{"title":"信任工程:拒绝最薄弱环节的暴政","authors":"Susan Alexander","doi":"10.1145/2420950.2420973","DOIUrl":null,"url":null,"abstract":"In 2002 [1], the National Security Agency's Information Assurance Research Group coined the term, trust engineering, to describe a methodology for making use of software of uncertain provenance in mission-critical systems. Today, the loss of control that made software so hard to trust then applies to the rest of the supply chain as well. The discipline we described in the internal paper, <u>Trust-engineering: An Assurance Strategy for Software-based Systems</u>, no longer seems heretical today, even at NSA. Ten years later, we revisit the principles of trust engineering, compare the mechanisms available to us today with the practices of the past, and explore the construction of systems that are stronger than their weakest link.","PeriodicalId":397003,"journal":{"name":"Asia-Pacific Computer Systems Architecture Conference","volume":"118 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Trust engineering: rejecting the tyranny of the weakest link\",\"authors\":\"Susan Alexander\",\"doi\":\"10.1145/2420950.2420973\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In 2002 [1], the National Security Agency's Information Assurance Research Group coined the term, trust engineering, to describe a methodology for making use of software of uncertain provenance in mission-critical systems. Today, the loss of control that made software so hard to trust then applies to the rest of the supply chain as well. The discipline we described in the internal paper, <u>Trust-engineering: An Assurance Strategy for Software-based Systems</u>, no longer seems heretical today, even at NSA. Ten years later, we revisit the principles of trust engineering, compare the mechanisms available to us today with the practices of the past, and explore the construction of systems that are stronger than their weakest link.\",\"PeriodicalId\":397003,\"journal\":{\"name\":\"Asia-Pacific Computer Systems Architecture Conference\",\"volume\":\"118 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-12-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Asia-Pacific Computer Systems Architecture Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2420950.2420973\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Asia-Pacific Computer Systems Architecture Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2420950.2420973","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Trust engineering: rejecting the tyranny of the weakest link
In 2002 [1], the National Security Agency's Information Assurance Research Group coined the term, trust engineering, to describe a methodology for making use of software of uncertain provenance in mission-critical systems. Today, the loss of control that made software so hard to trust then applies to the rest of the supply chain as well. The discipline we described in the internal paper, Trust-engineering: An Assurance Strategy for Software-based Systems, no longer seems heretical today, even at NSA. Ten years later, we revisit the principles of trust engineering, compare the mechanisms available to us today with the practices of the past, and explore the construction of systems that are stronger than their weakest link.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
