100 likes | 388 Vues
Technical Trust for the Internet Thomas Hardjono MIT Kerberos Consortium. January, 2013 MIT Media Lab Hackthon. The Meaning of Trust. “ Trust ” today is a loaded & confusing term Lay persons typically mean safety & reliability :
 
                
                E N D
Technical Trust for the InternetThomas HardjonoMIT Kerberos Consortium January, 2013 MIT Media Lab Hackthon
The Meaning of Trust • “Trust” today is a loaded & confusing term • Lay persons typically mean safety & reliability: • Predictable behavior of objects & services (My car start every morning, etc, etc) • Legal recourse to in case of unsafe & unreliable service (my car is a lemon) • Networking infrastructure (i.e. the highways) • Endpoints with whom they transact • Correct mapping of digital identity to the intended human person 23 Jan 2010
Three “types” of trust • Technical Trust • Technology-based evidence (attestations) • Social trust: • Business • Legal 23 Jan 2010
Trust is… • Something can be trusted if it behaves in an expected manner for a particular purpose • Technological view: Trusted platforms use technological implementations of the factors that permit us (in everyday life) to trust the behavior of others • Trusted Platforms • But all trust is still ultimately derived from people (and hence organizations) 23 Jan 2010
What ‘s necessary for trust? (Trusted Computing Group, ca. 1999) • It is safe to trust something when • (it can be unambiguously identified) • AND (it operates unhindered) • AND ([the user has first hand experience of consistent, good, behavior] OR [the user trusts someone who vouches for consistent, good, behavior]) 23 Jan 2010
(1) Unambiguous Identification • Unambiguous “internet identity” remains largely an unsolved issue • Not just about uniqueness and name-spaces • Core identity • Strong privacy (privacy-preservation) • Pseudonyms (provably linked to core identity) • Ecosystem currently under development • Trust Frameworks 23 Jan 2010
(2) Unhindered Operation • Client-side computing devices remain vulnerable • Browsers are “untrusted software” • New challenges in virtualized and “cloudified” systems (server side): • Compute unit identification • Ephemeral nature of compute units • Need for isolated processing environments (ref. Trusted Platforms) • Many others 23 Jan 2010
(3) Reporting states & outputs • In the absence of first-hand experience, the user will trust someone who vouches for consistent, good, behavior • Provenance • Attestations in trusted platforms • New frontier for cloud-based providers: • Next gen “trusted logging and audit” • Show me evidence that my SP is “handling” my private data as agreed to in ToS. • The willingness of an SP to take-on liability is related to the quality of logging/audit technologies 23 Jan 2010
Related Issues in BLT Layers • Similar issues in Business & Legal • How to “wrap” legal framework (system rules) around • Definitions of compute units & engines and their expected behavior • Attestations of compute units • Logging & audit outputs • Purchase/rent compute units ala AppInventor • Visual representation of APIs • Defined behavior • Composable and executable 23 Jan 2010
Contact Information The MIT Kerberos Consortium 77 Massachusetts Avenue W92-152 Cambridge, MA 02139 USA Tel: 617.715.2451 Fax: 617.258.3976 Thomas Hardjono, PhD Technical Lead & Executive Director Web: www.kerberos.org MIT Kerberos Consortium Thomas Hardjono (hardjono@mit.edu) M: +1-781-729-9559 May 9, 2012