Towards a Decision Model Based on Trust and Security Risk Management

Baptiste Alcade, Eric Dubois, Sjouke Mauw, Nicolas Mayer, Saša Radomirović

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

From choosing the daily lunch menu to buying or selling stock options, decisions have to be made every day. In general, due to incomplete information, making a decision carries a risk. Typically, such risks are mitigated through risk management.

However, risk is not the only element involved in the decision process. When the decision to be made concerns an interaction between two entities, trust plays an important role. Trust, in such an interaction, is a prediction of one entity's reliance on the other entity to perform a certain action.

In this paper we formulate a trust reference model and take a first step towards a decision model by combining the trust model with an existing risk model. The decision model is illustrated by an example in the e-banking domain.
Original languageEnglish
Title of host publicationInformation Security 2009
Subtitle of host publicationProceedings of the Seventh Australasian Information Security Conference (AISC 2009), Wellington, New Zealand, January 2009
EditorsLjiljana Brankovic, Willy Susilo
Place of PublicationSydney
PublisherAustralian Computer Society
Pages61-69
Number of pages9
ISBN (Print)9781920682798
Publication statusPublished - 2009
EventSeventh Australasian Information Security Conference - Wellington, New Zealand
Duration: 20 Jan 200921 Jan 2009

Publication series

NameConferences in Research and Practice in Information Technology
Volume98

Conference

ConferenceSeventh Australasian Information Security Conference
Abbreviated titleAISC 2009
CountryNew Zealand
CityWellington
Period20/01/0921/01/09

Fingerprint

Risk management
Decision model
Interaction
Risk model
Prediction
Reference model
Incomplete information
Electronic banking
Stock options
Decision process
Trust model
Menu

Cite this

Alcade, B., Dubois, E., Mauw, S., Mayer, N., & Radomirović, S. (2009). Towards a Decision Model Based on Trust and Security Risk Management. In L. Brankovic, & W. Susilo (Eds.), Information Security 2009: Proceedings of the Seventh Australasian Information Security Conference (AISC 2009), Wellington, New Zealand, January 2009 (pp. 61-69). (Conferences in Research and Practice in Information Technology; Vol. 98). Sydney: Australian Computer Society.
Alcade, Baptiste ; Dubois, Eric ; Mauw, Sjouke ; Mayer, Nicolas ; Radomirović, Saša. / Towards a Decision Model Based on Trust and Security Risk Management. Information Security 2009: Proceedings of the Seventh Australasian Information Security Conference (AISC 2009), Wellington, New Zealand, January 2009. editor / Ljiljana Brankovic ; Willy Susilo. Sydney : Australian Computer Society, 2009. pp. 61-69 (Conferences in Research and Practice in Information Technology).
@inproceedings{7a42ad0f4d4c4842b3c263cb9d66a188,
title = "Towards a Decision Model Based on Trust and Security Risk Management",
abstract = "From choosing the daily lunch menu to buying or selling stock options, decisions have to be made every day. In general, due to incomplete information, making a decision carries a risk. Typically, such risks are mitigated through risk management.However, risk is not the only element involved in the decision process. When the decision to be made concerns an interaction between two entities, trust plays an important role. Trust, in such an interaction, is a prediction of one entity's reliance on the other entity to perform a certain action.In this paper we formulate a trust reference model and take a first step towards a decision model by combining the trust model with an existing risk model. The decision model is illustrated by an example in the e-banking domain.",
author = "Baptiste Alcade and Eric Dubois and Sjouke Mauw and Nicolas Mayer and Saša Radomirović",
note = "No funding info",
year = "2009",
language = "English",
isbn = "9781920682798",
series = "Conferences in Research and Practice in Information Technology",
publisher = "Australian Computer Society",
pages = "61--69",
editor = "Brankovic, {Ljiljana } and Susilo, {Willy }",
booktitle = "Information Security 2009",
address = "Australia",

}

Alcade, B, Dubois, E, Mauw, S, Mayer, N & Radomirović, S 2009, Towards a Decision Model Based on Trust and Security Risk Management. in L Brankovic & W Susilo (eds), Information Security 2009: Proceedings of the Seventh Australasian Information Security Conference (AISC 2009), Wellington, New Zealand, January 2009. Conferences in Research and Practice in Information Technology, vol. 98, Australian Computer Society, Sydney, pp. 61-69, Seventh Australasian Information Security Conference, Wellington, New Zealand, 20/01/09.

Towards a Decision Model Based on Trust and Security Risk Management. / Alcade, Baptiste; Dubois, Eric; Mauw, Sjouke; Mayer, Nicolas; Radomirović, Saša.

Information Security 2009: Proceedings of the Seventh Australasian Information Security Conference (AISC 2009), Wellington, New Zealand, January 2009. ed. / Ljiljana Brankovic; Willy Susilo. Sydney : Australian Computer Society, 2009. p. 61-69 (Conferences in Research and Practice in Information Technology; Vol. 98).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Towards a Decision Model Based on Trust and Security Risk Management

AU - Alcade, Baptiste

AU - Dubois, Eric

AU - Mauw, Sjouke

AU - Mayer, Nicolas

AU - Radomirović, Saša

N1 - No funding info

PY - 2009

Y1 - 2009

N2 - From choosing the daily lunch menu to buying or selling stock options, decisions have to be made every day. In general, due to incomplete information, making a decision carries a risk. Typically, such risks are mitigated through risk management.However, risk is not the only element involved in the decision process. When the decision to be made concerns an interaction between two entities, trust plays an important role. Trust, in such an interaction, is a prediction of one entity's reliance on the other entity to perform a certain action.In this paper we formulate a trust reference model and take a first step towards a decision model by combining the trust model with an existing risk model. The decision model is illustrated by an example in the e-banking domain.

AB - From choosing the daily lunch menu to buying or selling stock options, decisions have to be made every day. In general, due to incomplete information, making a decision carries a risk. Typically, such risks are mitigated through risk management.However, risk is not the only element involved in the decision process. When the decision to be made concerns an interaction between two entities, trust plays an important role. Trust, in such an interaction, is a prediction of one entity's reliance on the other entity to perform a certain action.In this paper we formulate a trust reference model and take a first step towards a decision model by combining the trust model with an existing risk model. The decision model is illustrated by an example in the e-banking domain.

UR - http://crpit.com/abstracts/CRPITV98Alcalde.html

UR - http://dl.acm.org/citation.cfm?id=1862768&CFID=958625136&CFTOKEN=98618365

M3 - Conference contribution

SN - 9781920682798

T3 - Conferences in Research and Practice in Information Technology

SP - 61

EP - 69

BT - Information Security 2009

A2 - Brankovic, Ljiljana

A2 - Susilo, Willy

PB - Australian Computer Society

CY - Sydney

ER -

Alcade B, Dubois E, Mauw S, Mayer N, Radomirović S. Towards a Decision Model Based on Trust and Security Risk Management. In Brankovic L, Susilo W, editors, Information Security 2009: Proceedings of the Seventh Australasian Information Security Conference (AISC 2009), Wellington, New Zealand, January 2009. Sydney: Australian Computer Society. 2009. p. 61-69. (Conferences in Research and Practice in Information Technology).