Why do we want to eliminate trust? Isn’t trust a good thing that we should foster and grow? And shouldn’t computing platforms trust their end-users, and vice versa? The short answer is no. And I would argue that the very goal of system security has always been to reduce trust.
For instance, because you do not trust the network you send your data over, you use TLS to enable end-2-end encryption. Because you also do not trust the cloud’s provider with your encryption keys, you use a hardware security module to store it instead. And because the cloud providers themselves do not trust your workloads, they run them at a lower privilege level than their system software (e.g hypervisor and host OS) and in isolation from other VMs. Indeed, behind every security primitive that we build, is a trust assumption that we want to eliminate.
Blurred trust boundaries
But how did things get so complex? During the early days of digitalisation, the assets that an organisation cared about…
