In Security_engineering, a '''trusted system''' is a system that you have ''no choice but to trust''. The failure of a trusted system will compromise security. In general, the number of trusted components in a system should be minimized. ''See also:'' Computer_security, Secure_computing, Trusted_computing. {{crypto-stub}} Category:Security ==Trusted Systems in Policy_Analysis== Trusted systems in the context of national or Homeland_security, law enforcement, or Social_control policy are systems in which some conditional Prediction about the behavior of people or objects within the system has been determined prior to authorizing access to system resources. [ 1 ] For example, trusted systems include the use of "security envelopes" http://www.dhs.gov/dhspublic/display?content=4505 in national security and counterterrorism applications, "Trusted_computing" initiatives in technical systems security, and the use of credit or identity scoring systems in financial and anti-fraud applications; in general, they include any system (i) in which probabilistic threat or Risk_analysis is used to assess "trust" for decision-making before authorizing access or for allocating resources against likely threats (including their use in the design of systems Constraints to control behavior within the system), or (ii) in which Deviation_analysis or systems Surveillance is used to insure that behavior within systems complies with expected or authorized parameters. The widespread adoption of these authorization-based security strategies (where the default state is DEFAULT=DENY) for counterterrorism, anti-fraud, and other purposes is helping accelerate the ongoing transformation of modern societies from a notional Beccarian model of Criminal_justice based on accountability for deviant actions after they occur, see Cesare_Beccaria, On Crimes and Punishment (1764), to a Foucauldian model based on authorization, preemption, and general social compliance through ubiquitous preventative Surveillance and control through system Constraints, see Michel_Foucault, Discipline_and_Punish (1975, Alan Sheridan, tr., 1977, 1995). In this emergent model, "security" is geared not towards Policing but to Risk_management through Surveillance, exchange of information, Auditing, communication, and Classification. These developments have led to general concerns about individual Privacy and Civil_liberty and to a broader Philosophical debate about the appropriate forms of social governance methodologies. == References == # The concept of trusted systems described here is discussed in K. A. Taipale, "The Trusted Systems Problem: Security Envelopes, Statistical Threat Analysis, and the Presumption of Innocence," Homeland Security - Trends and Controversies, IEEE Intelligent Systems, Vol. 20 No. 5, pp. 80-83 (Sept./Oct. 2005). ==Links== See also, The Trusted Systems Project, a part of the Global Information Society Project (GISP), a joint research project of the World Policy Insitute (WPI) and the Center for Advanced Studies in Sci. & Tech. Policy (CAS).