Trust in computer systems and the cloud

Trust in computer systems and the cloud

Learn to analyze and measure risk by exploring the nature of trust and its application to cybersecurity Trust in Computer Systems and the Cloud delivers an insightful and practical new take on what it means to trust in the context of computer and network security and the impact on the emerging field...

Descripción completa

Detalles Bibliográficos
Otros Autores: Bursell, Mike, author (author)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Hoboken, New Jersey : Wiley [2022]
Materias:
Computer security.
Cloud computing > Security measures.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009645693706719
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright Page
  • About the Author
  • About the Technical Editor
  • Acknowledgements
  • Contents at a Glance
  • Contents
  • Introduction
  • Chapter 1 Why Trust?
  • Analysing Our Trust Statements
  • What Is Trust?
  • What Is Agency?
  • Trust and Security
  • Trust as a Way for Humans to Manage Risk
  • Risk, Trust, and Computing
  • Defining Trust in Systems
  • Defining Correctness in System Behaviour
  • Chapter 2 Humans and Trust
  • The Role of Monitoring and Reporting in Creating Trust
  • Game Theory
  • The Prisoner's Dilemma
  • Reputation and Generalised Trust
  • Institutional Trust
  • Theories of Institutional Trust
  • Who Is Actually Being Trusted?
  • Trust Based on Authority
  • Trusting Individuals
  • Trusting Ourselves
  • Trusting Others
  • Trust, But Verify
  • Attacks from Within
  • The Dangers of Anthropomorphism
  • Identifying the Real Trustee
  • Chapter 3 Trust Operations and Alternatives
  • Trust Actors, Operations, and Components
  • Reputation, Transitive Trust, and Distributed Trust
  • Agency and Intentionality
  • Alternatives to Trust
  • Legal Contracts
  • Enforcement
  • Verification
  • Assurance and Accountability
  • Trust of Non-Human or Non-Adult Actors
  • Expressions of Trust
  • Relating Trust and Security
  • Misplaced Trust
  • Chapter 4 Defining Trust in Computing
  • A Survey of Trust Definitions in Computer Systems
  • Other Definitions of Trust within Computing
  • Applying Socio-Philosophical Definitions of Trust to Systems
  • Mathematics and Trust
  • Mathematics and Cryptography
  • Mathematics and Formal Verification
  • Chapter 5 The Importance of Systems
  • System Design
  • The Network Stack
  • Linux Layers
  • Virtualisation and Containers: Cloud Stacks
  • Other Axes of System Design
  • "Trusted" Systems
  • Trust Within the Network Stack
  • Trust in Linux Layers
  • Trust in Cloud Stacks.
  • Hardware Root of Trust
  • Cryptographic Hash Functions
  • Measured Boot and Trusted Boot
  • Certificate Authorities
  • Internet Certificate Authorities
  • Local Certificate Authorities
  • Root Certificates as Trust Pivots
  • The Temptations of "Zero Trust"
  • The Importance of Systems
  • Isolation
  • Contexts
  • Worked Example: Purchasing Whisky
  • Actors, Organisations, and Systems
  • Stepping Through the Transaction
  • Attacks and Vulnerabilities
  • Trust Relationships and Agency
  • Agency
  • Trust Relationships
  • The Importance of Being Explicit
  • Explicit Actions
  • Explicit Actors
  • Chapter 6 Blockchain and Trust
  • Bitcoin and Other Blockchains
  • Permissioned Blockchains
  • Trust without Blockchains
  • Blockchain Promoting Trust
  • Permissionless Blockchains and Cryptocurrencies
  • Chapter 7 The Importance of Time
  • Decay of Trust
  • Decay of Trust and Lifecycle
  • Software Lifecycle
  • Trust Anchors, Trust Pivots, and the Supply Chain
  • Types of Trust Anchors
  • Monitoring and Time
  • Attestation
  • The Problem of Measurement
  • The Problem of Run Time
  • Trusted Computing Base
  • Component Choice and Trust
  • Reputation Systems and Trust
  • Chapter 8 Systems and Trust
  • System Components
  • Explicit Behaviour
  • Defining Explicit Trust
  • Dangers of Automated Trust Relationships
  • Time and Systems
  • Defining System Boundaries
  • Trust and a Complex System
  • Isolation and Virtualisation
  • The Stack and Time
  • Beyond Virtual Machines
  • Hardware-Based Type 3 Isolation
  • Chapter 9 Open Source and Trust
  • Distributed Trust
  • How Open Source Relates to Trust
  • Community and Projects
  • Projects and the Personal
  • Open Source Process
  • Trusting the Project
  • Trusting the Software
  • Supply Chain and Products
  • Open Source and Security
  • Chapter 10 Trust, the Cloud, and the Edge
  • Deployment Model Differences.
  • What Host Systems Offer
  • What Tenants Need
  • Mutually Adversarial Computing
  • Mitigations and Their Efficacy
  • Commercial Mitigations
  • Architectural Mitigations
  • Technical Mitigations
  • Chapter 11 Hardware, Trust, and Confidential Computing
  • Properties of Hardware and Trust
  • Isolation
  • Roots of Trust
  • Physical Compromise
  • Confidential Computing
  • TEE TCBs in detail
  • Trust Relationships and TEEs
  • How Execution Can Go Wrong-and Mitigations
  • Minimum Numbers of Trustees
  • Explicit Trust Models for TEE Deployments
  • Chapter 12 Trust Domains
  • The Composition of Trust Domains
  • Trust Domains in a Bank
  • Trust Domains in a Distributed Architecture
  • Trust Domain Primitives and Boundaries
  • Trust Domain Primitives
  • Trust Domains and Policy
  • Other Trust Domain Primitives
  • Boundaries
  • Centralisation of Control and Policies
  • Chapter 13 A World of Explicit Trust
  • Tools for Trust
  • The Role of the Architect
  • Architecting the System
  • The Architect and the Trustee
  • Coda
  • References
  • Index
  • EULA.

Ejemplares similares