[ExI] Verification

[Anders Sandberg]

On 2013-08-09 02:01, David Lubkin wrote:
> S offers a business service. A signs up for the service in his 
> capacity as
> an elected or appointed officer of business or non-profit B. At a 
> later date,
> C contacts S and claims that A is no longer in that capacity, and that C
> or D is now B's agent. Either A cannot be reached or he denies that he 
> has
> been replaced.

There is likely a literature on this in computer security. I would start 
by looking through what Bruce Schneier writes in his recent book on 
trust, because this is essentially a trust management issue.

I think there is no general solution if dealing with the domain of 
people and human institutions; the best you can do is to define an 
explicit procedure your company use to determine who gets what (and then 
you better put some of your most devious friends to game it, to figure 
out how it can be hacked). Often the solution is to use trusted third 
parties (banks, government, etc) that makes it costly for A or C to fake 
things. As long as the cost or hassle is big enough, there will be 
little abuse.

In formal systems like computers you can of course have cryptographic 
protocols and procedures. Ownership of a resource might be determined by 
presenting a token that contains its own ownership transfer information: 
"This shows that X now owns the resource [signed C]. The previous 
contents were: "This shows that C now owns the resource [signed A]. The 
previous contents were: "This shows A owns the resource [signed 
S][Signed A]"[signed A]"[signed C] [signed X]" or something like that.


-- 
Dr Anders Sandberg
Future of Humanity Institute
Oxford Martin School
Oxford University