From Threat Models to Trust Models for Technology We Can Trust

One of the key consequences of COVID-19 has been the rapid acceleration of the adoption of digital technologies and digital systems. The crisis has jolted us from the industrial economy into the digital economy. The digital economy is here to stay. In grappling with how best to navigate this deeper digital trajectory, we have done very little planning to create resilient digital infrastructures that maintain trust and serve society in the ways we want. At present, we are reliant on precarious digital infrastructures are neither intentional or understood, leaving us exposed and vulnerable to digital exploitation.

Resilience is a fundamental concept in disaster management about how to best prepare, address, and recover from crisis. Trust is key in this process. In current conditions, digital trust. So, how do we transition to digital infrastructure we can trust?

Digital Trust

Cybersecurity, although important, only offers a narrow approach to resilience predicated on threat modelling. While cybersecurity protects computers, trust modelling protects people.

The aim of resilient digital infrastructures is to create trusted interactions among communities of people. The way to pursue this goal is through a concept we call ‘trust modelling’.

Trust Models

Thus, while threat modelling = a technology + a user +a context; trust modelling = people + context + network.

As such, in any given context, a network of people and a network of technologies creates either a trusted or untrusted network.

Trust modelling offers a framework for modelling trust appetite with communities, or in the case of COVID-19 recovery, societies. We must design and advocate for digital infrastructures based on a reasonable, and scalable, trust model.

Trust Frameworks

Privacy-by-design is a technology design principle that considers throughout the entire engineering process. The initial principles of privacy-by-design are; proactive not reactive, privacy as a default setting, privacy embedded into design, full functionality, end-to-end security, visibility and transparency, and user-centric respect for privacy. This is crucial, as information privacy only exists only insofar as it is upheld in the social context and norms of a network in which consent was given, as argued by Helen Nissembaum in her book ‘Privacy in Context’.

The S4 Principlesof Simple, Secure, and Survivable Systems offers a framework for technology that serves the interests of end-users and maintains human dignity, especially in crisis situations. With an emphasis on pre-emption, the S4 Principles are the four properties that are vital for the long-term sustainability of critical capabilities, and therefore the strengthening of societies against existing and emergent shocks and threats.

Trustless technologies, by way of decentralised, fault-tolerant peer-to-peer networks such as blockchains offer another trust framework for resilient digital infrastructure. ‘Trustless’ technologies remove reliance on central parties that access or own a network by aligning incentives amongst all participants, to enable trustless interactions, where you can collaborate with someone you don’t know or trust. Incentives can be economic or social. Practically, this means designing digital infrastructure so it can’t be exploited. Distrust, rather than trust, is therefore the starting point for understanding the relationship between people and digital infrastructure. A crucial part of the culture of development and implementation of trustless technology includes technical mechanisms, such as cryptographic security, as well as transparency through open-sourcing all code for public infrastructures.

Integrating Trust Technologies

One of the key risks of digital transformation is perpetuating and reinforcing existing asymmetries with digitally powered infrastructures. This is often seen in the deployment of ‘blockchains’ that are centrally issued and private, and thus, not decentralised and ‘owned’ by participants in the network. The idea is not to overthrow the system, but to preserve both cooperation and individuality.

Conclusion

With thanks to Eileen at Simply Secure for letting me run with the concept of ‘trust models’ from our work on the DOTS Report, and my colleague Professor Sinclair Davidson at the RMIT Blockchain Innovation Hub for feedback.

Social scientist researcher in decentralised technologies and infrastructures. RMIT University Digital Ethnography Research Centre / Blockchain Innovation Hub