John Wiley & Sons Trust in Computer Systems and the Cloud Cover Learn to analyze and measure risk by exploring the nature of trust and its application to cybersecur.. Product #: 978-1-119-69232-4 Regular price: $42.90 $42.90 Auf Lager

Trust in Computer Systems and the Cloud

Bursell, Mike


1. Auflage Dezember 2021
352 Seiten, Hardcover
Wiley & Sons Ltd

ISBN: 978-1-119-69232-4
John Wiley & Sons

Jetzt kaufen

Preis: 45,90 €

Preis inkl. MwSt, zzgl. Versand

Weitere Versionen


Learn to analyze and measure risk by exploring the nature of trust and its application to cybersecurity

Trust in Computer Systems and the Cloud delivers an insightful and practical new take on what it means to trust in the context of computer and network security and the impact on the emerging field of Confidential Computing. Author Mike Bursell's experience, ranging from Chief Security Architect at Red Hat to CEO at a Confidential Computing start-up grounds the reader in fundamental concepts of trust and related ideas before discussing the more sophisticated applications of these concepts to various areas in computing.

The book demonstrates in the importance of understanding and quantifying risk and draws on the social and computer sciences to explain hardware and software security, complex systems, and open source communities. It takes a detailed look at the impact of Confidential Computing on security, trust and risk and also describes the emerging concept of trust domains, which provide an alternative to standard layered security.
* Foundational definitions of trust from sociology and other social sciences, how they evolved, and what modern concepts of trust mean to computer professionals
* A comprehensive examination of the importance of systems, from open-source communities to HSMs, TPMs, and Confidential Computing with TEEs.
* A thorough exploration of trust domains, including explorations of communities of practice, the centralization of control and policies, and monitoring

Perfect for security architects at the CISSP level or higher, Trust in Computer Systems and the Cloud is also an indispensable addition to the libraries of system architects, security system engineers, and master's students in software architecture and security.

