System trustworthiness tool and methodology
First Claim
1. A method for evaluating a designated system, comprising;
- receiving input relating to the designated system;
classifying the input into information about elements of the designated system;
evaluating the elements based on evaluation parameters corresponding to each of the elements; and
producing a representation of trustworthiness of the designated system based on the classified information.
1 Assignment
0 Petitions
Accused Products
Abstract
A tool and methodology are described that can evaluate the trustworthiness of a system. In one embodiment, the system is classified in terms of the resources that constitute the system, the codes that apply to the system, the services produced by the system, the risks incurred by the system, and the costs associated with its use. A functional component of a trust decision to use the system involves a calculus to evaluate whether the probability that the services as a result of using the system will exceed the risks that may occur as valued by a user. The cost component of a trust decision includes an evaluation that the use of a system will occur at an acceptable cost and will produce economically acceptable results.
-
Citations
35 Claims
-
1. A method for evaluating a designated system, comprising;
-
receiving input relating to the designated system; classifying the input into information about elements of the designated system; evaluating the elements based on evaluation parameters corresponding to each of the elements; and producing a representation of trustworthiness of the designated system based on the classified information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for evaluating a designated system, comprising:
-
receiving input relating to the designated system; classifying the input into information about elements of the designated system, wherein the information about the elements of the designated system includes information about the resources and codes of the designated system; and producing a representation of trustworthiness of the designated system based on the classified information.
-
-
13. A method for evaluating a designated system, comprising:
-
receiving input relating to the designated system; classifying the input into information about elements of the designated system, wherein the information about the elements of the designated system includes information about the services and risks of the designated system; and producing a representation of trustworthiness of the designated system based on the classified information.
-
-
14. A computer-readable medium bearing instructions for evaluating a designated system, said instructions being arranged, upon execution, to cause one or more processors to perform the steps of:
-
receiving input relating to the designated system; classifying the input into information about elements of the designated system; and producing a representation of trustworthiness of the designated system based on the classified information.
-
-
15. A tool for evaluating a designated system, comprising a computer system configured to perform the steps of:
-
receiving input relating to the designated system; classifying the input into information about elements of the designated system; and producing a representation of trustworthiness of the designated system based on the classified information.
-
-
16. A method for evaluating a plurality of designated systems, comprising:
-
producing respective trust profiles for the designated systems based on information about respective sets of elements of the designated systems; comparing the respective trust profiles, the step of comparing including, receiving a set of weights corresponding to at least one of a designated service and a designated risk, evaluating the respective trust profiles in accordance with the set of weights to produce respective numbers indicating respective trustworthiness of the designated systems, wherein each of the trust profiles references a corresponding functional profile that lists services performed by the corresponding designated system and risks incurred by operation of the corresponding designated system, and comparing the respective numbers.
-
-
17. A method for evaluating a plurality of designated systems, comprising:
-
producing respective trust profiles for the designated systems based on information about respective sets of elements of the designated systems; comparing the respective trust profiles, the step of comparing including, receiving a set of weights corresponding to at least one of a designated resource and a designated code, evaluating the respective trust profiles in accordance with the set of weights to produce respective numbers indicating respective trustworthiness of the designated systems, wherein each of the trust profiles references a corresponding functional profile that lists resources and codes, and comparing the respective numbers.
-
-
18. A computer-readable medium bearing instructions for evaluating the designated system, said instructions being arranged, upon execution, to cause one or more processors to perform the steps of:
-
producing respective trust profiles for the designated systems based on information about respective sets of elements of the designated systems; and comparing the respective trust profiles.
-
-
19. A tool for evaluating the designated system, comprising a computer system configured to perform the steps of:
-
producing respective trust profiles for the designated systems based on information about respective sets of elements of the designated systems; and comparing the respective trust profiles.
-
-
20. A method for evaluating a designated system, comprising:
-
receiving input indicative of a code that regulates conduct of a person operating the designated system or services performed by the designated system, wherein the input employs a referential digital sequence for the code, said referential digital sequence being derived from a hierarchical decomposition of the code; identifying a risk associated with the conduct of the person regulated by the code; and evaluating the trustworthiness of the designated system based on the identified risk. - View Dependent Claims (21)
-
-
22. A computer-readable medium bearing instructions for evaluating the designated system, said instructions being arranged, upon execution, to cause one or more processors to perform the steps of:
-
receiving input indicative of a code that regulates conduct of a person operating the designated system or services performed by the designated system; identifying a risk associated with the conduct of the person regulated by the code; and evaluating the trustworthiness of the designated system based on the identified risk.
-
-
23. A tool for evaluating the designated system, comprising a computer system configured to perform the steps of:
-
receiving input indicative of a code that regulates conduct of a person operating the designated system or services performed by the designated system; identifying a risk associated with the conduct of the person regulated by the code; and evaluating the trustworthiness of the designated system based on the identified risk.
-
-
24. A method for evaluating a designated system, comprising:
-
receiving input indicative of assets of the designated system; identifying services performed by the assets and risks incurred by operation of the assets; receiving a set of weights corresponding to at least one of a designated service and a designated risk; and evaluating the designated system based on the set of weights, the identified services, and the identified risks. - View Dependent Claims (25, 26, 27, 28, 29)
-
-
30. A method for evaluating trustworthiness of information produced by a system, comprising:
-
generating a trust signature for the system, wherein the trust signature indicates trustworthiness of the system; associating the trust signature to the information; and comparing the trust signature associated to the information with a trust specification specified by a user. - View Dependent Claims (31, 32)
-
-
33. A method for classifying elements of a designated system to facilitate automated evaluation of trustworthiness of the designated system:
-
hierarchically decomposing a code applicable to the system into a listing that pertains to a related service and a related risk; assigning a referential digital sequence number to the listings of the decomposed code; and assigning referential digital sequence numbers to the related service and the related risk; whereby the referential digital sequence numbers can be employed to identify services and risks related to the code. - View Dependent Claims (34, 35)
-
Specification