The distribution of trust among several entities is a fundamental principle in the design of democratic societies. This principle has been equally applied to realize computer systems that do not concentrate the trust for the secure execution of the system in a single entity. In this proposal, we strive to study the security of such computer systems while considering their protocol-level trust distribution. We observe that many real-world systems are heterogeneous in nature in that they combine different trust-distributing subprotocols (such as consensus protocols, multi-party computation, or threshold cryptography) to distribute trust for achieving complex functionality and security goals. However, the formal notions used to characterize the trust-distribution guarantees provided by the individual subprotocols are not necessarily comparable. Hence, it is unclear how they can be leveraged to adequately describe the trust distribution of a heterogeneous system as a whole where several of those subprotocols interact. Similarly, while the security of trust-distributing subprotocols has been extensively studied, the verification techniques that showed effectiveness in the context of subprotocols do not scale to heterogeneous systems. Thus, it is unclear how to determine the security and trust distribution of heterogeneous systems effectively. To fill this gap, this proposal aims to develop techniques and tools for assuring the security of a heterogeneous system under a unified notion of trust distribution that accounts for the diverse trust-distribution guarantees of its subprotocols. We plan to achieve this goal by following three research lines. First, we aim to develop the foundations of trust distribution by devising concise formal notions that can capture the qualitative and quantitative aspects of trust distribution in heterogeneous systems. The goal is to arrive at a general characterization of trust distribution, which comprises existing formalisms used for describing trust-distribution guarantees in the context of trust-distributing subprotocols. Second, we strive to integrate the newly developed characterization of trust distribution with the verification of heterogeneous systems. The objective is to arrive at scalable techniques for verifying the precise trust distribution under which a heterogeneous system provides a system-specific security guarantee. Here, we aim to put a special emphasis on verification techniques that cater to the specifics of real-world heterogeneous systems, in particular, verification techniques for game-theoretic security guarantees, which play a prominent role in this context. Third, we plan to devise frameworks for developing heterogeneous systems that provide security and trust distribution by design. In this context, we want to focus both on techniques that assist developers in constructing these systems and on approaches toward automatic synthesis from high-level specifications.

DFG Programme Emmy Noether Independent Junior Research Groups