I was privileged to hear keynote speaker, George Stathakopolous, general manager of security engineering and communications at Microsoft give a follow up to his speech last year.
George had kindly stepped in for Scott Charney VP of Trustworthy Computing at Microsoft and was talking about End to End Trust.
If you would like to get the in-depth aspect of his talk you should read the complete report here.
Essentially end to end trust is about trying to find away to create a secure way of working by having access to a trusted stack. The trusted stack is as follows
(1) security rooted in the hardware
(2) a trusted operating system
(3) trusted applications
(4) trusted people
(5) trusted data.
Each of these layers are interdependent, and a breach in any part of the stack will undermine the security provided by the other layers.
For example, a report may be created using secure hardware and a secure operating system by an authorised person and sent to another as a signed attachment with integrity with a trusted application but if the report itself is based on false data then the stack breaks down. If on the other hand the data was sound but the application had been infected the model also breaks down.
In the next three blogs I’d like to focus on two aspects from this paper and talk and add one of my own:-
- Beyond SD3
- The Trusted Stack
- Why the Trusted Stack Model can’t stack up
