Wen Guang Qu,Daniel Tomiuk,Zhongming Wang

DOI: https://doi.org/10.1109/iccsit.2009.5234406

2009-01-01

Abstract:Business literature identifies trust as a key factor in promoting electronic interfirm cooperation (EIC). We believe, however, that such findings cannot be generalized to all forms of trust nor to all types of EIC. Specifically, we propose that a high presence of a certain form of trust called social trust may actually impede EIC when it is supported by proprietary-standard interorganizational systems (proprietary-IOS). Instead, the presence of high social trust will encourage companies to adopt EIC supported by open-standard IOS (open-IOS).

Enkele Rama,Mouadh Ayache,Rainer Buchty,Bernhard Bauer,Matthias Korb,Mladen Berekovic,Saleh Mulhem

DOI: https://doi.org/10.1109/access.2024.3400685

IF: 3.9

2024-05-24

IEEE Access

Abstract:The trustworthiness of integrated circuits (ICs) has become increasingly important due to the ubiquitousness of ICs and the insecure nature of the current semiconductor supply chain. Throughout development and operation, ICs are exposed to several risks that can arise from malicious actors or harsh operational conditions. Therefore, the question arises: Does the trustworthiness of an IC indicate its security only or other attributes beyond? Various disciplines may have a different understanding of what IC trustworthiness means. Thus, a compact and unified definition that provides its main overarching attributes is required. Such a definition would lead to a greater readiness to deal with emerging challenges. To define trustworthiness at IC level, we identify the minimum number of attributes required to cover the various perspectives of development, focusing on correct functionality, reliability, security, and functional safety. Subsequently, we review and provide a structured description of identified critical pre-silicion issues that can negatively impact the defined attributes. Besides academic literature, standards, and industry-relevant publications, we consider industry experts' opinions to achieve the maximum possible coverage of our topical review. We also provide an overview and analysis of several existing evaluation methodologies of the respective trustworthiness attributes, as evaluating the discussed issues is another important aspect for achieving trustworthiness. Our findings highlight the need for a comprehensive and universally applicable framework to evaluate the trustworthiness of ICs.

computer science, information systems,telecommunications,engineering, electrical & electronic

Orhio Mark Creado,Bala Srinivasan,Phu Dung Le,Jefferson Tan

DOI: https://doi.org/10.5121/csit.2014.4212

2014-03-03

Abstract:Trust is an absolute necessity for digital communications; but is often viewed as an implicit singular entity. The use of the internet as the primary vehicle for information exchange has made accountability and verifiability of system code almost obsolete. This paper proposes a novel approach towards enforcing system security by requiring the explicit definition of trust for all operating code. By identifying the various classes and levels of trust required within a computing system; trust is defined as a combination of individual characteristics. Trust is then represented as a calculable metric obtained through the collective enforcement of each of these characteristics to varying degrees. System Security is achieved by facilitating trust to be a constantly evolving aspect for each operating code segment capable of getting stronger or weaker over time.

Cryptography and Security

Ran Yang,Chuang Lin,Yixin Jiang,Xiaowen Chu

DOI: https://doi.org/10.1109/icc.2011.5963329

2011-01-01

Communications

Abstract:The rapid development of applications running on global information infrastructure poses the problem of securing information sharing among domain collaborations. Existing access control models are defective in dynamic authorization based on user's trustworthiness and do not take full advantages of the infrastructure in implementing access control system. In this work, we propose a trust and role based access control model and the corresponding framework in infrastructure-centric environment. With the extension to RBAC model, trust level requirements, which dictate that the roles in the privilege context must be activated by the trustworthy user, can be specified. The comprehensive trust model, which calculates the user's trust level in multiple trust contexts based on behavior histories, is proposed. Moreover, by taking advantages of the infrastructure services, our scheme is flexible and scalable in that system administrators are free to choose custom scoring functions while the infrastructure trust evaluation services are relieved of the heavy burdens of history record maintenance and trust level update.

