Abstract of

'Scalable Concepts between Trust and Enforcement'

Enforcement and trust are opposite concepts in information security. This chapter reflects on the paradigm shift from traditional concepts of access control and policy enforcement toward to de-centralised methods for establishing trust between loosely connected entities. By delegating parts of enforcement tasks to trusted elements dispersed in a system, transitive trust relationships can be established. This is the most advanced evolvement of the organisational method of separation of duties within IT-security. The technological basis for trust in systems - Trusted Computing platforms - is described on conceptual levels allowing comparison with other top-level security concepts and mapping to application domains. Important applications in modern information systems and networks are e xhibited.