Cloud
Автор: Mike Bursell
Издательство: John Wiley & Sons Limited
Жанр: Зарубежная компьютерная литература
isbn: 9781119692317
isbn:
The reputation approach is interesting because rather than having to start her trust relationship to Alice from scratch or with only the tools that she has (her experience, biases, and some expectations), Carol starts with some specific information about Alice that she can use. We can think of this type of information as inputs to the idea of “trustworthiness” proposed by some of the writers we have mentioned when considering human-to-human trust.
What other types of information might we have up front? Another way of looking at this is asking what pressures can be brought to bear on the trustee that allow me, the trustor, to have a high assurance that this will affect the trustee's behaviour in ways that are likely to influence them to act in ways consistent with my expectations. Bruce Schneier writes in detail about this in Liars & Outliers: Enabling the Trust That Society Needs to Thrive.15 He discusses societal pressures, moral pressures, reputational pressures, institutional pressures, and security systems, all in the context of society. Sanctions, punishments, and incentives all fit into this model of trust establishment and management, and reputation is one of the key concepts required to evaluate relationships.
We know in our day-to-day human interactions that reputations can be ill-formed or unfairly earned and also that they can change significantly over time. We will look at indirect trust relationships in Chapter 3, “Trust Operations and Alternatives”, and at the importance of time in Chapter 7, “The Importance of Time”, but another point arises from reputations: over the many years that humans have grown into larger and larger groups, creating societies and forming organisations, reputations are important for another type of trust relationship. This is the area on which Schneier spends much attention, as evidenced by his chapter headings on organisations, corporations, and institutions, and which we can broadly label institutional trust.
Institutional Trust
A great deal of the literature on trust revolves around our trust—and mistrust—in institutions: or, as we would clarify with our new understanding about these concepts, the trust relationships we have to institutions. This type of trust is related directly to our second case in Chapter 1: my trust relationship to my bank. Banks are, in fact, a key example of institutions where their customers' or users' trust is self-evidently vital. Banks and other financial institutions are so important to the smooth running of (capitalist) society that governments will not infrequently move in to prop up a bank when trust in it begins to falter. The assurance associated with trust here is generally around whether a bank has sufficient assets to be able to provide its customers with their money when requested. But there is a greater and more dangerous concern against which financial institutions—or maybe, more broadly, frameworks—must guard: trust in a currency itself. By this, we really mean there is a generally accepted assurance that the currency will hold its value over time, or at least not deviate (particularly downwards) too sharply over time in terms of its purchasing power.
It has become clear, with the rise of blockchain-backed crypto-currencies as an alternative (for some) to traditional fiat currencies, that the types of assurance, and how they are managed, are more complex than had generally been assumed. This topic is so important for our understanding of how trust is embodied in a particular set of systems that we will return to crypto-currencies in more detail in Chapter 6, “Blockchain and Trust”.
For now, we will concentrate on more traditional institutions and some of the discussions on how trust is relevant to them. It should come as no surprise that this is a topic that has garnered a great deal of attention over the years. The idea that institutions are required because individual humans cannot “scale” to provide all of the services required is clearly not new. Monarchs and generals have appeared to manage large groups of people, trustworthy individuals have been appointed to dispense justice (at, for instance, Jethro's urging to Moses in Exodus 18), and the people who they serve—or are supposed to serve—need to have a trust relationship to them.
Theories of Institutional Trust
One of the most famous and influential early modern writers on the topic of institutional trust in the West, at least, was Thomas Hobbes,16 in his Leviathan, originally published in 1651. In fact, the full title of his book was Leviathan: Or the Matter, Forme and Power of a Commonwealth, Ecclesiasticall and Civil, and it is considered an important early work in social contract theory. This theory—the name is taken from another giant in the field, Jean-Jacques Rousseau's The Social Contract17—suggests that we—members of societies—give up some rights that we might otherwise exercise and give them, instead, to institutions.
Hobbes's central thesis is that people (he would say “men”) are, by default, in “a state of nature” in which they are “brutish and at warre” with one another. In other words, without some sort of authority structures, there can be no society beyond simple interpersonal relationships. To overcome this restriction, humans create agreements to give up some of their rights to take from each other—though never to defend themselves—by imbuing rights into a sovereign body. This sovereign body is preferably, in Hobbes's view, a monarch and has the power to create laws and exact punishment. Though the work is a masterpiece and still worth reading, certain issues stand out to a more modern reader, including, crucially, how such sovereign bodies are ordained18 and sustained if there is no continual re-establishment of the sovereignty by its body politic.
If we ignore Hobbes's preference for a monarch as the structural centre and overlook for now the question of how exactly a central authority is established (a topic to which we will return in Chapter 3, “Trust Operations and Alternatives”) we may consider the possibility that trust in this central authority could be continually re-established, but we must remember that such trust is really made up of many separate trust relationships to the authority. There is a distinction here between the set of trust relationships held and the reputation of the authority: the latter, while theoretically a reflection of all the former, is not a true view of it in the context of two important measures:
The conglomeration of information about trust relationships will always be imperfect in practice, in the same way that a map is never a true representation of a tract of land (a perfect representation becomes more than a representation and becomes part of what it is representing19).
Reputation is information allowing an entity to consider the formation—or tuning—of a trust relationship rather than the relationship itself.
This is a distinction that often seems to be lost in discussions of institutional trust—or, more specifically, trust relationships to institutions. Either little difference is evinced between reputation and trust, or the fact that different parties hold different relationships is overlooked. One notable exception to this is Francis Fukuyama, whose 1995 book Trust: The Social Virtues and the Creation of Prosperity20 is one of the canonical works in the modern discussion of institutional trust. In it, he examines the role of social capital, familism, individualism, and sociability СКАЧАТЬ