Editing Trusted system (section)

==Trusted systems in information theory==
Trusted systems in the context of [[information theory]] are based on the following definition:
{{quote|"Trust is that which is essential to a communication channel but cannot be transferred from a source to a destination using that channel" |source=Ed Gerck<ref name="Trust Points">Feghhi, J. and P. Williams (1998) ''Trust Points'', in Digital Certificates: Applied Internet Security. Addison-Wesley, {{ISBN|0-201-30980-7}}; [http://mcwg.org/mcg-mirror/trustdef.htm Toward Real-World Models of Trust: Reliance on Received Information]</ref>}}

In information theory, information has nothing to do with knowledge or meaning; it is simply that which is transferred from source to destination, using a communication channel. If, before transmission, the information is available at the destination, then the transfer is zero. Information received by a party is that which the party does not expect&mdash;as measured by the uncertainty of the party as to what the message will be.

Likewise, trust as defined by Gerck, has nothing to do with friendship, acquaintances, employee-employer relationships, loyalty, betrayal and other overly-variable concepts.  Trust is not taken in the purely subjective sense either, nor as a feeling or something purely personal or psychological&mdash;trust is understood as something potentially communicable. Further, this definition of trust is abstract, allowing different instances and observers in a trusted system  to communicate based on a common idea of trust (otherwise communication would be isolated in domains), where all necessarily different subjective and intersubjective realizations of trust in each subsystem (man and machines) may coexist.<ref name="Trust as Qualified Reliance">[http://nma.com/papers/it-trust-part1.pdf Trust as Qualified Reliance on Information, Part I], The COOK Report on Internet, Volume X, No. 10, January 2002, {{ISSN|1071-6327}}.</ref>

Taken together in the model of information theory, "information is what you do not expect" and "trust is what you know". Linking both concepts, trust is seen as "qualified reliance on received information". In terms of trusted systems, an assertion of trust cannot be based on the record itself, but on information from other information channels.<ref>Gregory, John D. (1997). [http://pages.ca.inter.net/~euclid1/call.html John D. Electronic Legal Records: Pretty Good Authentication?]</ref> The deepening of these questions leads to complex conceptions of trust, which have been thoroughly studied in the context of business relationships.<ref>Huemer, L. (1998). [http://www.borea.nu/index.asp?PAGE=1&ARTICLE=1&saID=78 Trust in business relations: Economic logic or social interaction?] Umeå: Boréa. {{ISBN|91-89140-02-8}}.</ref> It also leads to conceptions of information where the "quality" of information integrates trust or trustworthiness in the structure of the information itself and of the information system(s) in which it is conceived&mdash;higher quality in terms of particular definitions of accuracy and precision means higher trustworthiness.<ref>[[Kristo Ivanov|Ivanov, K.]]  (1972). [http://www.informatik.umu.se/~kivanov/diss-avh.html Quality-control of information: On the concept of accuracy of information in data banks and in management information systems].The University of Stockholm and The Royal Institute of Technology.</ref>

An example of the calculus of trust is "If I connect two trusted systems, are they more or less trusted when taken together?".<ref name="Trust as Qualified Reliance" />

The [[IBM]] Federal Software Group <ref name="Daly, Christopher">Daly, Christopher. (2004). A Trust Framework for the DoD Network-Centric Enterprise Services (NCES) Environment, IBM Corp., 2004. (Request from the IEEE Computer Society's [http://issaa.org/documents/ ISSAA] {{webarchive|url=https://web.archive.org/web/20110726192910/http://issaa.org/documents/ |date=2011-07-26 }}).</ref> has suggested that "trust points" <ref name="Trust Points" /> provide the most useful definition of trust for application in an information technology environment, because it is related to other information theory concepts and provides a basis for measuring trust. In a network-centric enterprise services environment, such a notion of trust is considered <ref name="Daly, Christopher" /> to be requisite for achieving the desired collaborative, service-oriented architecture vision.