Title :
Statistical models of trust: TCBs vs. people
Author :
Lee, Theodore M P
Author_Institution :
Trusted Inf. Syst. Inc., Minnetonka, MN, USA
Abstract :
The processes of granting security clearances to people and accrediting trusted computer systems are compared, both informally and using preliminary mathematical models of risk probabilities. The risk models support the validity of two hypotheses that were previously merely conjectures: (1) in determining an acceptable accreditation range for a computer one need only consider the highest classification of data on it and the least-cleared person using it, (2) that under suitable conditions a cascade (combination) of two trusted systems can be trusted more than either individually. In particular, it is shown that a cascade of two (independently built) B2 systems is as good as one B3 system
Keywords :
security of data; statistical analysis; B2 systems; B3 system; TCBs; acceptable accreditation range; cascade; combination; highest data classification; least-cleared person; mathematical models; people; risk models; risk probabilities; security clearances; statistical trust models; trusted computer systems; two trusted systems; Accreditation; Computer errors; Computer security; Information security; Information systems; Invasive software; Mathematical model; Personnel; Uncertainty;
Conference_Titel :
Security and Privacy, 1989. Proceedings., 1989 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-1939-2
DOI :
10.1109/SECPRI.1989.36274
