Skip to main content

Open Access Security Evaluation Methods in Trust Infrastructure Based on Engineering and Economics

The modern world runs on data. It is one of the most valuable commodities and many of our day to day activities are based on generating or using this data. The convenience of our world, in which a single device brings us internet searches, shopping lists, online purchases, texts and phone calls is designed to create, store and use data to make life easier and more and more of our daily activities will be conducted online despite security concerns. For example, online purchasing and banking require guarantees that customers data and identities are verifiable and secure. The act of voting is also now moving to being completed online. While this would surely encourage more people to vote by making the process available on your smartphone, the security and integrity of the system is a concern. Is the system hackable? Can it be shutdown by malicious actors, causing chaos on voting day? How can we be sure that the person casting the vote online is in fact that person or that they are not being coerced to cast a certain ballot. These are just a few examples of the breadth of the information security field and the foresight required to build secure systems. Kanta Matsuura, who is a Professor at the Institute of Industrial Science in the University of Tokyo, has been working in this area since the early 2000s. For him, these are issues that the public needs to understand so they can trust in the security tools being developed, such as cryptography and blockchain technologies. 'Traditionally in cryptography, there is a well-known principle proposed by Auguste Kerckhoffs that says a cryptographic system should be secure even if everything about the system, except the secret key, is public knowledge and available to attackers,' says Matsuura. 'To build such a system requires a careful evaluation of these infrastructures before they are designed, known as security by design.' Matsuura therefore believes that stakeholders be well informed regarding the methods used in the construction of the system and the methods used in the security evaluation of the system. 'This introduces scientific rigor to the discipline, and contributes to real-world activities such as standardisation, product validation, risk communication, and so on,' he says


Document Type: Research Article

Publication date: December 1, 2019

More about this publication?
  • Impact is a series of high-quality, open access and free to access science reports designed to enable the dissemination of research impact to key stakeholders. Communicating the impact and relevance of research projects across a large number of subjects in a content format that is easily accessible by an academic and stakeholder audience. The publication features content from the world's leading research councils, policy groups, universities and research projects. Impact is published under a CC-BY Creative Commons licence.

  • Subscribe to this Title
  • Terms & Conditions
  • Disseminating research in Impact
  • Information about Impact
  • Ingenta Connect is not responsible for the content or availability of external websites
  • Access Key
  • Free content
  • Partial Free content
  • New content
  • Open access content
  • Partial Open access content
  • Subscribed content
  • Partial Subscribed content
  • Free trial content