Jessa Lin Westheimer,Ryan P Smith,Peter Iacobelli,Hyuntaek Oh,Lacey Tezino,Raheela Khan,Jared Broussard,Gordon Meltzer,Nadine Obeid,Stephanie Cunningham,Robert J Boland,Michelle A Patriquin

DOI: https://doi.org/10.1016/j.jad.2024.08.206

2024-09-01

Abstract:Innovative technology-based solutions in mental healthcare promise significant improvements in care quality and clinical outcomes. However, their successful implementation is profoundly influenced by the levels of trust patients hold toward their treatment providers, organizations, and the technology itself. This paper delves into the complexities of building and assessing patient trust within the intensive mental health care context, focusing on inpatient settings. We explore the multifaceted nature of trust, including interpersonal, institutional, and technological trust. We highlight the crucial role of therapeutic trust, which comprises both interpersonal trust between patients and providers, and institutional trust in treatment organizations. The manuscript identifies potential key barriers to trust, from sociocultural background to a patient's psychopathology. Furthermore, it examines the concept of technological trust, emphasizing the influence of digital literacy, socio-economic status, and user experience on patients' acceptance of digital health innovations. By emphasizing the importance of assessing and addressing the state of trust among patients, the overarching goal is to leverage digital innovations to enhance mental healthcare outcomes within intensive mental health settings.

Jeff Collmann,Johnathan Coleman,Kristen Sostrom,Willie Wright

DOI: https://doi.org/10.1089/tmj.2004.10.311

Abstract:Organizations must continuously seek safety. When considering computerized health information systems, "safety" includes protecting the integrity, confidentiality, and availability of information assets such as patient information, key components of the technical information system, and critical personnel. "High Reliability Theory" (HRT) argues that organizations with strong leadership support, continuous training, redundant safety mechanisms, and "cultures of high reliability" can deploy and safely manage complex, risky technologies such as nuclear weapons systems or computerized health information systems. In preparation for the Health Insurance Portability and Accountability Act (HIPAA) of 1996, the Office of the Assistant Secretary of Defense (Health Affairs), the Offices of the Surgeons General of the United States Army, Navy and Air Force, and the Telemedicine and Advanced Technology Research Center (TATRC), US Army Medical Research and Materiel Command sponsored organizational, doctrinal, and technical projects that individually and collectively promote conditions for a "culture of information assurance." These efforts include sponsoring the "P3 Working Group" (P3WG), an interdisciplinary, tri-service taskforce that reviewed all relevant Department of Defense (DoD), Miliary Health System (MHS), Army, Navy and Air Force policies for compliance with the HIPAA medical privacy and data security regulations; supporting development, training, and deployment of OCTAVE(sm), a self-directed information security risk assessment process; and sponsoring development of the Risk Information Management Resource (RIMR), a Web-enabled enterprise portal about health information assurance.

Xukai Zou,Yuan-shun Dai,Yi Pan

DOI: https://doi.org/10.1142/9789812790880

2008-01-01

Abstract:Computer networks are compromised by various unpredictable factors, such as hackers, viruses, spam, faults, and system failures, hindering the full utilization of computer systems for collaborative computing one of the objectives for the next generation of the Internet. It includes the functions of data communication, resource sharing, group cooperation, and task allocation. One popular example of collaborative computing is grid computing. This monograph considers the latest efforts to develop a trusted environment with the high security and reliability needed for collaborative computing. The important modules treated include secure group communication, access control, dependability, grid computing, key management, intrusion detection, and trace back. In addition, a real project for developing a nationwide medical information system with high dependability and security is described. Contents: Secure Group Communication (SGC); Cryptography Based Access Control; Intrusion Detection and Defence; Security in Grid Computing; Trusted and Seamless Medical Information Systems.

