10 February 2007

Software Engineering: Trustworthiness (Definitions)

"Having reliable, appropriate, and validated levels of security." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"Worthy of being trusted to have certain specified properties." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"The perception and confidence in the quality of the model by its users." (Panos Alexopoulos, "Semantic Modeling for Data", 2020)

"Computer hardware, software and procedures that - 1) are reasonably secure from intrusion and misuse; 2) provide a reasonable level of availability, reliability, and correct operation; 3) are reasonably suited to performing their intended functions; and 4) adhere to generally accepted security procedures." (NIST SP 800-12 Rev. 1)

"Worthy of being trusted to fulfill whatever critical requirements may be needed for a particular component, subsystem, system, network, application, mission, enterprise, or other entity. Note From a privacy perspective, a trustworthy system is a system that meets specific privacy requirements in addition to meeting other critical requirements." (NISTIR 8062)

"The degree to which an information system (including the information technology components that are used to build the system) can be expected to preserve the confidentiality, integrity, and availability of the information being processed, stored, or transmitted by the system across the full range of threats. A trustworthy information system is a system that is believed to be capable of operating within defined levels of risk despite the environmental disruptions, human errors, structural failures, and purposeful attacks that are expected to occur in its environment of operation." (NIST SP 800-53 Rev. 4)

"The degree to which the security behavior of a component is demonstrably compliant with its stated functionality." (NIST SP 800-160)

No comments:

Related Posts Plugin for WordPress, Blogger...

About Me

My photo
Koeln, NRW, Germany
IT Professional with more than 24 years experience in IT in the area of full life-cycle of Web/Desktop/Database Applications Development, Software Engineering, Consultancy, Data Management, Data Quality, Data Migrations, Reporting, ERP implementations & support, Team/Project/IT Management, etc.