Enabling Effective Trust Judgments
Dr. Sean Smith
Department of Computer Science
Dartmouth College
ABSTRACT
A key part of making our society's information infrastructure work is
enabling the parties involved---human users as well as programs---to
make effective trust judgments about each other. Should A trust B
for action X? If it's all just wires and bits, how can A know?
This problem is made even messier by the emerging multiplicity of
users, roles, machines, administrative domains, application contexts,
and opinions about what constitutes valid grounds for trust.
Over the past several years, my students and I have been exploring the
technological issues underlying effective trust judgments. This talk
will discuss some of our research:
- Why should we trust what's happening at a remote server? (I'll discuss
our experimental work in building private information servers.)
- Why should we trust what's happening at a local client?
(I'll discuss some of our experiences regarding the surprising
insecurity of browsers and SSL.)
This talk will also briefly survey some of our other research in
trusted computing platforms and applications, and in using PKI in
wireless networking and Internet routing.
BIOGRAPHY
Sean Smith has been a scientist at Los Alamos National Laboratory,
doing security reviews, and at IBM T.J.Watson Research Center, where
he designed the security architecture for (and helped code and test)
the IBM 4758 secure coprocessor, and then led the formal modeling and
verification work that earned it the world's first FIPS 140-1 Level 4
security validation. In July 2000, Sean left IBM for Dartmouth
College. Sean was educated at Princeton (B.A., Math) and CMU (M.S.,
Ph.D., Computer Science).