Chapter 7. Trusting Applications

Marc Andreessen, a notable Silicon Valley investor, famously declared that “software is eating the world.” In many ways, this statement has never been truer. It is the software running in your datacenter that makes all of the magic happen, and as such, it is no secret that we wish to trust its execution.

Code, running on a trusted device, will be faithfully executed. A trusted device is a prerequisite for trusting code, which we covered in Chapter 5. However, even with our execution environment secured, we still have more work to do to trust that the code that’s running on a device is trustworthy.

As such, trusting the device is just half of the story. One must also trust the code and the programmers who wrote it. With the goal being to ensure the integrity of a running application, we must find ways to extend this human trust from the code itself all the way to its actual execution.

Establishing trust in code requires that:

• The people producing the code are themselves trusted
• The code was faithfully processed to produce a trustworthy application
• Trusted applications are faithfully deployed to the infrastructure to be run
• Trusted applications are continually monitored for attempts to coerce the application with malicious actions

This chapter will discuss approaches to securing each of these steps, with a focus on the inheritance of trust from human to production application.