Techniques are described herein for managing unknown-unknowns in cyber-security. Trust degradation is a precursor index to failure. The use cases of scoring the trust degradation in a system span to almost every aspect in networking, edge and cloud included. A well devised Trust Evaluation Function (TEF) will cover many use cases: for example (1) better and adaptive private key management (e.g., re-keying); (2) better and adaptive end user experience password management and its fine grain monitoring in a data center; (3) better and adaptive digital asset certifications; (4) troubleshooting; and (5) real-time scalability and risk assessment for extremely large network, for example in federated cloud environment. The features of a digital trust scoring will start to reflect the likelihood of erosion of trust created on day 0. Platform independency is achieved when the score is a degradation of the trust and not the trust value alone. A trust value may start erroneously, but the rate of change may lead to continuous evaluation. Therefore, the originating trust is set as a prior. Erosion will thus work with time against the assumed original trust. In the example of an expiration date or a combinatorial complexity erosion of a private key, the realization of a trust erosion is not a Boolean fail pass type, but a relative factor number. On a comprehensive integrated analytical dashboard, the trust factor produces the percent life left of given a digital secret.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Maluf, David A., "MANAGING UNKNOWN-UNKNOWNS IN CYBER-SECURITY", Technical Disclosure Commons, (August 13, 2018)