In this paper, Lilien et al. propose the pervasive trust foundation (PTF), a new paradigm for the security of next-generation networks (NGNs). The paper reviews and surveys existing literature and terminology related to the trust aspects of a variety of networking areas.
The authors give a detailed review of the standard security principles of information systems, including confidentiality, integrity, and availability (CIA) and authentication, access control, and nonrepudiation (AAN). As the title suggests, the paper emphasizes the variety of aspects and notions of trust. The authors then extend PTF to the open systems interconnection (OSI) model and beyond. Starting with trust in the small (TIS)--“TIS supports small subsets of security services (SSs), individual SSs or, in the worst case, only portions of individual SSs”--the authors expand this concept to trust in the large (TIL)--“TIL supports either all SSs, or ... large sets of SSs”--which they portray as equivalent to PTF. The paper discusses all of the related issues, problems, and requirements for PTF, and offers a set of recommendations--a basic reference model--for NGNs.
Since this is a conceptual position paper, it should inspire readers to think. It can also be used to help advanced undergraduate and graduate students grasp the standard set of SSs. (Other earlier texts suitable for teaching [1,2], however, also illustrate these concepts.) The authors include a disclaimer that this paper presents their best-effort opinion rather than sound theoretical and practical research; readers should treat it as such.
One of the strengths of this paper is that the authors provide guidelines and research directions for future work. If Lilien et al. ever expand this paper to include credible theory and practice, and combine it with the current work, it could become a must-read journal paper. Until then, it remains an opinion piece, though an interesting and well-illustrated one.