|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > Hierarchies, Lowerarchies, Anarchies, and Plutarchies: Historical Perspectives of Composably Layered High-Assurance Architectures
Hierarchies, Lowerarchies, Anarchies, and Plutarchies: Historical Perspectives of Composably Layered High-Assurance Architectures
If you have a question about this talk, please contact Jonathan Anderson.
This talk will consider some of the challenges of holistically designing predictably trustworthy system and network architectures, with consideration of various past efforts and some prospects for the future. In scope are topics such as what might be called the father and son of hierarchical trustworthy systems, respectively Multics (rings, symbolic dynamic linking, nested directories) and SRI ’s Provably Secure Operating System PSOS design (tagged and typed more-or-less object-oriented capabilities in hardware and software), MLS and MILS architectures (beginning with KSOS and KVM ), separation kernels and virtual machines (with pointers to Rushby and DeLong’s recent work). Some of the underlying concepts are of course abstraction, modularity, strong encapsulation, explicit mappings between layers, explicit dependency analyses, high assurance, and basic principles that can enhance modular composition, considered in my DARPA CHATS report, Principled Assuredly Trustworthy Composable Architecture. As an example of the pervasive interdependencies that must be addressed, I will briefly summarize some aspects of A Roadmap for Cybersecurity Research that we developed for Doug Maughan at the U.S. Department of Homeland Security, November 2009.
NOTE : Plutarch’s writings (e.g., Parallel Lives) stimulated among Romans considerable sense of the importance of understanding historical people and events. He observed that little seemed to have changed in human nature. We might observe today that in some regards relatively little has changed in the commercial development of high-assurance systems, despite some major advances in the research communities. We would like to fix that in the future.
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsPhilosophy of Cognitive Science Hearing Group Meetings ChemSoc - Cambridge Chemistry Society
Other talksSingle molecule studies of mRNA localisation and motor activation Mechanisms of immune-metabolic interaction in infection Majorana metals and quantum spin liquids T cell regulation in autoimmune diabetes Characterisation of the interaction between the trypanosome haptoglobin-haemoglobin receptor and its ligands. 'EVERYDAY DIPLOMACIES: UKUSA intelligence cooperation & geopolitical assemblages'