Nalin Asanka Gamagedara Arachchilage,Andrew Martin

DOI: https://doi.org/10.48550/arXiv.1511.04541

2016-01-08

Abstract:Information sharing has become a vital part in our day-to-day life due to the pervasiveness of Internet technology. In any given collaboration, information needs to flow from one participant to another. While participants may be interested in sharing information with one another, it is often necessary for them to establish the impact of sharing certain kinds of information. This is because certain information could have detrimental effects when it ends up in wrong hands. For this reason, any would-be participant in a given collaboration may need to establish the guarantees that the collaboration provides, in terms of protecting sensitive information, before joining the collaboration as well as evaluating the impact of sharing a given piece of information with a given set of entities. In order to address this issue, earlier work introduced a trust domains taxonomy that aims at managing trust-related issues in information sharing. This paper attempts to empirically investigate the proposed taxonomy through a possible scenario (e.g. the ConfiChair system). The study results determined that Role, Policy, Action, Control, Evidence and Asset elements should be incorporated into the taxonomy for securely sharing information among others. Additionally, the study results showed that the ConfiChair, a novel cloud-based conference management system, offers strong privacy and confidentiality guarantees.

Cryptography and Security

Peter C. Chapin,Sean Wang

2006-01-01

Abstract:Trust management systems are frameworks for authorization in modern distributed systems, allowing remotely accessible resources to be protected by providers. By allowing providers to specify policy, and access requesters to possess certain access rights, trust management automates the process of determining whether access should be allowed on the basis of policy, rights, and an authorization semantics. In this paper we survey modern stateof-the-art in trust management, focusing on features of policy and rights languages that provide the necessary expressiveness for modern practice. We characterize systems in light of a generic structure that takes into account components of practical implementations. We emphasize systems that have a formal foundation, since security properties of them can be rigorously guaranteed. Underlying formalisms are reviewed to provide necessary background.

Kimon Papadopoulos,Viktor von Wyl,Felix Gille

DOI: https://doi.org/10.1177/20552076241228024

2024-01-01

Digital Health

Abstract:Objective Public trust in national electronic health record systems is essential for the successful implementation within a healthcare system. Research investigating public trust in electronic health records is limited, leading to a lack of conceptual clarity. In response, the objective of this study is to gain a clearer understanding on the conceptualizations of public trust in electronic health records, which can support the implementation of national electronic health record systems. Methods Guided by the PRISMA-ScR checklist, a scoping review of 27 qualitative studies on public trust in electronic health records found between January 2022 and June 2022 was conducted using an inclusive search method. In an iterative process, conceptual themes were derived describing the promoters and outcomes of public trust in electronic health records. Results Five major conceptual themes with 15 sub-themes were present across the literature. Comprehension, autonomy, and data protection promote public trust in electronic health record; while personal and system benefits are the outcomes once public trust in electronic health records exists. Additional findings highlight the pivotal role of healthcare actors for the public trust building process. Conclusions The results underscore comprehension, autonomy, and data protection as important themes that help ascertain and solidify public trust in electronic health records. As well, health system actors have the capacity to promote or hinder national electronic health record implementation, depending on their actions and how the public perceives those actions. The findings can assist researchers, policymakers, and other health system actors in attaining a better understanding of the intricacies of public trust in electronic health records.

public, environmental & occupational health,health care sciences & services,medical informatics,health policy & services

Caroline Jones,James Thornton,Jeremy C Wyatt

DOI: https://doi.org/10.1093/medlaw/fwad013

2023-05-22

Medical Law Review

Abstract:Abstract Artificial intelligence (AI) could revolutionise health care, potentially improving clinician decision making and patient safety, and reducing the impact of workforce shortages. However, policymakers and regulators have concerns over whether AI and clinical decision support systems (CDSSs) are trusted by stakeholders, and indeed whether they are worthy of trust. Yet, what is meant by trust and trustworthiness is often implicit, and it may not be clear who or what is being trusted. We address these lacunae, focusing largely on the perspective(s) of clinicians on trust and trustworthiness in AI and CDSSs. Empirical studies suggest that clinicians’ concerns about their use include the accuracy of advice given and potential legal liability if harm to a patient occurs. Onora O’Neill’s conceptualisation of trust and trustworthiness provides the framework for our analysis, generating a productive understanding of clinicians’ reported trust issues. Through unpacking these concepts, we gain greater clarity over the meaning ascribed to them by stakeholders; delimit the extent to which stakeholders are talking at cross purposes; and promote the continued utility of trust and trustworthiness as useful concepts in current debates around the use of AI and CDSSs.

