Many computing resources take precautions when communicating with other computing resources. In the remainder of this background, the computing resource taking the precautions will be referred to as a “protected computing resource”, whereas the computing resource that is subject to trust evaluations will be referred to as the “suspect computing resource”. Accordingly, the protected computing resource will take precautions when communicating with a suspect computing resource.
One conventional mechanism for exercising such precautions is to maintain a list of trusted or untrusted computing resources. If a suspect computing resource is on the trusted list (or is not on the untrusted list), the protected computing resource is granted access to the suspect computing resource. Otherwise, access is not granted. There are a variety of mechanisms for determining which computing resources go on the list. For instance, the computing resource may evaluate malware signatures that are sent by the suspect computing resource. Some protected computing resources evaluate probabilistically the chance that a suspect computing environment will be harmful. Regardless of how the suspect computing resource is evaluated, if the suspect computing resource is determined to be harmful, the protected computing resource is “fenced off” from visiting the suspect computing resources.
The conventional approach, however, has some important limitations. The approach is mostly binary. For instance, either a program matches a malware signature, or it does not. Also, these approaches depend on the ability to peer into the suspect computing resource. For instance, the protected computing resource may not be able to accurately assess the safety of a suspect computing resource, where the state of the suspect computing resource's firewall, the currency of its signatures, and other status is unknown. Finally, the ability to assess safety is limited by the amount of direct evidence the protected computing resource can obtain about the suspect computing resource.