ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Reflections on trusting trust
Full text PdfPdf (936 KB)
Source
Communications of the ACM archive
Volume 27 ,  Issue 8  (August 1984) table of contents
Pages: 761 - 763  
Year of Publication: 1984
ISSN:0001-0782
Author
Ken Thompson  AT&T Bell Labs, Murray Hill, NJ
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 97,   Downloads (12 Months): 873,   Citation Count: 52
Additional Information:

abstract   references   cited by   index terms   review   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/358198.358210
What is a DOI?

ABSTRACT

To what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Daniel G. Bobrow , Jerry D. Burchfiel , Daniel L. Murphy , Raymond S. Tomlinson, TENEX, a paged time sharing system for the PDP - 10, Communications of the ACM, v.15 n.3, p.135-143, March 1972  [doi>10.1145/361268.361271]
 
2
B. W. Kernighan , D. M. Ritchie, The C programming language, Prentice-Hall, Inc., Upper Saddle River, NJ, 1978
3
Dennis M. Ritchie , Ken Thompson, The UNIX time-sharing system, Communications of the ACM, v.17 n.7, p.365-375, July 1974  [doi>10.1145/361011.361061]
 
4
Unknown Air Force Document.

CITED BY  52
Santosh Chokhani, Trusted products evaluation, Communications of the ACM, v.35 n.7, p.64-76, July 1992
Kok Ming Ang , William J. Caelli, Certificate based PKI and B2B E-commerce: suitable match or not?, Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge, June 11-13, 2001, Paris, France
Peter G. Neumann, Risks of passwords, Communications of the ACM, v.37 n.4, p.126, April 1994
Dorothy E. Denning, The United States vs. Craig Neidorf: A debate on electronic publishing, Constitutional rights and hacking, Communications of the ACM, v.34 n.3, p.22-43, March 1991
Bob Blakley, The Emperor's old armor, Proceedings of the 1996 workshop on New security paradigms, p.2-16, September 17-20, 1996, Lake Arrowhead, California, United States
Andrew W. Appel, Axiomatic bootstrapping: a guide for compiler hackers, ACM Transactions on Programming Languages and Systems (TOPLAS), v.16 n.6, p.1699-1718, Nov. 1994
Ulf Lindqvist , Erland Jonsson, A Map of Security Risks Associated with Using COTS, Computer, v.31 n.6, p.60-66, June 1998
Clifford Stoll, Stalking the wily hacker, Communications of the ACM, v.31 n.5, p.484-497, May 1988
Edward Amoroso , Carol Taylor , John Watson , Jonathan Weiss, A process-oriented methodology for assessing and improving software trustworthiness, Proceedings of the 2nd ACM Conference on Computer and communications security, p.39-50, November 1994, Fairfax, Virginia, United States
Iván Arce, The Weakest Link Revisited, IEEE Security and Privacy, v.1 n.2, p.72-76, March 2003
Carl E. Landwehr , Alan R. Bull , John P. McDermott , William S. Choi, A taxonomy of computer program security flaws, ACM Computing Surveys (CSUR), v.26 n.3, p.211-254, Sept. 1994
Robert L. Ashenhurst, ACM forum, Communications of the ACM, v.28 n.8, p.789-794, Aug. 1985
Rebecca T. Mercuri, Computer security: quality rather than quantity, Communications of the ACM, v.45 n.10, October 2002
Diomidis Spinellis, Reflections on trusting trust revisited, Communications of the ACM, v.46 n.6, June 2003
Voon-Li Chung , Chris McDonald, Towards customisable tuple field matching in VLOS, Proceedings of the twenty-sixth Australasian conference on Computer science: research and practice in information technology, p.317-323, February 01, 2003, Adelaide, Australia
Elias Levy, Poisoning the Software Supply Chain, IEEE Security and Privacy, v.1 n.3, p.70-73, May 2003
Edward G. Amoroso, A graduate course in computing security technology, ACM SIGCSE Bulletin, v.25 n.1, p.251-255, March 1993
Donn Seeley, Password cracking: a game of wits, Communications of the ACM, v.32 n.6, p.700-703, June 1989
Sam Nitzberg, Emerging security issues involving the presence of microphones and video cameras in the computing environment, ACM SIGSAC Review, v.14 n.3, p.13-16, July 1996
Stuart E. Schechter , Michael D. Smith, Access for sale: a new class of worm, Proceedings of the 2003 ACM workshop on Rapid malcode, October 27-27, 2003, Washington, DC, USA
Brian Witten , Carl Landwehr , Michael Caloyannides, Does Open Source Improve System Security?, IEEE Software, v.18 n.5, p.57-61, September 2001
Iváan Arce , Gary McGraw, Guest Editors' Introduction: Why Attacking Systems Is a Good Idea, IEEE Security and Privacy, v.2 n.4, p.17-19, July 2004
D. Guinier, Biological versus computer viruses, ACM SIGSAC Review, v.7 n.2, p.1-15, Summer 1989
Brian D. Carrier, Risks of live digital forensic analysis, Communications of the ACM, v.49 n.2, February 2006
Dror G. Feitelson , Millet Treinin, The Blueprint for Life?, Computer, v.35 n.7, p.34-40, July 2002
J. Smith , S. Russell , M. Looi, Security as a safety issue in rail communications, Proceedings of the 8th Australian workshop on Safety critical systems and software, p.79-88, October 01, 2003, Canberra, Australia
David Ungar , Adam Spitz , Alex Ausch, Constructing a metacircular Virtual machine in an exploratory programming environment, Companion to the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications, October 16-20, 2005, San Diego, CA, USA