law,medicine, legal

WANG Yuan,XU Feng,CAO Chun

DOI: https://doi.org/10.3969/j.issn.1002-137X.2005.08.069

2005-01-01

Computer Science

Abstract:The security problems of the open coordination software environment make great influence on the develop- ment and application of the software systems. Trust management is a new approach to solve these security problems ef- fectively. By analyzing the security problems of the open coordination software systems and the limitations of the tradi- tional trust management systems, this paper designs and implements a distributed access control system, DACBTM, based on trust management, which is suitable for the application system in the open coordination software environment. The system can evaluate the trust relationship between software entities by the approach of trust-evaluation. We also present an improved, effective algorithm for the collection of the security information, which provides a reasonable mechanism to solve the shortness of the security information in the open coordination software environment.

Tian Wang,Weidong Fang,Mufan Ni,Xiaoliang Yang,Wei Chen,Wentao Chen,Wuxiong Zhang

DOI: https://doi.org/10.1007/978-981-97-5603-2_25

2024-01-01

Abstract:Access control is an important component of information security system. It protects resources from unauthorized users or misuses by authorized users. Yet, the security of cipher-based access control may be compromised due to its fixed and predefined features. As an intelligent computing technology that simulates human behavior, trust evaluation can be an effective method for capturing users' unpredictable actions. Trust-based access control is a better method for tracking dynamic user behavior. Researchers are becoming increasingly enthusiastic in integrating Intelligent Computing concepts with access control. However, there is no article that covers all aspects of trust-based access control. Therefore, a comprehensive survey in this area of study is desperately needed. In this paper, we will investigate a novel approach to access control with trust. Access control is thus becoming more secure by incorporating trust evaluation. Furthermore, we will demonstrate how trust can be used to enhance access control secure by combining it with other intelligent computing technology like game theory.

Enid Montague,Onur Asan

DOI: https://doi.org/10.1080/00140139.2012.663002

IF: 2.5612

Ergonomics

Abstract:The present study investigated factors that explain patient trust in health technology and the relationship between patient trust in technology and trust in their care provider. Sociotechnical systems theory states that changes in one part of the system are likely related to other parts of the system. Therefore, attitudes about technologies, like trust, are likely related to other aspects of the system. Contributing to appropriate trust at the technological, interpersonal, and system levels can potentially lead to positive health outcomes. The study described in this manuscript used data collected from 101 patients with a Trust in Medical Technology instrument. The instrument measured patients' trust in (1) their providers, (2) the technology, and (3) how their providers used the technology. Measure 3 was positively associated with measures 1 and 2, while measures 1 and 2 were not positively or negatively associated with one another. These results may indicate that patient assessments of the trustworthiness of care providers and technologies are based on their observations of how providers use technologies. Practitioner summary: Though patients are not active users of technologies in health care, the results of this study show that their perceptions of how providers use technology are related to their trust in both technology and the care provider. Study findings have implications for how trust is conceptualised and measured in interpersonal relationships and in technologies.

