Trusted Systems: Protecting Sensitive Information :: Exploratory Essays Research Papers

Introduction With the widespread use of the internet, networked applications have expanded to provide many services that a few years ago would have seemed impractical or futuristic. Among them are applications that allow you to find your perfect date, to file your taxes online, rent movies or even to send away gifts you don’t like. With the proliferation of the internet the demand for programs that use information in more complicated and advanced ways has risen. Commercial entities have come forward to fulfill this demand, and the internet has become the center for many applications driven by information. As information use and sharing among applications becomes more desirable we have seen the downside of sensitive information being accessible to entities for which it was not intended. When we look at the development goals of the internet and of computer networks in general we can easily see the contradictory goals that protecting privacy would present. The internet was developed by people who saw great potential in being able to share scientific and military information quickly and easily between computers. Concerns about the privacy of information created by the new applications mentioned above, give us the goal of making sure that information is only accessible by the entities that it is intended for. By definition this means making information sharing more difficult as we don’t want a legitimate user of information to be able to share that information with someone who does not have a legitimate right. For example if I submit my personal information to an insurance company, I don’t want the insurance company to share my information with others who might use it to send me advertisements or for more sinister purposes. Current computer systems a nd networks have been built with the first goal of ubiquitous access and information sharing in mind. Therefore protecting sensitive information requires us to completely rethink the way that computer systems are designed. Potentially there are two routes that we could take. One is to allow computer systems and the internet to enjoy the free architecture that they have at present but to prosecute violators with strict laws on information security. The other is to completely redesign computer systems with the additional goal that information should only be accessible by parties that the owner of the information trusts.