Trust in Computer Systems and the Cloud. Mike Bursell

Trust in Computer Systems and the Cloud - Mike Bursell


Скачать книгу
that it becomes more valuable to keep to it than to diverge from it.

       Fiscal Power The power of central banks, even when not fully controlled by a government, allows them significant control over fiscal matters domestically and sometimes internationally.

       Cultural Power Latterly, the position of the BBC (British Broadcasting Company) within Great Britain, the British Empire, and later the British Commonwealth was such that it wielded considerable cultural power, allowing, even in the 1980s, the rise of the Acorn BBC microcomputer as a significant computing platform in the UK.

       Utility Power A particular organisation has sufficient effective control over a utility, tool, or device that they gain significant power, such as Google's power to promote companies in search results or Facebook's ability to influence what news we see.

      Perhaps the most important example of an endorsing authority in our context is that of certificate authorities. As the Internet grew and the World Wide Web exploded in popularity in the mid-1990s, it became clear that there was a need to be able to identify the computer system—typically the web server—to which you were connecting. More accurately, there was a need to tie the identity of the entity—person or organisation—owning or operating that computer to that computer and the information it was providing. The invention of public-key cryptography and associated public-key infrastructure (PKI) based on asymmetric cryptography offered a way to do this, and a number of companies started offering a service by which they cryptographically signed certificates that could be requested by companies and then hosted on computers to prove their ownership: these companies became known as certificate authorities (CAs). They checked the identity of the requesting party and their ownership of the computer system (or associated DNS record), issued a certificate, and made legal representations around the service they were providing.

      The complexity and importance of the trust relationships to CAs and public-key cryptography within our day-to-day interactions with computing systems should not be underestimated, and we will be undertaking a deep analysis of the issue later in the book. The relevant point here is that CAs became endorsing authorities through the identification of a need, the development of clearly defined processes, and the application of legal frameworks to support the services offered, which led to a new type of endorsing authority. The particular authority that they were endorsing was a series of cryptographic root certificates to which other certificates could be linked, leading to a chain of trust. These root certificates have come to be known as trust anchors, creating a concept that we will adopt and expand as we look beyond just PKI and into trust more generally.

       The anti-vaccination (anti-vaxxers) movement

       The leading British politician Michael Gove refusing to name any economists who supported his “pro-Brexit” stance and saying that “people in this country have had enough of experts”30

       Holocaust deniers

       A move by some to deny the validity of the scientific consensus on climate change31 Exactly what has brought this antiscience movement about—and how to try to reverse it—is the subject of much debate, but this is not a new concern. In the 1990s, for instance, Steven Nock suggested that the change in who and what people trust could be traced to young people moving away from larger family units, arguing that an increase in privacy leads to a reduction in sufficient social relationships to allow trust to build up.32 This change away from trusting established authorities has not all been bad nor all based on the rejection of qualified experts, however. Some of the foundations on which Western civilisation has long been considered to be based have come under prolonged and justified fire. The most obvious example of such an attack would be that of feminism on the patriarchal Establishment, with multiple waves of action and theoretical underpinnings (such as those put forward by Julia Kristeva and Luce Irigaray), but colonialism, racism, and many other long-held assumptions around authority have also come under scrutiny. Philosophical and literary critical theories such as post-structuralism and the deconstructionism espoused by Jacques Derrida have provided approaches that allow for the criticism of established authorities without a free-for-all rejection of their values and underpinnings (an example being the hermeneutics of suspicion).

      Having spent some time considering the questions associated with trusting institutions of various types, we need to look at issues around trusting individuals. In what may seem like a strange move, we are going to start by asking whether we can even trust ourselves.

      Trusting Ourselves