Afua Adjekum,Marcello Ienca,Effy Vayena

DOI: https://doi.org/10.1089/omi.2017.0156

2017-12-01

Abstract:Trust is a ubiquitous term used in emerging technology (e.g., Big Data, precision medicine), innovation policy, and governance literatures in particular. But what exactly is trust? Even though trust is considered a critical requirement for the successful deployment of precision medicine initiatives, nonetheless, there is a need for further conceptualization with regard to what qualifies as trust, and what factors might establish and sustain trust in precision medicine, predictive analytics, and large-scale biology. These new fields of 21st century medicine and health often deal with the "futures" and hence, trust gains a temporal and ever-present quality for both the present and the futures anticipated by new technologies and predictive analytics. We address these conceptual gaps that have important practical implications in the way we govern risk and unknowns associated with emerging technologies in biology, medicine, and health broadly. We provide an in-depth conceptual analysis and an operative definition of trust dynamics in precision medicine. In addition, we identify three main types of "trust facilitators": (1) technical, (2) ethical, and (3) institutional. This three-dimensional framework on trust is necessary to building and maintaining trust in 21st century knowledge-based innovations that governments and publics invest for progressive societal change, development, and sustainable prosperity. Importantly, we analyze, identify, and deliberate on the dimensions of precision medicine and large-scale biology that have carved out trust as a pertinent tool to its success. Moving forward, we propose a "points to consider" on how best to enhance trust in precision medicine and predictive analytics.

Peter R Croll,Jasmine Croll

DOI: https://doi.org/10.1016/j.ijmedinf.2006.09.013

Abstract:Purpose: Health managers, administrators and health practitioners now face new challenges due to the increasing dependency being placed on electronic health information systems. This paper focuses on Electronic Health Records for determining the critical attributes for e-health system development. The proposed QUiPS model aims to provide a framework for building trustworthy solutions by identifying the pertinent issues needed to determine the risk exposure with a given system. Approach: To produce dependable, low risk and viable IT solutions, each critical attribute needs to be specifically addressed and prioritized. It is shown how these attributes possess a number of interdependencies making the analysis and prioritization tasks complex and hence, in practice, often incomplete. Two Australian case studies are presented that access enterprise level applications of live health records where these risk based techniques have been applied. Results: The value and the shortcomings of taking a risk based approach to developing and deploying electronic health information systems that are safe and secure, is evaluated. The case studies presented indicate that traditional methods used to derive the requirements are often inadequate and the risks that are faced in ensuring a safe and secure system are highly application dependent and dynamic. Conclusions: Convergence towards a viable universal solution for our electronic health records is not imminent and trust in e-health is fragile. Policies that data custodians follow need to be flexible and updated on a regular basis. Technological solutions are at best a stop gap to avoid the common hazards associated with access control and secure messaging. A wider range of analysis techniques to determine the key issues for a dependable health information system can derive longer term sustainable solutions.

Enid Montague,Erin K. Chiou

DOI: https://doi.org/10.1007/978-94-017-8854-0_9

2014-01-01

Abstract:Trust is a multifaceted construct in complex work systems. It affects relationships between individuals, the organizations they work in, and how they use information and communication technologies. Trust mediates the acceptance of information and communication technologies; studying people’s trust and how they trust can thus identify appropriate design features and implementation strategies for technology use in the workplace. This article discusses the types of trust that influence work system outcomes with a focus on information and communication technologies. A model integrating different types of trust is presented, illustrating the interrelationship between trust concepts and how attitudes about information and communication technologies might facilitate or inhibit trust at the interpersonal and organizational levels.

Canling Wang,Wei Wu,Fulong Chen,Hong Shu,Ji Zhang,Yuxuan Zhang,Taochun Wang,Dong Xie,Chuanxin Zhao

