Trusting Our Electronic Assistants

From the Editor-in-Chief . . . Trusting Our Electronic Assistants

BEING INTERACTIVE Munindar P. Singh • [email protected]

With the rapid deployment of the Elements of Trust Internet, we now routinely interact Trust goes beyond security in that it with strangers—at both personal and concerns managing interactions at the corporate levels—and increasingly with application level. Security is about the strangers’ electronic minions. It is authenticating another party and not uncommon to buy goods—even authorizing its actions. Trust is about mundane items such as groceries— the given party’s acting in our best online. Innovations in computing pro- interest and choosing the right actions vide tools that can help us as we inter- from among those authorized. act with others. For example, programs We sometimes see trust as the can reside not only on our desktops belief that all parties will comply with but also in smart phones, PDAs, and even refrigera- legal contracts. Obviously, contracts are important tors, to help with our shopping (http://www.usato- in maintaining social order and stability; however, day.com/life/cyber/tech/review/ctd560.htm). These being trustworthy entails quite a bit more. Many programs serve end users while also meeting certain activities are performed without an explicit con- business needs, such as supply chain management. tract, so trust involves other important elements. All interacting parties face dynamically changing To begin with, trustworthiness is having the right situations. Let’s say you need unusual groceries for a capabilities. Nobody likes to trust someone who is special recipe, but the grocery store is out of those incompetent or simply unaware of important material particular ingredients. You may want your refrigera- facts. With friends who are klutzes—even well-inten- tor to contact stores other than your regular grocer tioned klutzes—who needs enemies? If my refrigerator doesn’t notice that I am running out of milk—or does notice but doesn’t place the order in time—then I can’t trust it to manage my grocery purchases. Trustworthy peers are not only aware of the facts, Nobody likes to trust someone who but they also apply them in a way that serves the is incompetent or simply unaware needs of those with whom they interact. For example, the grocery store should send me milk whose expira- of important material facts. tion date allows sufficient time for consumption. Trustworthiness is being truthful, sincere, and well-intentioned. It is also being honest—that is, not deceptive or misleading. It is difficult to trust some- or decide whether to accept substitute ingredients. one who may be, strictly speaking, truthful but con- In other words, for online interactions to succeed veys information (or conveys it in a manner) that without continual human hand-holding, all inter- leads to incorrect conclusions. For example, if the acting parties need programs with sufficient auton- grocery store promotes a brand of milk that yields it omy to represent their interests. For the interactions greater profits instead of the one I prefer, I will have to be controllable and predictable despite the pro- little trust in its recommendations. Of course, this grams’ autonomy, our electronic assistants must be aspect of trust has already been breached by the able to enter into and abide by contracts they make practice of search engines’ ranking Web sites on the with each other on our behalf. basis of payments received from those sites. Endowing our software with the capability to act Thus, in philosophical terms, trustworthiness can autonomously and to enter into contracts leads nat- be of three major kinds. One, a person or corpora- urally to the question of trust. Ultimately, trust tion is trustworthy if it is ethical and adheres to a underlies all interactions—in this case with our higher standard than explicitly required by whatev- refrigerator and our grocery store. er contracts apply. Two, trustworthiness is support-

4 MARCH • APRIL 2000 http://computer.org/internet/ IEEE INTERNET COMPUTING IEEE INTERNET COMPUTING IEEE Computer Society Publications Office 10662 Los Vaqueros Circle, PO Box 3014 ing one’s collaborators by looking out for their interests Los Alamitos, CA 90720-1314 and those of others in our shared world. For example, EDITOR-IN-CHIEF instead of waiting for an order to lapse, we might cancel it Munindar P. Singh • [email protected] as soon as we realize it is no longer needed, thereby freeing the resources of our business partners. Three, failing all ASSOCIATE EDITOR-IN-CHIEF else, trustworthiness is being rational. If you can model an Robert Filman • [email protected] entity as rational, you will find its actions more predictable EDITORIAL BOARD than if you lacked the assumption of rationality. You can Salah Aidarous • [email protected] constrain the actions of a rational entity by persuading it (IEEE Communications Society Liaison) that to act in your interest is also to act in its own interest. Miroslav Benda • [email protected] Scott Bradner • [email protected] From Concept to Practice K. Mani Chandy • [email protected] Can we achieve all these varieties of trust in our online Fred Douglis • [email protected] interactions? I don’t expect that we will need to achieve (Liaison to IEEE CS Technical Committee on the Internet) them all at the same time. However, if we are to achieve Stuart I. Feldman • sif@us.ibm.com them, we must build interfaces that enable the user and Li Gong • [email protected] the software to communicate unambiguously. We also Seif Haridi • [email protected] need to endow the software with stronger powers of rea- Michael N. Huhns • [email protected] soning so that when equipped with knowledge of its user’s Ray W. Johnson • [email protected] desires, it can proceed in a trustworthy manner. ■ Gail E. Kaiser • [email protected] Leonard Kleinrock • [email protected] Doug Lea • [email protected] Frank Maurer • [email protected] New Column … Charles E. Perkins • [email protected] Charles J. Petrie • [email protected] (EIC emeritus) Stuart Feldman Agostino Poggi • [email protected] Stuart Feldman William Regli • [email protected] on E-Commerce Helmuth Ritzer • [email protected] Anthony Michael Rutkowski • [email protected] Coming to IC in the Ravi Sandhu • [email protected] Brian Thomas • [email protected] May/June 2000 issue STAFF Managing Editor: Linda World [email protected] Staff Editor: Joan Taylor IC is expanding coverage of critical issues in [email protected] Internet development with the addition of our Editorial Asst./IC Online Design: Steve Woods newest column. Stuart Feldman is director of the [email protected] IBM Institute for Advanced Commerce, where he Magazine Assistant: Hazel Kosky manages a staff of more than 90 researchers in [email protected] network-related technologies including e-commerce, Art Director: Joseph Daigle Internet media, and antivirus systems. Cover Design: Joseph Daigle Graphic Artist: Ken Duckworth Feldman was a member of the original Unix Contributing Editors: David Clark, research team, and has published numerous Keri Schreiner, Martin Zacks research papers in software engineering, pro- Publisher: Angela Burgess gramming languages, and scientific computing. Membership/Circulation Marketing Manager: Georgann Carter Advertising Manager: Patricia Garvey Advertising Supervisor: Marian Anderson

CS MAGAZINE OPERATIONS COMMITTEE Gul Agha (chair), William Everett (vice chair), James H. Aylor, Jean Bacon, Wushow Chou, George Cybenko, William I. Grosky, Steve McConnell, Daniel E. O’Leary, Ken Sakamura, Munindar P. Singh, James J. Thomas, Yervant Zorian keeping you on track with the reading edge of technology CS PUBLICATIONS BOARD Ben Wah (chair), Jon Butler, Carl Chang, Alan Clements, Dante Del Corso, Richard Eckhouse, William Everett, IEEE INTERNET COMPUTING Francis Lau, Dave Pessel, Sorel Reisman 5