Trust in IT security is generally defined as the confidence that can be placed in systems, personnel, or information. Specific areas of security define trust technically and operationally.
In 1983, the United States Department of Defense published the Orange Book, Trusted Computer System Evaluation Criteria (TCSEC) [1]. These criteria involved the assessment of Mandatory Access Control (MAC) implementation within computing systems.
More generally, information theory holds that 1) trust is required for any communication channel to function and 2) trust cannot be established through the channel itself [2].
With respect to distributed information systems, there are two high level approaches to the establishment and maintenance of trust. One is hierarchical. The other is peer-to-peer. In hierarchical trust systems, a central authority defines the scope of trust and delegates this trust to other systems. Ultimately, all proof of trustworthiness must refer back to the defining authority. In peer-to-peer trust systems, also known as web of trust, trust is extended from one end point to another. As the trusted circle of each end point grows, eventually such circles overlap and interconnect, creating the web of trust.
Public Key Infrastructure (PKI), relying on Certificate Authorities (CA), is an example of the hierarchical approach. Pretty Good Privacy (PGP) is an example of the web of trust approach.
In Windows Active Directory, trust is a technical term for relationships established between domains [3]. Against the background of broader definitions of trust and trusted system, AD trusts are of the hierarchical type, because ultimately the forest administrator controls whether such trusts are to be established. By the administrator's action, peer-to-peer style domain trusts (called transitive trusts) can be established. However, nothing like the spontaneous, ad hoc, web-of-trust model occurs in Active Directory, which ultimately exists for purposes of centralized control of networked resources by the product's licensee. For more detail on trusts in AD, see: trust types.
References: