Trust Enforcing and Trust Building, Different Technologies and Visions

摘要

Concern about vulnerabilities of IT systems is growing together with attention to risks of intrusive cyber-control over personal activities and data. This article discusses some new technologies that are being integrated into computing devices for realizing so-called Trusted Computing and Digital Rights Management systems, which can remotely attest their current hardware/software state and can enforce external policies to access protected content. These technologies are then confronted with distributed Trust Management systems, which realize access control for local resources on the basis of delegation of access rights according to local trust decisions. Both technologies are discussed from various points of view: architecture, vision, ethics, politics and law.