Home > Articles > Operating Systems, Server > Solaris

  • Print
  • + Share This
Like this article? We recommend

Conclusions

Trust modeling is not an abstract intellectual exercise. It is not something interesting to do if you think time permits but dispensable if you don't want to spend time on it. Trust modeling is an essential step in designing a secure architecture.

A trust model must be constructed to match specific business requirements. No generic trust model can be assumed to be valid for a specific situation.

Given the urgency of having a trust model and the need to construct it to match specific business requirements, it is important to assign the necessary resources to develop a model based on a threat profile and risk analysis and to identify the appropriate response mechanisms. Establishment of trust does not happen spontaneously or without effort.

Do not focus solely on technical solutions. As with all aspects of a security architecture, a successful trust model must consider people, process, and technology.

Finally, if you remember nothing else from this article, do not forget the following:

  • Failure to understand what trust model (if any) is actually in effect can create a false sense of security that may lead to serious, even catastrophic, financial and legal problems.

  • Adversaries exploit weak trust models.

  • + Share This
  • 🔖 Save To Your Account