DOI: https://doi.org/10.1049/2024/5559522

2024-01-31

IET Information Security

Abstract:Blockchain is commonly employed in access control to provide safe medical data exchange because of the characteristics of decentralization, nontamperability, and traceability. Patients share personal health data by granting access rights to users or medical institutions. The major purpose of the existing access control techniques is to identify users who are permitted to access medical data. They hardly ever recognize internal assailants from legitimate entities. Medical data will involve multilayer access within the authorized organizations. Considering the cost of permissions management and the problem of insider malicious node attacks, users hope to implement authorization constraints within the authorized institutions. It can prevent their data from being maliciously disclosed by end-users from different authorized healthcare domains. For the purpose to achieve the fine-grained permissions propagation control of medical data in sharing institutions, a trust-based authorization access control mechanism is suggested in this study. Trust thresholds are assigned to different privileges based on their sensitivity and used to generate zero-knowledge proof to be broadcasted among blockchain nodes. This method evaluates the trust of each user through the dynamic trust calculation model. And meanwhile, smart contract is employed to verify whether the user’s trust can activate some permissions and ensure the privacy of the user’s trust in the process of authorization verification. In addition, the authorization transaction between users and institutions is recorded on the blockchain for patient traceability and accountability. The feasibility and effectiveness of the scheme are demonstrated through comprehensive comparisons and extensive experiments.

computer science, information systems, theory & methods

Xian-zhong ZHOU,Ji-zhou ZHAN,Meng LI,Jia-bao ZHAO,Ying-ying ZHU

2011-01-01

Abstract:How to ensure software trustworthiness is one of the hottest topics in the software engineering research at present. Three aspects on software distrust are studied from converse thinking. Based on the concept of software trustworthiness, the relationships among software distrust, failure, fault, defect and error are analyzed. Furthermore, the concept of distrustable factor is proposed originally. With the analysis of difference between distrustable factor and software risk factor, the basics and importance of distrustable factor are emphasized. The distrust chain of software is given, which is the extension of the classic failure chain. A new framework based on WBS-RBS is proposed to collect, identify and classify the distrustable factors. The reasonableness of the concept that proposed in the paper is verified by a case. It is specially pointed out that guaranteeing the software trustworthiness should focus on controlling and improving the original source-distrustable factor, instead of defect and fault.

Lauren A Taylor,Paige Nong,Jodyn Platt

DOI: https://doi.org/10.1111/1468-0009.12598

Abstract:Policy Points First, policymakers can create conditions that will facilitate public trust in health care organizations by making creating and enforcing health policies that make exploitative behavior costly. Second, policymakers can bolster the trustworthiness of health care markets and organizations by using their regulatory authority to address and mitigate harm from conflicts-of-interest and regulatory capture. Third, policymakers and government agencies can further safeguard the public's trust by being transparent and effective about their role in the provision of health services to the public. Context: Trust plays a critical role in facilitating health care delivery and calls for rebuilding trust in health care are increasingly commonplace. This article serves as a primer on the trust literature for health policymakers, organizational leaders, clinicians, and researchers based on the long history of engagement with the topic among health policy and services researchers. Methods: We conducted a synthetic review of the health services and health policy literatures on trust since 1970. We organize our findings by trustor-trustee dyads, highlighting areas of convergence, tensions and contradictions, and methodological considerations. We close by commenting on the challenges facing the study of trust in health care, the potential value in borrowing from other disciplines, and imperatives for the future. Findings: We identified 725 articles for review. Most focused on patients' trust in clinicians (n = 499), but others explored clinicians' trust in patients (n = 11), clinicians' trust in clinicians (n = 69), and clinician/patient trust in organizations (n = 19) and systems (n = 127). Across these five subliteratures, there was lack of consensus about definitions, dimensions, and key attributes of trust. Researchers leaned heavily on cross-sectional survey designs, with limited methodological attention to the relational or contextual realities of trust. Trust has most commonly been treated as an independent variable related to attitudinal and behavioral outcomes. We suggest two challenges have limited progress for the field: (1) conceptual murkiness in terms and theories, and (2) limited observability of the phenomena. Insights from philosophy, sociology, economics, and psychology offer insights for how to advance both the theoretical and empirical study of health-related trust. Conclusion: Conceptual clarity and methodological creativity are critical to advancing health-related trust research. Although rigorous research in this area is challenging, the essential role of trust in population health necessitates continued grappling with the topic.