Models are the foundations of science and engineering. Well known examples of models can be found in physics, geology, economy, astronomy, weather forecasting, etc. It is important that for each application the correct model is used. Indeed, the progress of science relies on finding models that describe accurately the main features of the application. Frequently models must be radically adjusted to take into account new technological developments or to make the models more accurate.
Most models used in trusted systems are over 20 years old, that is before the introduction of the internet, computer viruses, the World Wide Web, hacking, denial of service attacks, poorly tested operating systems, etc. Since computer systems changed dramatically during this period, the models used for computer security are outdated and often unrealistic. There is a need to start a process of analyzing whether some of the earlier models are still appropriate, and if not, adapt them. If one does not address this issue the gap between reality and research is going to widen, making research in this area irrelevant.
The goals are: - to critically analyze existing models for trusted systems, - to propose new models using techniques from such disciplines as computational complexity, discrete mathematics, and economics. - to compare these models and evaluate them.
