Eugene provokes us to question some assumptions related to computer architecture, the definitions of security, and how best to build trusted systems. Are current methods of defining security appropriate? How might we better design a system to be secured?
A great deal of the trust we think we can place (or not) in our computing systems is based on experience with the ones we commonly use. However, those computing systems continue to be victimized by a variety of failures and attacks. Perhaps some of the 'common knowledge' on which we base our designs is itself faulty? Perhaps we are employing concepts that should be re-examined? In this talk, Eugene provokes the audience to question some assumptions related to computer architecture, the definitions of security, and how best to build trusted systems. In particular, we should question if the current methods of defining security are appropriate, how we might better design a system to be secured, and whether we understand the appropriate tradeoffs when paying for heightened trust. Professor Eugene H. Spafford is one of the most senior and recognized leaders in the field of computing. He has an on-going record of accomplishment as a senior advisor and consultant on issues of security and intelligence, education, cybercrime and computing policy to a number of major companies, law enforcement organizations, academic and government agencies. This talk is a Keynote from the TRUST 2009 Conference (University of Oxford, April 2009) which focused on trusted and trustworthy computing, both from technical and social perspectives.