Learn to analyze and measure risk by exploring the nature of trust and its application to cybersecurity

Trust in Computer Systems and the Cloud delivers an insightful and practical new take on what it means to trust in the context of computer and network security and the impact on the emerging field of Confidential Computing. Author Mike Bursell's experience, ranging from Chief Security Architect at Red Hat to CEO at a Confidential Computing start-up grounds the reader in fundamental concepts of trust and related ideas before discussing the more sophisticated applications of these concepts to various areas in computing.

The book demonstrates in the importance of understanding and quantifying risk and draws on the social and computer sciences to explain hardware and software security, complex systems, and open source communities. It takes a detailed look at the impact of Confidential Computing on security, trust and risk and also describes the emerging concept of trust domains, which provide an alternative to standard layered security.

* Foundational definitions of trust from sociology and other social sciences, how they evolved, and what modern concepts of trust mean to computer professionals

* A comprehensive examination of the importance of systems, from open-source communities to HSMs, TPMs, and Confidential Computing with TEEs.

* A thorough exploration of trust domains, including explorations of communities of practice, the centralization of control and policies, and monitoring

Perfect for security architects at the CISSP level or higher, Trust in Computer Systems and the Cloud is also an indispensable addition to the libraries of system architects, security system engineers, and master's students in software architecture and security.

MIKE BURSELL is CEO and co-founder of Profian, a Confidential Computing company. He holds multiple security patents, is a sought-after speaker at global technology conferences, and has contributed to major reports and security specifications for the European Telecommunications Standards Institute.

A must-read book to understand how one of the bases of human civilization can and must be applied in the digital world.

Dr. Diego R. Lopez, Head of Technology Exploration, Telefonica and Chair of ETSI blockchain initiative

As we have moved to the digital society, appreciating what and what not to trust is paramount if you use computer systems and/or the Cloud. You will be well prepared when you have read this book.

Professor Peter Landrock, D.Sc. (hon), Founder of Cryptomathic

A groundbreaking exploration of trust, risk, and security

Trust is a central concept in computer software and hardware, but it remains poorly defined and even less understood. Many information technology professionals operate without an overarching, theory-based understanding of what trust is, how it is built, or how it is shared between computer systems and users.

In Trust in Computer Systems and the Cloud, renowned security expert Mike Bursell delivers an insightful and compelling treatment of how trust can be discussed, defined, and managed in many areas of computing. By anchoring his sophisticated, but approachable, exploration of the topic in the concept of understanding and quantifying risk, the author walks readers through the basic ideas of trust and the applications of trust to complex systems, open-source communities, and trust domains.

The book draws on recent scholarship in the social and computer sciences to explain contemporary trends in hardware and software security while maintaining a tight focus on pragmatic applications in computing. It serves as a practical starting point for decisions and discussions about trust, security, and risk. This approach establishes the core trust principles underlying Confidential Computing and introduces cross-disciplinary frameworks on which readers can build powerful new computing and cloud applications.

Inhalt

Introduction xv

Chapter 1 Why Trust? 1

Analysing Our Trust Statements 4

What Is Trust? 5

What Is Agency? 8

Trust and Security 10

Trust as a Way for Humans to Manage Risk 13

Risk, Trust, and Computing 15

Defining Trust in Systems 15

Defining Correctness in System Behaviour 17

Chapter 2 Humans and Trust 19

The Role of Monitoring and Reporting in Creating Trust 21

Game Theory 24

The Prisoner's Dilemma 24

Reputation and Generalised Trust 27

Institutional Trust 28

Theories of Institutional Trust 29

Who Is Actually Being Trusted? 31

Trust Based on Authority 33

Trusting Individuals 37

Trusting Ourselves 37

Trusting Others 41

Trust, But Verify 43

Attacks from Within 43

The Dangers of Anthropomorphism 45

Identifying the Real Trustee 47

Chapter 3 Trust Operations and Alternatives 53

Trust Actors, Operations, and Components 53

Reputation, Transitive Trust, and Distributed Trust 59

Agency and Intentionality 62

Alternatives to Trust 65

Legal Contracts 65

Enforcement 66

Verification 67

Assurance and Accountability 67

Trust of Non-Human or Non-Adult Actors 68

Expressions of Trust 69

Relating Trust and Security 75

Misplaced Trust 75

Chapter 4 Defining Trust in Computing 79

A Survey of Trust Definitions in Computer Systems 79

Other Definitions of Trust within Computing 84

Applying Socio-Philosophical Definitions of Trust to Systems 86

Mathematics and Trust 87

Mathematics and Cryptography 87

Mathematics and Formal Verification 89

Chapter 5 The Importance of Systems 93

System Design 93

The Network Stack 94

Linux Layers 96

Virtualisation and Containers: Cloud Stacks 97

Other Axes of System Design 99

Trusted Systems 99

Trust Within the Network Stack 101

Trust in Linux Layers 102

Trust in Cloud Stacks 103

Hardware Root of Trust 106

Cryptographic Hash Functions 110

Measured Boot and Trusted Boot 112

Certificate Authorities 114

Internet Certificate Authorities 115

Local Certificate Authorities 116

Root Certificates as Trust Pivots 119

The Temptations of Zero Trust 122

The Importance of Systems 125

Isolation 125

Contexts 127

Worked Example: Purchasing Whisky 128

Actors, Organisations, and Systems 129

Stepping Through the Transaction 130

Attacks and Vulnerabilities 134

Trust Relationships and Agency 136

Agency 136

Trust Relationships 137

The Importance of Being Explicit 145

Explicit Actions 145

Explicit Actors 149

Chapter 6 Blockchain and Trust 151

Bitcoin and Other Blockchains 151

Permissioned Blockchains 152

Trust without Blockchains 153

Blockchain Promoting Trust 154

Permissionless Blockchains and Cryptocurrencies 156

Chapter 7 The Importance of Time 161

Decay of Trust 161

Decay of Trust and Lifecycle 163

Software Lifecycle 168

Trust Anchors, Trust Pivots, and the Supply Chain 169

Types of Trust Anchors 170

Monitoring and Time 171

Attestation 173

The Problem of Measurement 174

The Problem of Run Time 176

Trusted Computing Base 177

Component Choice and Trust 178

Reputation Systems and Trust 181

Chapter 8 Systems and Trust 185

System Components 185