My Account
Log in Registration
All
Cart
Highlights
Fiction Books
Non-Fiction Books
Children's Books
Rare Books
Music
DVD & Blu-Ray
Video Games
Category
Wishlists
Cart
All
Free US shipping over $10
Trustpilot
Proud to be B-Corp

The Huawei and Snowden Questions Olav Lysne

The Huawei and Snowden Questions By Olav Lysne

The Huawei and Snowden Questions by Olav Lysne

Reviews:
$33.69
Condition - New
Only 2 left
New

Summary

This open access book answers two central questions: firstly, is it at all possible to verify electronic equipment procured from untrusted vendors?

The Huawei and Snowden Questions Summary

The Huawei and Snowden Questions: Can Electronic Equipment from Untrusted Vendors be Verified? Can an Untrusted Vendor Build Trust into Electronic Equipment? by Olav Lysne

This open access book answers two central questions: firstly, is it at all possible to verify electronic equipment procured from untrusted vendors? Secondly, can I build trust into my products in such a way that I support verification by untrusting customers? In separate chapters the book takes readers through the state of the art in fields of computer science that can shed light on these questions. In a concluding chapter it discusses realistic ways forward.

In discussions on cyber security, there is a tacit assumption that the manufacturer of equipment will collaborate with the user of the equipment to stop third-party wrongdoers. The Snowden files and recent deliberations on the use of Chinese equipment in the critical infrastructures of western countries have changed this. The discourse in both cases revolves around what malevolent manufacturers can do to harm their own customers, and the importance of the matter is on par with questions of national security.

This book is of great interest to ICT and security professionals who need a clear understanding of the two questions posed in the subtitle, and to decision-makers in industry, national bodies and nation states.

About Olav Lysne

Olav Lysne is Director and founder of the Center for Resilient Networks and Applications (CRNA) at Simula research laboratory, and professor in computer science at Simula and the University of Oslo. He holds a PhD in Computer Science from the University of Oslo, and his experience in research, education, management and innovation reaches back to 1989.

Lysne was the leader of a National Commission that assessed whether the Norwegian Intelligence Service (Etterretningstjenesten) should be allowed to do lawful interception of Internet-traffic crossing the national borders of Norway (Lysne II utvalget). The commission started its work in January 2016, and handed over its report to the Norwegian Minister of Defence in August 2016.

Lysne was the leader of National Commission for Digital Vulnerability formed by the Norwegian government (Lysne I utvalget). The commission was active from August 2014 to September 2015, and consisted of nine experts from all relevant sectors in Norway. Their mandate was to write a report that forms the basis for the Government's cyber-policy.

The early research contributions of Lysne were in the field of algebraic specification and term rewriting, with a particular emphasis on automated deduction. While working in this field he was a visiting researcher at Universite de Paris-Sud. Later in his career he has been working on resilient computer architecture for supercomputing and cloud infrastructures, routing and switching techniques for IP-networks and measurement of national network infrastructures.

Since 2010 Lysne has been working on developing methods for measurement of resilience in Mobile Broadband Networks. This work has resulted in the formation of a nation-wide monitoring system of mobile broadband in Norway, funded directly by the Norwegian government. This system has been extended to Sweden, Italy and Spain through the EU project MONROE.

Table of Contents

1 Introduction: 1.1 A New Situation.- 1.2 What are we Afraid of?.- 1.3 Huawei and ZTE.- 1.4 Trust in Vendors.- 1.5 Points of Attack.- 1.6 Trust in Vendors is Different from Computer Security.- 1.7 Why the Problem is Important.- 1.8 Advice for Readers.- 2 Trust: 2.1 Prisoner's Dilemma.- 2.2 Trust and Game Theory.- 2.3 Trust and Freedom of Choice.- 2.4 Trust, Consequence and Situation.- 2.5 Trust and Security.- 2.6 Trusted Computing Base---Trust between Components.- 2.7 Discussion.- 3 What is an ICT-System?: 3.1 Transistors and Integrated Circuits.- 3.2 Memory and Communication.- 3.3 Processors and Instruction Sets.- 3.4 Firmware.- 3.5 Operating Systems, Device Drivers, Hardware Adaptation Layers and Hypervisors.- 3.6 Bytecode Interpreters.- 3.7 The Application on Top.- 3.8 Infrastructures and Distributed Systems.- 3.9 Discussion.- 4 Development of ICT Systems: 4.1 Software Development.- 4.2 Hardware Development .- 4.3 Security Updates and Maintenance.- 4.4 Discussion.- 5 Theoretical Foundation: 5.1 Goedel and the Liar's Paradox.- 5.2 Turing and the Halting Problem.- 5.3 Decidability of Malicious Behaviour.- 5.4 Is there Still Hope?.- 5.5 Where does this Lead Us?.- 6 Reverse Engineering of Code: 6.1 Application of Reversing in ICT.- 6.2 Static Code Analysis.- 6.3 Disassemblers.- 6.4 Decompilers.- 6.5 Debuggers.- 6.6 Antireversing.- 6.7 Hardware.- 6.8 Discussion.- 7 Static Detection of Malware: 7.1 Classes of Malware.- 7.2 Signatures, and Static Code Analysis.- 7.3 Encrypted and Oligomorphic Malware.- 7.4 Obfuscation Techniques.- 7.5 Polymorphic and Metamorphic Malware.- 7.6 Heuristic Approaches.- 7.7 Malicious Hardware.- 7.8 Specification Based Techniques.- 7.9 Discussion.- 8 Dynamic Detection Methods: 8.1 Dynamic Properties.- 8.2 Unrestricted Execution.- 8.3 Emulator Based Analysis.- 8.4 Virtual Machines.- 8.5 Evasion Techniques.- 8.6 Analysis.- 8.7 Hardware.- 8.8 Discussion.- 9 Formal Methods: 9.1 Formal Methods Overview.- 9.2 Specification.- 9.3 Programming Languages.- 9.4 Hybrid Programming and Specification Languages.- 9.5 Semantic Translation.- 9.6 Logics.- 9.7 Theorem Proving and Model Checking.- 9.8 Proofcarrying Code.- 9.9 Conclusion.- 10 Software Quality and Quality Management: 10.1 What is Software Quality Management?.- 10.2 Software Development Process.- 10.3 Software Quality Models.- 10.4 Software Quality Management.- 10.5 Software Quality Metrics.- 10.6 Standards.- 10.7 Common Criteria (ISO/IEC-15408).- 10.8 Software Testing.- 10.9 Verification through Formal Methods.- 10.10 Code Review.- 10.11 Discussion.- 11 Containment of Untrusted Modules: 11.1 Overview.- 11.2 Partial Failures and Fault Models.- 11.3 Erlang---a Programming Language Supporting Containment.- 11.4 Microservices---an Architecture Model Supporting Containment.- 11.5 Hardware Containment.- 11.6 Discussion.- 12 Summary and Way Forward: 12.1 Summary of Findings.- 12.2 Way Forward.- 12.3 Concluding Remarks.

Additional information

NPB9783319749495
9783319749495
3319749498
The Huawei and Snowden Questions: Can Electronic Equipment from Untrusted Vendors be Verified? Can an Untrusted Vendor Build Trust into Electronic Equipment? by Olav Lysne
Olav Lysne
Simula SpringerBriefs on Computing
New
Paperback
Springer International Publishing AG
20180301
116
N/A
Book picture is for illustrative purposes only, actual binding, cover or edition may vary.
This is a new book - be the first to read this copy. With untouched pages and a perfect binding, your brand new copy is ready to be opened for the first time

Customer Reviews - The Huawei and Snowden Questions