Trusted computing base: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 04:35, 16 October 2022 edit Hobbitina (talk \| contribs) Extended confirmed users 987 edits Grammar edits Tag: Visual edit ← Previous edit		Latest revision as of 09:48, 22 July 2025 edit undo ZalnaRs (talk \| contribs) 243 edits remove link Tags: Manual revert Visual edit
(6 intermediate revisions by 6 users not shown)
Line 1: {{short description\|Set of all computer components critical to its security}} {{textbook\|date=February 2020}}▼ {{distinguish\|Trusted Computing}} ▲{{textbook\|date=February 2020}} The '''trusted computing base''' ('''TCB''') of a [[computer system]] is the set of all [[Computer hardware\|hardware]], [[firmware]], and/or [[software]] components that are critical to its [[computer security\|security]], in the sense that [[Software bug\|bugs]] or [[Vulnerability (computing)\|vulnerabilities]] occurring inside the TCB might jeopardize the security properties of the entire system. By contrast, parts of a computer system that lie outside the TCB must not be able to misbehave in a way that would leak any more [[privilege (computer science)\|privilege]]s than are granted to them in accordance to the system's [[security policy]]. Line 8: ==Definition and characterization== The term ~~'''trusted computing base'''~~ goes back to [[John Rushby]],<ref> {{cite conference \| first = John Line 51: ===Trusted vs. trustworthy=== As stated [[#A prerequisite to security\|above]], [[Trusted system\|trust]] in the trusted computing base is required to make any progress in ascertaining the security of the computer system. In other words, the trusted computing base is “trusted” first and foremost in the sense that it ''has'' to be trusted, and not necessarily that it is trustworthy. Real-world operating systems routinely have security-critical bugs discovered in them, which attests to the practical limits of such trust.<ref>[[Bruce Schneier]], [http://www.schneier.com/crypto-gram-0103.html#1 The security patch treadmill] (2001)</ref> The alternative is formal [[software verification]], which uses mathematical proof techniques to show the absence of bugs. Researchers at [[NICTA]] and its spinout [[Open Kernel Labs]] have recently performed such a formal verification of ~~[http://ssrg.nicta.com.au/projects/~~seL4~~/ seL4]~~, a member of the [[L4 microkernel\|L4 microkernel family]], proving functional correctness of the C implementation of the kernel.<ref Name="Klein_EHACDEEKNSTW_09"> {{ cite conference \| first = Gerwin Line 95: ==Examples== [[AIX operating system\|AIX]] materializes the trusted computing base as an optional component in its install-time package management system.<ref>[~~http~~https://~~www~~web.archive.org/web/20160624012547if_/redbooks.ibm.com/pubs/pdfs/redbooks/sg245962.pdf AIX 4.3 Elements of Security], August 2000, chapter 6.</ref> ==See also==