Jeffrey S. Chase

Reflections on Trusting Trust, Part 2: The Cloud

More than two decades ago, Ken Thompson gave an ACM Turing Award Lecture called “Reflections on Trusting Trust”, in which he showed how our trust in the software we run is based on chains of reasoning with many hidden and vulnerable links. Today, most of the software we use runs out in the Web and up in the “clouds” of servers gathered in data centers around the Internet. These services are out of our reach and under someone else’s control. How do we know whose software we are using? How do we know if we can trust the software? This talk gives an overview of the basic trust architecture for web-based services, which is based on a binding of domain names (e.g., williams.edu) to encryption keys via certificates endorsed by third parties. This architecture incorporates chains of trust with weak links that are hidden from most users. We consider some implications of this state of affairs, some possible patches to the architecture, and some ideas for a future architecture of trust in the cloud.


Professor Jeffrey S. Chase, Department of Computer Science, Duke University. www.cs.duke.edu/~chase