Security

Defense-Enabled Applications

Download Now Free registration required

Executive Summary

Some applications can be given increased resistance to malicious attack even though the environment in which they run is untrustworthy. The authors call any such application "Defense-enabled". This paper explains the principles behind defense enabling and the assumptions on which it depends. Ideally, one defends a computer system against malicious attack by identifying, in a security policy, what one wants to protect and then by implementing that protection in hardware and software. The implementation is called a Trusted Computing Base (TCB).

  • Format: PDF
  • Size: 39.3 KB