Abstract
The computer security community has traditionally regarded security as a “hard” property that can be modelled and formally proven under certain simplifying assumptions. Traditional security technologies assume that computer users are either malicious, e.g. hackers or spies, or benevolent, competent and well informed about the security policies. Over the past two decades, however, computing has proliferated into all aspects of modern society and the spread of malicious software (malware) like worms, viruses and botnets have become an increasing threat. This development indicates a failure in some of the fundamental assumptions that underpin existing computer security technologies and that a new view of computer security is long overdue.
In this paper, we examine traditionalmodels, policies and mechanisms of computer security in order to identify areas where the fundamental assumptions may fail. In particular, we identify areas where the “hard” security properties are based on trust in the different agents in the system and certain external agents who enforce the legislative and contractual frameworks.
Trust is generally considered a “soft” security property, so building a “hard” security mechanism on trust will at most give a spongy result, unless the underlying trust assumptions are made first class citizens of the security model. In most of the work in computer security, trust assumptions are implicit and they will surely fail when the environment of the systems change, e.g. when systems are used on a global scale on the Internet. We argue that making such assumptions about trust explicit is an essential requirement for the future of system security and argue why the formalisation of computational trust is necessary when we wish to reason about system security.
In this paper, we examine traditionalmodels, policies and mechanisms of computer security in order to identify areas where the fundamental assumptions may fail. In particular, we identify areas where the “hard” security properties are based on trust in the different agents in the system and certain external agents who enforce the legislative and contractual frameworks.
Trust is generally considered a “soft” security property, so building a “hard” security mechanism on trust will at most give a spongy result, unless the underlying trust assumptions are made first class citizens of the security model. In most of the work in computer security, trust assumptions are implicit and they will surely fail when the environment of the systems change, e.g. when systems are used on a global scale on the Internet. We argue that making such assumptions about trust explicit is an essential requirement for the future of system security and argue why the formalisation of computational trust is necessary when we wish to reason about system security.
Original language | English |
---|---|
Title of host publication | Proceedings of the 8th IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2014) |
Editors | Jianying Zhou, Nurit Gal-Oz, Jie Zhang, Ehud Gudes |
Publisher | Springer |
Publication date | 2014 |
Pages | 1-12 |
ISBN (Print) | 978-3-662-43812-1 |
ISBN (Electronic) | 978-3-662-43813-8 |
DOIs | |
Publication status | Published - 2014 |
Event | 8th IFIP WG 11.11 International Conference on Trust Management - Singapore, Singapore Duration: 7 Jul 2014 → 10 Jul 2014 Conference number: 8 |
Conference
Conference | 8th IFIP WG 11.11 International Conference on Trust Management |
---|---|
Number | 8 |
Country/Territory | Singapore |
City | Singapore |
Period | 07/07/2014 → 10/07/2014 |
Series | IFIP AICT - Advances in Information and Communication technology |
---|---|
Volume | 430 |
ISSN | 1868-4238 |
Keywords
- Computer crime
- Computer worms
- Malware
- Mobile security
- Network security
- Personal computing
- Security systems
- Computational trust
- Computer security technology
- Malicious software
- Security community
- Security mechanism
- Security properties
- Security technology
- Simplifying assumptions
- Security of data