At the sensori-motor level, trust in computer operations is, just as for humans, linked with the certainty of causality effects. If something happens somewhere in my computer or in the network, how certain am I that expected consequences will follow? As it happens, there are three mitigating factors to answering this question: quality, security and statistics. The first, quality measures the relationship between the original intent put forth in the implementation of the computer system versus the actual results obtained. The second, security measures the extent to which that implementation may have been compromised, thereby altering the causality chain. The third is related to the use of statistical evaluation in the determination of computers’ actions, for example in the domains of network responses and of cryptographic measures. Before we look specifically at actual computers, let us consider the way modern systems in general are evaluated regarding quality and security.

Social ecosystems encompass the characteristic of subjective evaluation, which by its very nature allows interim assessments of evolutionary changes to be incorrect relative to the ultimate judgment of natural selection. We refer to these as interim in that, in the final analysis, the objective rule of natural selection will prevail. That said, it is useful to consider one such subjective mechanism that has emerged as a significant factor in the provision of access to content, that of standards.

The provision of standards is an approach through which mutational changes are removed, or at least severely constrained within a social ecosystem. Standards primarily address an interface or a process within a specific ecosystem element and they are typically established in one of two distinct forms; through a standards document agreed to by a standards organization or through a specification, possibly accompanied by a conformance test, issued by an organization which seeks to impact the manner of implementation of a system; most typically, a consortium of some type. While there are many standards associated with quality and security, we will chose two to briefly review in order to illustrate their role in establishing trust based on the rituals they are associated with; rituals known as certification.

The most prevalent quality standard is the family of ISO 9000, developed by the International Standard Organization. The approach followed by ISO 9000 is to provide means to evaluate the maturity of organizations in following set processes in their implementation of product and services. For example, in building a computer a series of steps must be followed: purchasing parts, assembling them, testing them, packaging the product, advertising, selling and distributing the computer to the customer. Trust is needed in all elements of this chain. If non-functioning parts are purchased, badly assembled, insufficiently tested, weakly packaged, fraudulently advertised, sold on promises and distributed to the wrong place, the resulting computer will not be expected to satisfy expectations. Even if only one of the steps is compromised the result is problematic. ISO 9000 requires that all processes involved in the manufacturing of the product are documented, monitored, analyzed and continuously improved. Properly done, certification will allow associating a level of trust in the computer produced following such processes.

Similarly, a fundamental security standard is Common Criteria; also a standard stamped by the International Standard Organization. The idea of Common Criteria is easily illustrated in reference to a familiar security situation; for example, that of one’s home. When thinking of one’s home protection, it is immediately apparent that security levels are relative. We will not all live in a Fort Knox kind of house. Depending on our environment and needs, we will seek specific levels of protection. For example, in our neighborhood we may consider that making sure that our doors and windows are closed when we are absent will provide us with an acceptable level of security. Alternatively, our neighborhood environment may be such that we need to install an electronic

Book available at Midori Press (regular)
Book available at Midori Press (signed)
Book available at Amazon (regular)