Towards a Decision Model Based on Trust and Security Risk Management

Alcalde, B., Dubois, E., Mauw, S., Mayer, N. and Radomirovic, S.

    From choosing the daily lunch menu to buying or selling stock options, decisions have to be made every day. In general, due to incomplete information, making a decision carries a risk. Typically, such risks are mitigated through risk management. However, risk is not the only element involved in the decision process. When the decision to be made concerns an interaction between two entities, trust plays an important role. Trust, in such an interaction, is a prediction of one entity's reliance on the other entity to perform a certain action. In this paper we formulate a trust reference model and take a first step towards a decision model by combining the trust model with an existing risk model. The decision model is illustrated by an example in the e-banking domain.
Cite as: Alcalde, B., Dubois, E., Mauw, S., Mayer, N. and Radomirovic, S. (2009). Towards a Decision Model Based on Trust and Security Risk Management. In Proc. Seventh Australasian Information Security Conference (AISC 2009), Wellington, New Zealand. CRPIT, 98. Brankovic, L. and Susilo, W., Eds. ACS. 61-69.
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS