Trust*: Using Local Guarantees to Extend the Reach of Trust

We propose a new concept called trust* as a way of avoiding the necessity to transitively trust others in a range of distributed environments. The trust* approach uses guarantees based upon already established trust relationships. These localised guarantees are then used to extend trust to a new relationship (which we call trust*) which can hold between principals which are unknown to and do not trust one another. Such chains of guarantees enable the risk involved to be shifted to another party (in a similar way to real world guarantees). If a guarantee is broken, some kind of `forfeit' is imposed, either to compensate the client or to deter the server from doing it habitually. Due to trust (and hence also forfeits) being localised, the specic micro-payment and trust management mechanisms that are used to implement the protocol can be heterogeneous. This paper describes the concept of trust* and some possible applications within a domain where the service being provided is also electronic.