IT Knowledge Exchange

Register

Forgot Password

Site FAQ

Advertisement

Home > IT Blogs > Custom Application Development > Trustworthy Computing

>>VIEW ALL POSTS

Custom Application Development

Mar 18 2008 6:16AM GMT

Trustworthy Computing

Posted by: SJC

Security, Small Business Computing, Software application development, Software Quality, Software testing

Since reading the white paper entitled “Trustworthy Computing” on the Microsoft link provided by reader Willie Robinson I have been thinking about the concept of “Trustworthy Computing” ever since, almost to the point of distraction — so I figured it was time to blog about it!

I first noted when reading that Microsoft paper that it was dated in the year 2002. This prompted me to try a Google search on “trustworthy computing”, and I discovered a recent article posted on campustechnology.com entitled “Trustworthy Computing: Examining Trust“. I found this article particularly interesting because very early on a reference was made to the fact that there is still a long way to go.

I have found myself wondering since reading the Microsoft White paper, just how possible is it to develop the same kind of confidence and trust in our computing environment that we have with our automobiles or telephone? Computing, however, seems to be an area where there is an every day cat and mouse game being played between the good guys and the bad guys. What happens when a good guy goes bad? That has happened!

It seems to me that until the larger issues of global cooperation and trust are resolved, we will not see global trustworthy computing. On the very first page of Microsoft’s “trustworthy computing” white paper, they state “… Because computers have to some extent already lost people’s trust…”. My experience would be that this is a gross understatement. Significant data breaches have shaken the security foundation to its core, and significantly eroded trust that has been built up in recent years.

If this topic interests you, take a look at this most recent article that I’ve referenced above. It also is a great read.

Comment

RSS Feed

Comment on this Post

Leave a comment:

Wrobinson | Mar 23, 2008 6:14 PM (GMT)

Hi, I thought that you might also be interested in the official memo from Bill Gates that kicked the TwC movement off http://www.wired.com/techbiz/media/news/2002/01/49826.

Wrobinson | Mar 23, 2008 6:34 PM (GMT)

There are definitely some challenges to overcome when it comes to TwC. For all of the news reports on security breaches, we must remember that there are lots of successes that go unreported or under-reported. I read recently, in “A Gift of Fire — Second Ed.” by Sara Baase that this is similar to reports of car accidents made daily on the news. These reports make no mention of the fact that thousands and perhaps millions of trips are made safely; however, these reports do serve a purpose, such as reminding us of the hazards of driving, particularly in bad weather conditions, malfunctioning equipment and inexperience and reckless drivers.

Technology is neither inheretly good or bad. It is the application of technology on the part of humans that is ultimately good or ill natured. True security requires appropriate application of people, process and technology. There is a conflict that we face in balancing the trade-offs between quality and efficiency; meeting technical, timeline and financial targets; also the reluctance to walk away from revenue and profits when met with resistance to doing things the right way.

The question in my mind is how do we go about achieving this collectively, given some of the challenges such as global cooperation, as you pointed out, are resolved?

Perhaps a starting point is to transform the field of information technology into a profession as opposed to a discipline — at least according to the most strict of definitions. This would at a minimum, enforce a code of ethics and social responsibility among those responsible for the design, implementation and support of computer systems and perhaps mitigate the willingness of some to step in and take on an irresponsible or unethical project. Especially if there are potential ramifications such a suspension and revokation of a license to practice similar to the medical and legal professions.

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags