Abstract
The owners and users of distributed systems need to trust components of the system from a security point of view. In this paper we investigate the possible methods for establishing trust in the security features of an IT product or system.
Chapter PDF
Similar content being viewed by others
References
Anderson, Ross and Kuhn, Markus (1996). Tamper Resistance - a Cautionary Note. www.ft.uni-erlangen.demskuhn/tamper.html
Boneh, D., DeMillo, R. A. and Lipton, R. J. (1996). On the Importance of Checking
Computations. BELLCORE. www.bellcore.com
CCTA (1991). CRAMM User’s Guide (Version 2.0). The UK Central Computer and
Telecommunications Agency
EC (1992). Information Technology Security Evaluation Criteria. The European Commission.
EC (1994). INFOSEC investigation 52108: Security Project for Evaluating Smart Cards. The European Commission.
Van Laenen, F. (1995). Pedigree and Credentials, Remediation and Legal Aspects to Gain Assurance in IT Products and Systems. Master Thesis, KUL.
ISO (1996). Evaluation Criteria for IT Security (documents N 1401, 1402, 1403, 1404). ISO/IEC JTC 1/SC 27.
Jesang, A. (1995). The difficulty of standardizing smart card security evaluation. Computer Standards & Interfaces 17 (1995), pages 333–341.
Josang, A. (1996). The right type of trust for distributed systems. In Proceedings of the New Security Paradigms Workshop 96. ACM.
Paulk, M. C. (1994). A Comparison of ISO 9001 and the Capability Maturity Model for Software. Technical report, Software Engineering Institute, CMU/SEI-94-TR-12. Smithson, M. (1988). Ignorance and Uncertainty. Springer Verlag.
Swaelens, G.J. (1992). ISO 9000 Quality Standards in 24 Questions. ISO 9000 News, 1, January 1992. Interview with MR J. E. Ware, Managing Director of BSI Quality Assurance and Chairman of ISO/CASCO
US DoD (1985). Trusted Computer System Evaluation Criteria. US Department of Defence.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1997 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Jøsang, A., Van Laenen, F., Knapskog, S.J., Vandewalle, J. (1997). How to trust systems. In: Yngström, L., Carlsen, J. (eds) Information Security in Research and Business. IFIP — The International Federation for Information Processing. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35259-6_19
Download citation
DOI: https://doi.org/10.1007/978-0-387-35259-6_19
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5481-0
Online ISBN: 978-0-387-35259-6
eBook Packages: Springer Book Archive