|
The trust definition and issues raised in Ed Gerck's essay have been
discussed online since 1997 in several technical groups including the
MCG and IETF's PKIX lists, and have also been presented in books and essays.
Detailed and in-depth online discussions among the experts, as well as
practical applications, have helped Gerck evolve and test these concepts
over time. What has been missing is a summary and
clarification of the arguments.
Trust is a word that is commonly applied to many situations and consequently
has many shades of meaning. This essay by Ed Gerck focuses on one precise
set of coherent meanings: the concept of trust in the context of communication.
More specifically, in the context of the engineering problem of Internet
communications. Gerck defines trust as "that which is essential to
a communication channel but cannot be transferred from a source to a destination
using that channel." Thus, trust is considered something essentially
communicable, but with specific rules for its communication. For example,
self-assertions cannot induce trust. Client-server communication is not
enough to induce trust. Gerck demonstrates why trust is needed and shows
the interplay between trust and power. His exposition also discusses the
induction (communication) of trust in heterogeneous environments, from
human to machine, machine to machine, and machine to human.
Note: Meaning must also be communicated in such heterogeneous environments.
In fact, introducing meaning into information theory so that the communication
of meaning can be described, has been an open
problem since 1948. Gerck asserts that the way to communicate meaning
is to first communicate trust and bits, and then use them to define the
meaning. In other words, rather than introduce meaning into information
theory, we introduce trust. Meaning will be introduced and conveyed implicitly.
The problems of trust are diverse and touch upon many different aspects
of the reliability of Internet communications. We need to solve these
problems. A common question is whether these problems could not be solved
by more control. In the discussion of trust versus control, Gerck notes
that it is instructive to view trust as an open-loop control process,
i.e., a control process that does not rely on a closed feedback loop in
order to achieve its purpose. This approach to trust in communication
systems versus close surveillance has a number of advantages, including
simpler systems, easier design and interfacing, less cost, and the lack
of a single handle of control which is, of course, a single point of failure.
While general issues of control on the Internet have been talked about
for many years, the specific issue of bringing centralized control to
the Internet would need to deal with that vexing question--what to control
and where? Gerck reminds us that in answering this question one must first
dispel the notion of "center" and "edges" existing
in the Internet. The Internet is not a network; it is a network of networks.
Talking about "edges of the Net" is like talking about the "last
Web page of the Net"-- where is it? This line of reasoning also shows
that the argument for "trust at the edges of the Net" is a fallacy.
An edge that is able to route IP packets becomes a center.
Furthermore, Gerck states that we need to remember that trust is always
local to and is earned in communities of interest. This speaks against
the idea of a cookie-cutter approach to Internet control, since each community
of interest will have different goals, different control objectives. In
summary, the answer needed to solve the fundamental problem of Internet
communications is trust. Not trust as blind faith, compliance, belief,
or ignorance, but trust as qualified reliance on information through open-loop
control. Trust is that which provides meaning to information. Trust is
something that can flow in our existing TCP/ IP, dial-up and other networks.
Some Answers
The last issue began to explore how the growth and development of the
Internet over the last decade had increased the importance of trust. Let's
explore these ideas further by asking, what is trust? It is one of those
terms that everyone thinks at first they understand. We tend to see it
in black and white terms. In reality, it is far more complex.
The article on the end-to-end principle, in last month's COOK Report,
examined, with the aid of Einar Stefferud, a series of ideas involving
the role of trust in the technical architecture of the Internet. Stefferud's
comments were based on a model of trust developed in 1997 by Ed Gerck.
We have now asked Ed Gerck who is CEO of Network
Manifold Associates, Inc. to describe this model of trust for us.
Gerck sees trust in the context of the engineering problem of communications.
In his words, "NMA's goal with these trust tools is to empower individuals
and companies in controlling their own network connections. How they will
use this empowerment to build their business and other relationships in
their interactions is outside of our scope. How they will balance control
at the edges with control from a center is also open-ended. The tools
that we provide will permit them to make a full range of choices. Trust
depends, among other things, on being able to choose."
Gerck's exposition goes beyond understanding trust in communication networks.
It shows how trust can be induced (communicated) from human to machine,
machine to machine, and machine to human. For trust is something essentially
communicable. But there are rules that govern such communication. We need
to identify and understand these rules before we can put them to practical
use. Gerck's article explains these rules and shows how trust can be applied
to a wide range of communication systems. At the same time in Canada Bill
St Arnaud and Canarie are ready to embark on a project that will ultimately
put control over physical network bandwidth into the hands of the end
users. CaNet*4 will result in the development of switches that will enable
user control of light waves. They will use a variant of BGP to enable
connection of light waves (peering) across the boundaries of autonomous
systems, that is across separate networks.
At the recent annual Next Generation Network meeting, Light Reading interviewed
Andrew Oldlyzko, who is now with the University of Minnesota's Digital
Technology Center. Andrew said "Basic bandwidth is a commodity service."
"You can fight it, but you're not going to win." According to
Light Reading, Oldyzko believes the money lies in providing "edge
services" that hook consumers up to new applications using that bandwidth.
See http://www.lightreading.com/document.asp?site=lightreading&doc_id=9529
Also Scott Clavena in November 19th Light reading column titled "On
the Crest of a Wave" described how carriers and even ILECs are beginning
to buy lightwaves rathers than light their own fiber. http://www.lightreading.com/document.asp?doc_id=9771
CANARIE is building tools to enable such edge services. Ca*net4 will
test Odlyzko's and Clavena's premises with a vengeance
|
