Trust in Computer Systems and the Cloud

Trust in Computer Systems and the Cloud

by Mike Bursell
Released December 2021
Publisher(s): Wiley
ISBN: 9781119692324

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Learn to analyze and measure risk by exploring the nature of trust and its application to cybersecurity 

Trust in Computer Systems and the Cloud delivers an insightful and practical new take on what it means to trust in the context of computer and network security and the impact on the emerging field of Confidential Computing. Author Mike Bursell’s experience, ranging from Chief Security Architect at Red Hat to CEO at a Confidential Computing start-up grounds the reader in fundamental concepts of trust and related ideas before discussing the more sophisticated applications of these concepts to various areas in computing. 

The book demonstrates in the importance of understanding and quantifying risk and draws on the social and computer sciences to explain hardware and software security, complex systems, and open source communities. It takes a detailed look at the impact of Confidential Computing on security, trust and risk and also describes the emerging concept of trust domains, which provide an alternative to standard layered security. 

  • Foundational definitions of trust from sociology and other social sciences, how they evolved, and what modern concepts of trust mean to computer professionals 
  • A comprehensive examination of the importance of systems, from open-source communities to HSMs, TPMs, and Confidential Computing with TEEs. 
  • A thorough exploration of trust domains, including explorations of communities of practice, the centralization of control and policies, and monitoring 

Perfect for security architects at the CISSP level or higher, Trust in Computer Systems and the Cloud is also an indispensable addition to the libraries of system architects, security system engineers, and master’s students in software architecture and security. 

Table of contents

  1. Cover
  2. Praise for Trust in Computer Systems and the Cloud
  3. Title Page
  4. Introduction
    1. Notes
  5. CHAPTER 1: Why Trust?
    1. Analysing Our Trust Statements
    2. What Is Trust?
    3. What Is Agency?
    4. Trust and Security
    5. Trust as a Way for Humans to Manage Risk
    6. Risk, Trust, and Computing
    7. Notes
  6. CHAPTER 2: Humans and Trust
    1. The Role of Monitoring and Reporting in Creating Trust
    2. Game Theory
    3. Institutional Trust
    4. Trust Based on Authority
    5. Trusting Individuals
    6. The Dangers of Anthropomorphism
    7. Identifying the Real Trustee
    8. Notes
  7. CHAPTER 3: Trust Operations and Alternatives
    1. Trust Actors, Operations, and Components
    2. Assurance and Accountability
    3. Notes
  8. CHAPTER 4: Defining Trust in Computing
    1. A Survey of Trust Definitions in Computer Systems
    2. Applying Socio-Philosophical Definitions of Trust to Systems
    3. Notes
  9. CHAPTER 5: The Importance of Systems
    1. System Design
    2. “Trusted” Systems
    3. Hardware Root of Trust
    4. The Importance of Systems
    5. Worked Example: Purchasing Whisky
    6. The Importance of Being Explicit
    7. Notes
  10. CHAPTER 6: Blockchain and Trust
    1. Bitcoin and Other Blockchains
    2. Permissioned Blockchains
    3. Permissionless Blockchains and Cryptocurrencies
    4. Notes
  11. CHAPTER 7: The Importance of Time
    1. Decay of Trust
    2. Trusted Computing Base
    3. Notes
  12. CHAPTER 8: Systems and Trust
    1. System Components
    2. Explicit Behaviour
    3. Time and Systems
    4. Defining System Boundaries
    5. Notes
  13. CHAPTER 9: Open Source and Trust
    1. Distributed Trust
    2. How Open Source Relates to Trust
    3. Notes
  14. CHAPTER 10: Trust, the Cloud, and the Edge
    1. Deployment Model Differences
    2. Mutually Adversarial Computing
    3. Mitigations and Their Efficacy
    4. Notes
  15. CHAPTER 11: Hardware, Trust, and Confidential Computing
    1. Properties of Hardware and Trust
    2. Physical Compromise
    3. Confidential Computing
    4. Notes
  16. CHAPTER 12: Trust Domains
    1. The Composition of Trust Domains
    2. Trust Domain Primitives and Boundaries
    3. Notes
  17. CHAPTER 13: A World of Explicit Trust
    1. Tools for Trust
    2. The Role of the Architect
    3. Coda
    4. Note
  18. References
  19. Index
  20. Copyright
  21. Dedication
  22. About the Author
  23. About the Technical Editor
  24. Acknowledgements
  25. End User License Agreement

Product information

  • Title: Trust in Computer Systems and the Cloud
  • Author(s): Mike Bursell
  • Release date: December 2021
  • Publisher(s): Wiley
  • ISBN: 9781119692324