Turtles All The Way Down: A Clean-Slate, Ground-Up, First-Principles Approach to Secure Systems
S. Peisert, E. Talbot, and M. Bishop, “Turtles All The Way Down: A Clean-Slate, Ground-Up, First-Principles Approach to Secure Systems,” Proceedings of the 2012 New Security Paradigms Workshop (Sep. 2012).
- Published version web page, free at ACM Digital Library 
- Published version web page, paper paywalled at ACM Digital Library: [DOI] [URL]
In this paper, we present a set of security requirements for critical systems, fundamental premises that those requirements would entail, and ideas for implementations that would instantiate those premises. We discuss the overriding requirement guiding our paradigm: that “first principles” reflects the only real security strategy, where first principles are ideally provable, often measurable; and at minimum, possible to order and bound. These principles allow us to take into account that many security policies may be even be in conflict, and as such, proofs, measures, and ordering gives an analyst (or even better, an automated system) the metrics that one needs in order to make informed decisions about how to resolve conflicts. We demonstrate several metrics that enable this, including state replication, data slicing, collusion, and information theory.rchers can explore resilience with respect to integrity, availability and confidentiality.