Use this URL to cite or link to this record in EThOS:
Title: An architectural approach for reasoning about trust properties
Author: Namiluko, Cornelius
Awarding Body: University of Oxford
Current Institution: University of Oxford
Date of Award: 2012
Availability of Full Text:
Access from EThOS:
Full text unavailable from EThOS. Restricted access.
Access from Institution:
The need for trustworthy system operation has been acknowledged in many circles. However, establishing that a system is trustworthy is a significant challenge. While trusted computing proposes technical mechanisms towards this end, less attention is directed towards providing a basis for trusting such systems. Consequently, it is not clear: (i) how such mechanisms influence the overall trust in a system; (ii) the properties and assumptions upon which trust is based; and (iii) the evidence necessary to reason about these properties. This can be attributed to a number of factors including: (i) the complexity of modern systems; (ii) a lack of consensus on a definition of trust; and (iii) a lack of a systematic approach for identifying and using evidence to reason about trust-related properties. This dissertation presents research towards addressing these challenges. We argue that an architectural approach provides effective abstractions for making trust properties and assumptions explicit and reasoning about a system's ability to satisfy these properties. We propose a framework for identifying, categorising and mapping trust-properties to aspects of a system that could be used to reason about these properties. Guided by this framework, we propose and develop models for representing knowledge about a particular aspect and using it to reason about trust-properties. A semantic model, based on the semantics of Z, is developed to characterise building blocks of trustworthy systems and to demonstrate how the system's constituents determine its trustworthiness. An abstraction model based on formal verification is developed to reason about the impact of the system's construction and configuration on its trustworthiness. Finally, two complementary models for capturing the runtime aspects of the system are developed. A trace-based model enables analysis of runtime evidence in the form of event logs and a provenance-based model captures operations on the system as a provenance graph. The models are validated on a trusted grid architecture, a password manager and a trustworthy collaborative system.
Supervisor: Martin, Andrew Sponsor: Rhodes Trust
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available
Keywords: Computer Science ; Security ; System Architecture ; Provenance ; trusted computing