ICT2008: Trust dynamics on the PICOS sessions

The PICOS networking session on ICT2008 turned into a lengthy discussion of trust. However, from the spectator's view, discussion of trust has not advaced much lately. Audience and panel did not make a distinction between trust in systems (which the PICOS privacy designers argued for) and trust among members of a community (which the audience seemed to have in mind). With this confusion in place, the discussion spun around various of the usual suspect topics. However, towards the end of the discussion, it became rather evident that "trust dynamics" seem to be a by far too much neglected topic. Changing trust in systems as well as in personal relationships is having a large impact on the trust model and the relationships.
The "end of trust" - the exclusion of a part-system or user in both models - has a major impact on the model and the security and trust properties.

Somehow this reminded me of the Bell LaPadua access control model and its difficulties in dealing with revocation of delegated rights. Or PKI based certificate revocation through long certification chains.

History repeats itself, evidently.