Communications of the ACM
How the pdate Framework Improves Security of Software pdates
The Update Framework was created to help organizations update their software securely.
Credit: eWeek
New York University professor Justin Cappos has been developing The Update Framework (TUF) for eight years with the goal of helping organizations securely update their software.
Hackers will always be able to get into parts of the infrastructure, but Cappos says the aim of TUF is even if that happens, it does not compromise the security of the entire system.
One key aspect of TUF is that it can support multiple types of deployment models and environments, without the need to replace existing infrastructure.
Cappos notes there are several basic design principles behind TUF, the first of which is a separation of responsibilities. He says parties that are trusted to do one set of actions are not trusted to do all functions.
In addition, TUF's design integrates a multi-signature trust model, which requires two or more digital keys for trust and authenticity; explicit and implicit trust revocation also are part of its design.
From eWeek
View Full Article
Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA
No entries found