Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Trusted system
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Trusted systems in policy analysis== In the context of [[national security|national]] or [[homeland security]], [[code enforcement|law enforcement]], or [[social control]] policy, trusted systems provide conditional [[prediction]] about the behavior of people or objects prior to authorizing access to system resources.<ref>The concept of trusted systems described here is discussed in Taipale, K.A. (2005). [http://doi.ieeecomputersociety.org/10.1109/MIS.2005.89 The Trusted Systems Problem: Security Envelopes, Statistical Threat Analysis, and the Presumption of Innocence], Homeland Security - Trends and Controversies, IEEE Intelligent Systems, Vol. 20 No. 5, pp. 80-83 (Sept./Oct. 2005).</ref> For example, trusted systems include the use of "security envelopes" in national security and counterterrorism applications, "[[trusted computing]]" initiatives in technical systems security, and [[credit score|credit or identity scoring]] systems in financial and anti-fraud applications. In general, they include any system in which * probabilistic threat or [[Probabilistic risk assessment|risk analysis]] is used to assess "trust" for decision-making before authorizing access or for allocating resources against likely threats (including their use in the design of systems [[Integrity constraints|constraints]] to control behavior within the system); or * [[deviation analysis (computing)|deviation analysis]] or systems [[surveillance]] is used to ensure that behavior within systems complies with expected or authorized parameters. The widespread adoption of these authorization-based security strategies (where the default state is DEFAULT=DENY) for counterterrorism, anti-fraud, and other purposes is helping accelerate the ongoing transformation of modern societies from a notional [[Cesare Beccaria|Beccaria]]n model of [[criminal justice]] based on accountability for deviant actions after they occur<ref>[[Cesare Beccaria]], On Crimes and Punishment (1764)</ref> to a [[Michel Foucault|Foucauldian]] model based on authorization, preemption, and general social compliance through ubiquitous preventative [[surveillance]] and control through system constraints.<ref>[[Michel Foucault]], ''[[Discipline and Punish]]'' (1975, [[Alan Sheridan]], tr., 1977, 1995)</ref> In this emergent model, "security" is not geared towards [[policing]] but to [[risk management]] through surveillance, information exchange, [[auditing]], communication, and [[Categorization|classification]]. These developments have led to general concerns about individual [[privacy]] and [[civil liberty]], and to a broader [[philosophical]] debate about appropriate social governance methodologies.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)