Be the first to like this
On an abstract level the notion of 'trust' is pretty clear e.g.: "The extent to which someone who relies on a system can have confidence that the system meets its specifications" (RFC 2828). Obviously, trustworthiness is a property that we'd expect from IT-systems we depend on.
As a matter of fact, IT-systems are designed to be capable to create and process arbitrary patterns of binary information. This fundamental property does include the ability to manipulate data objects, return improper function call results, and exchange faked data packets or messages.
Thus, how to establish confidence in services provided by operating systems as well as local or remote computing resources? How to trust received IP packets, E-Mail messages, or HTTP responses? In essence: how to bootstrap the property of trust in systems that rely on the processing of binary information while being able to manipulate any binary information?
This presentation investigates base technologies for trust enhancing. It examines the role of cryptography as a trust facilitator for IT-systems: the merits of cryptographic technologies with respect to trust enhancement are identified; the relevance of recent technology initiatives in the world of XML (e.g. Liberty Alliance, SAML, WS-Security, XACML, XKMS, XML-Encryption, and XML-Signature) is analyzed.