Trust in computer systems and the cloud / Mike Bursell.

Format:

Book

Author/Creator:

Bursell, Mike, author.

Language:

English

Subjects (All):

Computer security.

Cloud computing--Security measures.

Cloud computing.

Physical Description:

1 online resource (355 pages)

Place of Publication:

Hoboken, New Jersey : Wiley, [2022]

Summary:

Learn to analyze and measure risk by exploring the nature of trust and its application to cybersecurity Trust in Computer Systems and the Cloud delivers an insightful and practical new take on what it means to trust in the context of computer and network security and the impact on the emerging field of Confidential Computing. Author Mike Bursell's experience, ranging from Chief Security Architect at Red Hat to CEO at a Confidential Computing start-up grounds the reader in fundamental concepts of trust and related ideas before discussing the more sophisticated applications of these concepts to various areas in computing. The book demonstrates in the importance of understanding and quantifying risk and draws on the social and computer sciences to explain hardware and software security, complex systems, and open source communities. It takes a detailed look at the impact of Confidential Computing on security, trust and risk and also describes the emerging concept of trust domains, which provide an alternative to standard layered security. Foundational definitions of trust from sociology and other social sciences, how they evolved, and what modern concepts of trust mean to computer professionals A comprehensive examination of the importance of systems, from open-source communities to HSMs, TPMs, and Confidential Computing with TEEs. A thorough exploration of trust domains, including explorations of communities of practice, the centralization of control and policies, and monitoring Perfect for security architects at the CISSP level or higher, Trust in Computer Systems and the Cloud is also an indispensable addition to the libraries of system architects, security system engineers, and master's students in software architecture and security.

Contents:

Cover

Title Page

Copyright Page

About the Author

About the Technical Editor

Acknowledgements

Contents at a Glance

Contents

Introduction

Chapter 1 Why Trust?

Analysing Our Trust Statements

What Is Trust?

What Is Agency?

Trust and Security

Trust as a Way for Humans to Manage Risk

Risk, Trust, and Computing

Defining Trust in Systems

Defining Correctness in System Behaviour

Chapter 2 Humans and Trust

The Role of Monitoring and Reporting in Creating Trust

Game Theory

The Prisoner's Dilemma

Reputation and Generalised Trust

Institutional Trust

Theories of Institutional Trust

Who Is Actually Being Trusted?

Trust Based on Authority

Trusting Individuals

Trusting Ourselves

Trusting Others

Trust, But Verify

Attacks from Within

The Dangers of Anthropomorphism

Identifying the Real Trustee

Chapter 3 Trust Operations and Alternatives

Trust Actors, Operations, and Components

Reputation, Transitive Trust, and Distributed Trust

Agency and Intentionality

Alternatives to Trust

Legal Contracts

Enforcement

Verification

Assurance and Accountability

Trust of Non-Human or Non-Adult Actors

Expressions of Trust

Relating Trust and Security

Misplaced Trust

Chapter 4 Defining Trust in Computing

A Survey of Trust Definitions in Computer Systems

Other Definitions of Trust within Computing

Applying Socio-Philosophical Definitions of Trust to Systems

Mathematics and Trust

Mathematics and Cryptography

Mathematics and Formal Verification

Chapter 5 The Importance of Systems

System Design

The Network Stack

Linux Layers

Virtualisation and Containers: Cloud Stacks

Other Axes of System Design

"Trusted" Systems

Trust Within the Network Stack

Trust in Linux Layers

Trust in Cloud Stacks.

Hardware Root of Trust

Cryptographic Hash Functions

Measured Boot and Trusted Boot

Certificate Authorities

Internet Certificate Authorities

Local Certificate Authorities

Root Certificates as Trust Pivots

The Temptations of "Zero Trust"

The Importance of Systems

Isolation

Contexts

Worked Example: Purchasing Whisky

Actors, Organisations, and Systems

Stepping Through the Transaction

Attacks and Vulnerabilities

Trust Relationships and Agency

Agency

Trust Relationships

The Importance of Being Explicit

Explicit Actions

Explicit Actors

Chapter 6 Blockchain and Trust

Bitcoin and Other Blockchains

Permissioned Blockchains

Trust without Blockchains

Blockchain Promoting Trust

Permissionless Blockchains and Cryptocurrencies

Chapter 7 The Importance of Time

Decay of Trust

Decay of Trust and Lifecycle

Software Lifecycle

Trust Anchors, Trust Pivots, and the Supply Chain

Types of Trust Anchors

Monitoring and Time

Attestation

The Problem of Measurement

The Problem of Run Time

Trusted Computing Base

Component Choice and Trust

Reputation Systems and Trust

Chapter 8 Systems and Trust

System Components

Explicit Behaviour

Defining Explicit Trust

Dangers of Automated Trust Relationships

Time and Systems

Defining System Boundaries

Trust and a Complex System

Isolation and Virtualisation

The Stack and Time

Beyond Virtual Machines

Hardware-Based Type 3 Isolation

Chapter 9 Open Source and Trust

Distributed Trust

How Open Source Relates to Trust

Community and Projects

Projects and the Personal

Open Source Process

Trusting the Project

Trusting the Software

Supply Chain and Products

Open Source and Security

Chapter 10 Trust, the Cloud, and the Edge

Deployment Model Differences.

What Host Systems Offer

What Tenants Need

Mutually Adversarial Computing

Mitigations and Their Efficacy

Commercial Mitigations

Architectural Mitigations

Technical Mitigations

Chapter 11 Hardware, Trust, and Confidential Computing

Properties of Hardware and Trust

Roots of Trust

Physical Compromise

Confidential Computing

TEE TCBs in detail

Trust Relationships and TEEs

How Execution Can Go Wrong-and Mitigations

Minimum Numbers of Trustees

Explicit Trust Models for TEE Deployments

Chapter 12 Trust Domains

The Composition of Trust Domains

Trust Domains in a Bank

Trust Domains in a Distributed Architecture

Trust Domain Primitives and Boundaries

Trust Domain Primitives

Trust Domains and Policy

Other Trust Domain Primitives

Boundaries

Centralisation of Control and Policies

Chapter 13 A World of Explicit Trust

Tools for Trust

The Role of the Architect

Architecting the System

The Architect and the Trustee

Coda

References

Index

EULA.

Notes:

Description based on print version record.

Includes bibliographical references and index.

ISBN:

9781119693017

1119693012

9781119695158

1119695155

9781119692317

1119692318

OCLC:

1285165163