Trust in Computer Systems and the Cloud
Mike Bursell
- English
- ePUB (mobile friendly)
- Available on iOS & Android
Trust in Computer Systems and the Cloud
Mike Bursell
About This Book
Learn to analyze and measure risk by exploring the nature of trust and its application to cybersecurity Trust in Computer Systemsand the Cloud delivers an insightful and practical new take on what it means to trust in the context of computer and network security and the impact on the emerging field of Confidential Computing. Author MikeBursell'sexperience, ranging from Chief Security Architect at Red Hat to CEO at a Confidential Computing start-up grounds the reader in fundamental concepts of trust and related ideas before discussing the more sophisticated applications of these concepts to various areas in computing.
The bookdemonstratesin the importance of understanding and quantifying risk and draws on the social and computer sciences to explain hardware and software security, complex systems, and open source communities. It takes a detailed look at the impact of Confidential Computing on security, trust and risk and also describes the emerging concept of trust domains, which provide an alternative to standard layered security.
- Foundational definitions of trust from sociology and other social sciences, how they evolved, and what modern concepts of trust mean to computer professionals
- A comprehensive examination of the importance of systems, from open-source communities to HSMs, TPMs, and Confidential Computing with TEEs.
- A thorough exploration of trust domains, includingexplorationsof communities of practice, the centralization of control and policies, and monitoring
Perfect for security architects at the CISSP level or higher, Trust in Computer Systemsand the Cloud is also an indispensable addition to the libraries of system architects, security system engineers, and master's students in software architecture and security.
Frequently asked questions
Information
CHAPTER 1
Why Trust?
- My relationship to the other person
- Their relationship to me
- The different contexts of their expertise
- The impact that time can have on trust
- I trust my brother and my sister.
- I trust my bank.
- My bank trusts its IT systems.
- My bank's IT systems trust each other.
Analysing Our Trust Statements
- Case 1: My Trusting My Brother and Sister As we have already discussed, this statement is about trust between individual humansâspecifically, my trust relationship to my brother, and my trust relationship to my sister. There are two humans involved in each case (both me and whichever sibling we are considering), with all of the complexity that this entails. But we share a set of assumptions about how we react, and we each have tens of thousands of years of genetics plus societal and community expectations to work out how these relationships should work.
- Case 2: My Trusting My Bank Our second statement is about trust between an individual and an organisation: specifically, my trust relationship to a legal entity with particular services and structure. The basis of the expression of this relationship has changed over the years in many places: the relationship I would have had in the UK with my bank 50 years ago, say, would often have been modelled mainly on the relationship I had with one or more individuals employed by the bank, typically a manager or deputy manager of a particular branch. My trust relationship to the bank now is more likely to be swayed by my views on its perceived security practices and its exercising of fiscal and ethical responsibilities than my views of the manager of my local branchâif I have even met them. There is, however, still a human element associated with my relationship, at least in my experience: I know that I can walk into a branch, or make a call on the phone, and speak to a human.3
- Case 3: The Bank Trusting Its IT Systems Our third statement is about an organisation trusting its IT systems. When we follow our new resolution to rephrase this as âThe bank having a trust relationship to its IT systemsâ, it suddenly feels like we have mo...