Trust and Cybersecurity: In search of a multi-disciplinary theory and practice
Free Public Lecture
Carrillo Gantner Theatre
Swanston Street, Carlton
T: 0433 214 198
See more events from
Cybersecurity has become a global priority, but it encompasses a set of problems that are difficult to resolve. This is due, in part, to its multi-disciplinary nature. The broad definition of cybersecurity encompasses a range of subfields, from computer and network security to cryptography, psychology, human behavior, economics, policy, and international collaboration. The interplay of the subjects is important for the theory and practice in cybersecurity, but the underlying relationships between the components of the big picture remain elusive.
Trust is a foundational concept in cybersecurity because it provides a common thread linking its many components. But this link is not straightforward. People develop trust in other people, polices, information and conventional products in ways that don't easily translate to the models used to define trust between devices and networks or between organisations or between organisations and their employees.
For a device, an application, or a system, trust is based on the premise that the other party behaves in an expected way under the same conditions. Trust complements security requirements, enabling various security models. For people, trust may be based on their experiences and expectations, as well as the reactions of other people. In organisations, trust may be linked to the affiliations and credentials of individuals, organisational relationships, and regulations. For governments and in international relations, trust may be defined by policies, agreements, and national and international norms.
The talk will examine trust in different contexts. From the human side of trust, to cryptographically-supported trusted systems, to policies that maintain trust, a broad view of the topic will be presented. What are the foundations of the individual’s trust in technology and what are the consequences of the lack of trust? How can trust between systems depend on subtle differences in the integrated circuits in their hardware? Can technical trust be nuanced, allowing a system to trust another system a little or a lot, depending on the circumstances? How is trust misused by cyber criminals, and how can technology and cyber norms stop them? How is trust connected to privacy? We will touch upon many of these questions. Trust is complex and multi-faceted, but it is a concept that can explain many successes and failures in cybersecurity.
Claire Vishik will deliver this Dean's Public Lecture. Claire Vishik's work at Intel focuses on hardware security, trusted computing, privacy enhancing technologies, some aspects of cryptography and related global policy issues. Claire is a member of the Permanent Stakeholders Group of ENISA, the European Network and Information Security Agency, Council member for the Information Security Forum, and is an advisor for numerous R&D and strategic initiatives in Asia, Europe and the US.