Rolf Oppliger , Ruedi Rytz, Does Trusted Computing Remedy Computer Security Problems?, IEEE Security and Privacy, v.3 n.2, p.16-19, March 2005
Jason E. Holt, Logcrypt: forward security and public verification for secure audit logs, Proceedings of the 2006 Australasian workshops on Grid computing and e-research, p.203-211, January 16-19, 2006, Hobart, Tasmania, Australia
Andrew W. Appel , Neophytos Michael , Aaron Stump , Roberto Virga, A Trustworthy Proof Checker, Journal of Automated Reasoning, v.31 n.3-4, p.231-260, 2003
Martin Naedele , Thomas E. Koch, Trust and tamper-proof software delivery, Proceedings of the 2006 international workshop on Software engineering for secure systems, May 20-21, 2006, Shanghai, China
Peter G. Neumann, System and network trustworthiness in perspective, Proceedings of the 13th ACM conference on Computer and communications security, p.1-5, October 30-November 03, 2006, Alexandria, Virginia, USA
Sean Peisert , Sidney Karin , Matt Bishop , Keith Marzullo, Principles-driven forensic analysis, Proceedings of the 2005 workshop on New security paradigms, September 20-23, 2005, Lake Arrowhead, California
Jaap-Henk Hoepman , Bart Jacobs, Increased security through open source, Communications of the ACM, v.50 n.1, p.79-83, January 2007
Richard Ford, Open vs. closed: which source is more secure?, Queue, v.5 n.1, February 2007
Venugopalan Ramasubramanian , Emin Gün Sirer, Perils of transitive trust in the domain name system, Proceedings of the Internet Measurement Conference 2005 on Internet Measurement Conference, p.35-35, October 19-21, 2005, Berkeley, CA
Arthur M. Keller , Alan Dechert , Karl Auerbach , David Mertz , Amy Pearl , Joseph Lorenzo Hall, A PC-based open-source voting machine with an accessible voter-verifiable paper ballot, Proceedings of the USENIX Annual Technical Conference 2005 on USENIX Annual Technical Conference, p.52-52, April 10-15, 2005, Anaheim, CA
Earl Barr , Matt Bishop , Mark Gondree, Fixing federal e-voting standards, Communications of the ACM, v.50 n.3, March 2007
Bruce Schneier , Adam Shostack, Breaking up is hard to do: modeling security threats for smart cards, Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology, p.19-19, May 10-11, 1999, Chicago, Illinois
Cynthia E. Irvine , Karl Levitt, Trusted hardware: can it be trustworthy?, Proceedings of the 44th annual conference on Design automation, June 04-08, 2007, San Diego, California
Boris Feigin , Alan Mycroft, Jones optimality and hardware virtualization: a report on work in progress, Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation, January 07-08, 2008, San Francisco, California, USA
Ka-Ping Yee, Extending prerendered-interface voting software to support accessibility and other ballot features, Proceedings of the USENIX/Accurate Electronic Voting Technology on USENIX/Accurate Electronic Voting Technology Workshop, p.5-5, August 06, 2007, Boston, MA
Ted Huffmire , Brett Brotherton , Nick Callegari , Jonathan Valamehr , Jeff White , Ryan Kastner , Tim Sherwood, Designing secure systems on reconfigurable hardware, ACM Transactions on Design Automation of Electronic Systems (TODAES), v.13 n.3, p.1-24, July 2008
Gregory Conti, Could googling take down a president?, Communications of the ACM, v.51 n.1, January 2008
Sean Peisert , Matt Bishop , Keith Marzullo, Computer forensics in forensis, ACM SIGOPS Operating Systems Review, v.42 n.3, April 2008
Eugene H. Spafford, Inspiration and trust, Communications of the ACM, v.51 n.1, January 2008
Steve Trimberger, Trusted design in FPGAs, Proceedings of the 44th annual conference on Design automation, June 04-08, 2007, San Diego, California
Norman Feske, A case study on the cost and benefit of dynamic RPC marshalling for low-level system components, ACM SIGOPS Operating Systems Review, v.41 n.4, July 2007
Lifu Wang , Partha Dasgupta, Coprocessor-based hierarchical trust management for software integrity and digital identity protection, Journal of Computer Security, v.16 n.3, p.311-339, August 2008
Walter Chang , Brandon Streiff , Calvin Lin, Efficient and extensible security enforcement using dynamic data flow analysis, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
Kevin R.B. Butler , Stephen McLaughlin , Patrick D. McDaniel, Rootkit-resistant disks, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
Guido Schryen , Rouven Kadura, Open source vs. closed source software: towards measuring security, Proceedings of the 2009 ACM symposium on Applied Computing, March 08-12, 2009, Honolulu, Hawaii

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS

Additional Classification:
  K. Computing Milieux
  K.3 COMPUTERS AND EDUCATION


General Terms:
Documentation, Management


REVIEW

"Grady Gaston Early : Reviewer"

Ken Thompson's 1983 Turing Award lecture is a fascinating glimpse at a current sociological phenomenon :V unauthorized access to computer systems. The first part of the lecture deals with a hacker's delight :V in C, of course. The second part ex  more...

Collaborative Colleagues:
Ken Thompson: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player