This book has evolved out of roughly ve years of working on computing with social trust. In the beginning, getting people to accept that social networks and the relationships in them could be the basis for interesting, relevant, and exciting c- puter science was a struggle. Today, social networking and social computing have become hot topics, and those of us doing research in this space are nally nding a wealth of opportunities to share our work and to collaborate with others. This book is a collection of chapters that cover all the major areas of research in this space. I hope it will serve as a guide to students and researchers who want a strong introduction to work in the eld, and as encouragement and direction for those who are considering bringing their own techniques to bear on some of these problems. It has been an honor and privilege to work with these authors for whom I have so much respect and admiration. Thanks to all of them for their outstanding work, which speaks for itself, and for patiently enduringall my emails. Thanks, as always, to Jim Hendler for his constant support. Cai Ziegler has been particularly helpful, both as a collaborator, and in the early stages of development for this book. My appreciation also goes to Beverley Ford, Rebecca Mowat and everyone at Springer who helped with publication of this work.

This book has evolved out of roughly ve years of working on computing with social trust. In the beginning, getting people to accept that social networks and the relationships in them could be the basis for interesting, relevant, and exciting c- puter science was a struggle. Today, social networking and social computing have become hot topics, and those of us doing research in this space are nally nding a wealth of opportunities to share our work and to collaborate with others. This book is a collection of chapters that cover all the major areas of research in this space. I hope it will serve as a guide to students and researchers who want a strong introduction to work in the eld, and as encouragement and direction for those who are considering bringing their own techniques to bear on some of these problems. It has been an honor and privilege to work with these authors for whom I have so much respect and admiration. Thanks to all of them for their outstanding work, which speaks for itself, and for patiently enduringall my emails. Thanks, as always, to Jim Hendler for his constant support. Cai Ziegler has been particularly helpful, both as a collaborator, and in the early stages of development for this book. My appreciation also goes to Beverley Ford, Rebecca Mowat and everyone at Springer who helped with publication of this work.

Learn to analyze and measure risk by exploring the nature of trust and its application to cybersecurity Trust in Computer Systems and the Cloud delivers an insightful and practical new take on what it means to trust in the context of computer and network security and the impact on the emerging field of Confidential Computing. Author Mike Bursell’s experience, ranging from Chief Security Architect at Red Hat to CEO at a Confidential Computing start-up grounds the reader in fundamental concepts of trust and related ideas before discussing the more sophisticated applications of these concepts to various areas in computing. The book demonstrates in the importance of understanding and quantifying risk and draws on the social and computer sciences to explain hardware and software security, complex systems, and open source communities. It takes a detailed look at the impact of Confidential Computing on security, trust and risk and also describes the emerging concept of trust domains, which provide an alternative to standard layered security. Foundational definitions of trust from sociology and other social sciences, how they evolved, and what modern concepts of trust mean to computer professionals A comprehensive examination of the importance of systems, from open-source communities to HSMs, TPMs, and Confidential Computing with TEEs. A thorough exploration of trust domains, including explorations of communities of practice, the centralization of control and policies, and monitoring Perfect for security architects at the CISSP level or higher, Trust in Computer Systems and the Cloud is also an indispensable addition to the libraries of system architects, security system engineers, and master’s students in software architecture and security.

"This book brings together scholars with significantly different backgrounds who share interests in the interplay between trust and technology, presenting novel theoretical perspectives on the topics of trust and technology, as well as some empirical investigations into the trust-building, trust-repairing, and trust-destroying practices in the context of technology"--Provided by publisher.

Most aspects of our private and social lives—our safety, the integrity of the financial system, the functioning of utilities and other services, and national security—now depend on computing. But how can we know that this computing is trustworthy? In Mechanizing Proof, Donald MacKenzie addresses this key issue by investigating the interrelations of computing, risk, and mathematical proof over the last half century from the perspectives of history and sociology. His discussion draws on the technical literature of computer science and artificial intelligence and on extensive interviews with participants. MacKenzie argues that our culture now contains two ideals of proof: proof as traditionally conducted by human mathematicians, and formal, mechanized proof. He describes the systems constructed by those committed to the latter ideal and the many questions those systems raise about the nature of proof. He looks at the primary social influence on the development of automated proof—the need to predict the behavior of the computer systems upon which human life and security depend—and explores the involvement of powerful organizations such as the National Security Agency. He concludes that in mechanizing proof, and in pursuing dependable computer systems, we do not obviate the need for trust in our collective human judgment.

One of the major problems in the development of virtual societies, in particular in electronic commerce and computer-mediated interactions in organizations, is trust and deception. This book provides analyses by various researchers of the different types of trust that are needed for various tasks, such as facilitating on-line collaboration, building virtual communities and network organizations, and even the design of effective and user-friendly human-computer interfaces. The book has a multi-disciplinary character providing theoretical models of trust and deception, empirical studies, and practical solutions for creating trust in electronic commerce and multi-agent systems.

The enormous success and diffusion that online social networks (OSNs) are encountering nowadays is vastly apparent. Users' social interactions now occur using online social media as communication channels; personal information and activities are easily exchanged both for recreational and business purposes in order to obtain social or economic advantages. In this scenario, OSNs are considered critical applications with respect to the security of users and their resources, for their characteristics alone: the large amount of personal information they manage, big economic upturn connected to their commercial use, strict interconnection among users and resources characterizing them, as well as user attitude to easily share private data and activities with strangers. In this book, we discuss three main research topics connected to security in online social networks: (i) trust management, because trust can be intended as a measure of the perception of security (in terms of risks/benefits) that users in an OSN have with respect to other (unknown/little-known) parties; (ii) controlled information sharing, because in OSNs, where personal information is not only connected to user profiles, but spans across users' social activities and interactions, users must be provided with the possibility to directly control information flows; and (iii) identity management, because OSNs are subjected more and more to malicious attacks that, with respect to traditional ones, have the advantage of being more effective by leveraging the social network as a new medium for reaching victims. For each of these research topics, in this book we provide both theoretical concepts as well as an overview of the main solutions that commercial/non-commercial actors have proposed over the years. We also discuss some of the most promising research directions in these fields.