Quote: some truths are known only by trust; e.g., Rome is a big city, or this person is my mother

Quote: security is a lot easier if you assume trusted and intelligent users; for the most part, insiders are your allies [»schnB_2000]

Quote: in electronic banking, valid transactions depend on an agreement between bank and the depositor [»hewiC4_1985]

Quote: domain and organization clearinghouses share information freely; trust is assumed among servers [»oppeDC10_1981]

Quote: for Clearinghouse servers, trust is an equivalence relation (commutative and transitive); simplifies access control [»oppeDC10_1981]

Quote: use a trustworthy intermediary for secure information flow; e.g., a low-level host places a file in a secure store for reading by a high-level host [»rushJ7_1983]

Quote: a secure OS needs a trusted path to trusted software that cannot be impersonated; is a login screen valid?

Quote: trusted authorities could certify quality numbers for certain classes of documents [»dennPJ3_1982]

Quote: a covenant is a contract involving trust; it was the will of him that was trusted, to perform as expected

Quote: if the porter only admits people with invitations, we trust that admitted people have an invitation [»lost entries]

Quote: with seals, users don't have to trust the computer system and its administrators, and can freely distribute; good for distributed systems [»giffDK4_1982]

Quote: we can always imagine a doubt; e.g., of someone who believes an abyss may open up, but the doubt is not held by most [»wittL_1958a]

Quote: the proper product of programming is arguments that a program is a trustworthy solution [»dijkEW_1982]

Quote: a verified program is provably corrected but not reliable and trustworthy; no information about limits [»demiRA5_1979]

Quote: correct code by using sound principles during design, verification by analysis, and exhaustive testing of small cases [»bentJ10_1983]

Quote: with Java, new code starts untrusted, becomes verified, then transformed into machine code by a trusted compiler [»allmE7_2004]

Quote: you can only trust code that you create; source-level verification or scrutiny can not catch unsecure code [»thomK8_1984]

Quote: if you treat machines as people, then may end up treating people like machines; devalues emotions, creativity, individuality, trust [»shneB1_1993]

Quote: constantly question security; question your assumptions; question your decisions; trust no one, especially yourself [»schnB_2000]

Quote: be vigilant; for detection and response to be effective, it must work always; be prepared for an attack [»schnB_2000]

Quote: for good security, watch the watchers; e.g., banks and casinos [»schnB_2000]