Introduction xv

Chapter 1 Why Trust? 1

Analysing Our Trust Statements 4

What Is Trust? 5

What Is Agency? 8

Trust and Security 10

Trust as a Way for Humans to Manage Risk 13

Risk, Trust, and Computing 15

Defining Trust in Systems 15

Defining Correctness in System Behaviour 17

Chapter 2 Humans and Trust 19

The Role of Monitoring and Reporting in Creating Trust 21

Game Theory 24

The Prisoner's Dilemma 24

Reputation and Generalised Trust 27

Institutional Trust 28

Theories of Institutional Trust 29

Who Is Actually Being Trusted? 31

Trust Based on Authority 33

Trusting Individuals 37

Trusting Ourselves 37

Trusting Others 41

Trust, But Verify 43

Attacks from Within 43

The Dangers of Anthropomorphism 45

Identifying the Real Trustee 47

Chapter 3 Trust Operations and Alternatives 53

Trust Actors, Operations, and Components 53

Reputation, Transitive Trust, and Distributed Trust 59

Agency and Intentionality 62

Alternatives to Trust 65

Legal Contracts 65

Enforcement 66

Verification 67

Assurance and Accountability 67

Trust of Non-Human or Non-Adult Actors 68

Expressions of Trust 69

Relating Trust and Security 75

Misplaced Trust 75

Chapter 4 Defining Trust in Computing 79

A Survey of Trust Definitions in Computer Systems 79

Other Definitions of Trust within Computing 84

Applying Socio-Philosophical Definitions of Trust to Systems 86

Mathematics and Trust 87

Mathematics and Cryptography 87

Mathematics and Formal Verification 89

Chapter 5 The Importance of Systems 93

System Design 93

The Network Stack 94

Linux Layers 96

Virtualisation and Containers: Cloud Stacks 97

Other Axes of System Design 99

"Trusted" Systems 99

Trust Within the Network Stack 101

Trust in Linux Layers 102

Trust in Cloud Stacks 103

Hardware Root of Trust 106

Cryptographic Hash Functions 110

Measured Boot and Trusted Boot 112

Certificate Authorities 114

Internet Certificate Authorities 115

Local Certificate Authorities 116

Root Certificates as Trust Pivots 119

The Temptations of "Zero Trust" 122

The Importance of Systems 125

Isolation 125

Contexts 127

Worked Example: Purchasing Whisky 128

Actors, Organisations, and Systems 129

Stepping Through the Transaction 130

Attacks and Vulnerabilities 134

Trust Relationships and Agency 136

Agency 136

Trust Relationships 137

The Importance of Being Explicit 145

Explicit Actions 145

Explicit Actors 149

Chapter 6 Blockchain and Trust 151

Bitcoin and Other Blockchains 151

Permissioned Blockchains 152

Trust without Blockchains 153

Blockchain Promoting Trust 154

Permissionless Blockchains and Cryptocurrencies 156

Chapter 7 The Importance of Time 161

Decay of Trust 161

Decay of Trust and Lifecycle 163

Software Lifecycle 168

Trust Anchors, Trust Pivots, and the Supply Chain 169

Types of Trust Anchors 170

Monitoring and Time 171

Attestation 173

The Problem of Measurement 174

The Problem of Run Time 176

Trusted Computing Base 177

Component Choice and Trust 178

Reputation Systems and Trust 181

Chapter 8 Systems and Trust 185

System Components 185

Explicit Behaviour 188

Defining Explicit Trust 189

Dangers of Automated Trust Relationships 192

Time and Systems 194

Defining System Boundaries 198

Trust and a Complex System 199

Isolation and Virtualisation 202

The Stack and Time 205

Beyond Virtual Machines 205


Type 3 Isolation 207

Chapter 9 Open Source and Trust 211

Distributed Trust 211

How Open Source Relates to Trust 214

Community and Projects 215

Projects and the Personal 217

Open Source Process 219

Trusting the Project 220

Trusting the Software 222

Contents xiii

xiv Contents

Supply Chain and Products 226

Open Source and Security 229

Chapter 10 Trust, the Cloud, and the Edge 233

Deployment Model Differences 235

What Host Systems Offer 237

What Tenants Need 237

Mutually Adversarial Computing 240

Mitigations and Their Efficacy 243

Commercial Mitigations 243

Architectural Mitigations 244

Technical Mitigations 246

Chapter 11 Hardware, Trust, and Confidential Computing 247

Properties of Hardware and Trust 248

Isolation 248

Roots of Trust 249

Physical Compromise 253

Confidential Computing 256

TEE TCBs in detail 261

Trust Relationships and TEEs 266

How Execution Can Go Wrong--and Mitigations 269

Minimum Numbers of Trustees 276

Explicit Trust Models for TEE Deployments 278

Chapter 12 Trust Domains 281

The Composition of Trust Domains 284

Trust Domains in a Bank 284

Trust Domains in a Distributed Architecture 288

Trust Domain Primitives and Boundaries 292

Trust Domain Primitives 292

Trust Domains and Policy 293

Other Trust Domain Primitives 296

Boundaries 297

Centralisation of Control and Policies 298

Chapter 13 A World of Explicit Trust 301

Tools for Trust 301

The Role of the Architect 303

Architecting the System 304

The Architect and the Trustee 305

Coda 307

References 309

Index 321
"The problem is that when you use the word trust, people think they know what you mean. It turns out that they almost never do. With this singular statement, Bursell has defined both the premise and the value he expounds in this insightful treatise spanning the fundamentals and complexities of digital trust. Operationalizing trust is foundational to effective human and machine digital relationships, with Bursell leading the reader on a purposeful journey expressing and consuming elements of digital trust across current and future-relevant data lifecycles."
--Kurt Roemer, Chief Security Strategist and Office of the CTO, Citrix

"Trust is a matter of context. Specifically, "context" is one of the words most repeated in this book, and I must say that its use is justified in all cases. Not only is the meaning of trust is analysed in all possible contexts, including some essential philosophical and psychological foundations, but the concept is also applied to all possible ICT contexts, from basic processor instructions to cloud and edge infrastructures, and different trust frameworks are explored, from hierarchical (CAs) to distributed (DLTs) approaches. A must-read book to understand how one of the bases of human civilization can and must be applied in the digital world."
--Dr. Diego R. Lopez, Head of Technology Exploration, Telefonica and Chair of ETSI blockchain initiative

"Trust is a complex and important concept in network security. Bursell neatly unpacks it in this detailed and readable book."
--Bruce Schneier, author of Liars and Outliers: Enabling the Trust Society Needs to Thrive

"As we have moved to the digital society, appreciating what and what not to trust is paramount if you use computer systems and/or the Cloud. You will be well prepared when you have read this book."
--Professor Peter Landrock, D.Sc. (hon), Founder of Cryptomathic

"This book needs to be on every technologist's and engineer's bookshelf. Combining storytelling and technology, Bursell has shared with all of us the knowledge we need to build trust and security in a cloud computing environment."
--Steve Kolombaris, CISO & Cyber Security Leader with 20+ years' experience, formerly Apple, JPMorgan Chase, Bank of America
MIKE BURSELL is CEO and co-founder of Profian, a Confidential Computing company. He holds multiple security patents, is a sought-after speaker at global technology conferences, and has contributed to major reports and security specifications for the European Telecommunications Standards Institute.

M. Bursell, Profian