No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
== Definitions == |
== Definitions == |
||
| − | == Computing == |
+ | === Computing === |
'''Trustworthiness''' is a multidimensional measure of the extent to which a [[system]] is likely to satisfy each of multiple aspects of each stated requirement for some desired combination of [[system integrity]], [[system availability]] and [[survivability]], [[data confidentiality]], guaranteed [[real-time]] performance, [[accountability]], [[attribution]], [[usability]], and other critical needs. |
'''Trustworthiness''' is a multidimensional measure of the extent to which a [[system]] is likely to satisfy each of multiple aspects of each stated requirement for some desired combination of [[system integrity]], [[system availability]] and [[survivability]], [[data confidentiality]], guaranteed [[real-time]] performance, [[accountability]], [[attribution]], [[usability]], and other critical needs. |
||
| Line 18: | Line 18: | ||
[[Spoof]]ed [[website]]s, stolen [[password]]s, and [[compromise]]d [[login]] accounts are all symptoms of an untrustworthy [[computing]] environment. One key step in reducing [[online fraud]] and [[identity theft]] is to increase the level of trust associated with identities in [[cyberspace]]. |
[[Spoof]]ed [[website]]s, stolen [[password]]s, and [[compromise]]d [[login]] accounts are all symptoms of an untrustworthy [[computing]] environment. One key step in reducing [[online fraud]] and [[identity theft]] is to increase the level of trust associated with identities in [[cyberspace]]. |
||
| − | == Evidence == |
+ | === Evidence === |
'''Trustworthiness''' of [[documentary evidence]] or [[testimony]] is based primarily on subjective factors, but can include objective measurements such as established [[reliability]]. |
'''Trustworthiness''' of [[documentary evidence]] or [[testimony]] is based primarily on subjective factors, but can include objective measurements such as established [[reliability]]. |
||
| − | == General == |
+ | === General === |
'''Trustworthiness''' is an [[attribute]] of a person or organization that provides [[confidence]] to others of the qualifications, capabilities, and [[reliability]] of that entity to perform specific tasks and fulfill assigned responsibilities. |
'''Trustworthiness''' is an [[attribute]] of a person or organization that provides [[confidence]] to others of the qualifications, capabilities, and [[reliability]] of that entity to perform specific tasks and fulfill assigned responsibilities. |
||
Revision as of 05:28, 3 June 2014
Definitions
Computing
Trustworthiness is a multidimensional measure of the extent to which a system is likely to satisfy each of multiple aspects of each stated requirement for some desired combination of system integrity, system availability and survivability, data confidentiality, guaranteed real-time performance, accountability, attribution, usability, and other critical needs.
Trustworthiness expresses the degree to which information systems (including the information technology products from which the systems are built) can be expected to: (i) perform in a specified or predictable manner; and (ii) preserve the confidentiality, integrity, and availability of the information being processed, stored, or transmitted by the systems.
Trustworthy information systems are systems that are worthy of being trusted to operate within defined levels of risk despite the environmental disruptions, human errors, and purposeful attacks that are expected to occur in the specified environments of operation. Two factors affecting the trustworthiness of an information system include:
- Security functionality (i.e., the security-related features or functions employed within an information system or the infrastructure supporting the system); and
- Security assurance (i.e., the grounds for confidence that the security functionality, when employed within an information system or its supporting infrastructure, is effective in its application).
Critical systems and their operating environments must be trustworthy despite a very wide range of adversities and adversaries. Historically, many system uses assumed the existence of a trustworthy computing base that would provide a suitable foundation for such computing. However, this assumption has not been justified.
Scalable trustworthiness will be essential for many national- and world-scale systems, including those supporting critical infrastructures. Current methodologies for creating high-assurance systems do not scale to the size of today’s — let alone tomorrow’s — critical systems.
Spoofed websites, stolen passwords, and compromised login accounts are all symptoms of an untrustworthy computing environment. One key step in reducing online fraud and identity theft is to increase the level of trust associated with identities in cyberspace.
Evidence
Trustworthiness of documentary evidence or testimony is based primarily on subjective factors, but can include objective measurements such as established reliability.
General
Trustworthiness is an attribute of a person or organization that provides confidence to others of the qualifications, capabilities, and reliability of that entity to perform specific tasks and fulfill assigned responsibilities.