Page 251 - Trust in ICT 2017
P. 251

Trust in ICT                                                5


              Risks  at  the  physical  world:  Devices  and  sensors  have  been  more  and  more  integrated  to  ICT
                infrastructures which are sometimes unrecognized by humans. The physical components are usually
                resource-constrained, computation-limited, and resulting in poor security mechanisms implemented.
                Thus, they are vulnerable to both external and internal attacks.

              Risks  at  the  cyber  world:  The  number  of  vulnerabilities,  threats,  and  cyber-attacks  is  increased  in
                cyberspace. Cyber security and privacy mechanisms should protect both networks and services from
                unauthorized  access.  However,  the  large-scale  data  collection  and  data  analytics  can  pose  critical
                privacy, security, and trust issues. The risks of unanticipated uses of consumer data (such as human life
                and business behaviours) may be outstanding.
              Risks at the social world: Social networking services have given rise to numerous online communities
                and people use them as a communication medium. Also, social networking services try to connect as
                many people as possible. Since many people share their private activities on the social networks, their
                private information is propagated to others outside community. On the other hand, artificial intelligence
                or social internet of things, which try to mimic human, also have unexpected risks.
              Risks from the integration of the physical, cyber, and social worlds: In ICT infrastructures and services,
                entities in the physical, cyber, and social worlds are integrated. Cyber-physical system (CPS) cannot be
                fully operable if a physical world and a cyber world have some mismatch. If the malfunction of a physical
                system does not notify at the responsible entities in the cyber world, there are some risks to prevent
                safety in the physical world. Moreover, without recognizing a set of rules and external conditions of CPS,
                both humans and devices may understand or perceive CPS operations incorrectly, which may result on
                risks or failures of the integrated environment. Unintentional or intentional errors as well as mismatch
                of the integrated environment may be a primary cause or a contributing factor in risks and accidents.

              Risks at data, information, knowledge, and wisdom process: ICT infrastructures and services provide
                                                                1
                data,  information,  knowledge,  and  wisdom  (DIKW)  process.  As  numerous  data  is  generated,  the
                number of erroneous data is also increasing. Malfunction of DIKW process, which may be caused by
                malicious inputs, misbehaviour of process itself, or unintended/intended manipulation, etc., creates
                false or biased results. There are also unidentified risks about entities, which produce and utilize DIKW.

            NOTE – Detailed potential risks are explained in Appendix I.
            ICT has an important role for the increasing interconnectivity in physical, cyber, and social worlds. However,
            the lack of trust have been invoked various problems as aforementioned. The large-scale data acquisition
            from sensors and devices in the physical world impose many issues, ranging from risks of unanticipated uses
            of consumer data offered by stakeholders to undesirable discrimination enabled by data analytics. If all the
            entities in ICT infrastructures and services are exploited for malicious intentions, it irreparable damage and
            uncertain dangers may be happened. Therefore, it is important to build the trusted ICT infrastructure to
            minimize the unexpected risks and maximize the survivability of physical, cyber, and social worlds.

            The concept of trust infers belief and confidence, which the functional entities in ICT infrastructures and
            services will behave in expected ways. As ICT-based applications and services will scale over other industrial
            domains and involves multiple stakeholders, trust evaluation for corresponding value chains of business, as
            well as for system and component levels in a holistic manner may enable the users to have confidence on
            their services and applications. Consequently, the trust provisioning is one of the most important functional
            capabilities in the ICT infrastructures and services.










            1  DIKW (Data, Information, Knowledge and Wisdom) [b-Rowley]: This refers loosely to a class of models for representing purported
            structural and/or functional relationships between data, information, knowledge, and wisdom. “Typically information is defined in
            terms of data, knowledge in terms of information, and wisdom in terms of knowledge.”

                                                                                                         243
   246   247   248   249   250   251   252   253   254   255   256