Issue No. 06 - June (2004 vol. 37)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MC.2004.17
Butler W. Lampson , Microsoft
<p>Despite many computer security successes over the past 30 years, the security of the hundreds of millions of deployed computer systems remains terrible. A determined and competent attacker could destroy or steal most of the information on these systems. Even worse, an attacker could do this to millions of systems at once.</p><p>The chain of trust offers a sound basis for securing systems by logging and auditing access control decisions. Principals with hierarchical names are especially important. A parent can delegate for all of its children. Rooting name spaces in keys avoids any need for a globally trusted root. The basic scheme can be varied as well by, for example, changing how it stores and transmits bytes, collects and summarizes evidence for links, expresses sets of statements, and structures compound principals.</p>
B. W. Lampson, "Computer Security in the Real World," in Computer, vol. 37, no. , pp. 37-46, 2004.