January 31, 2008
What is a Trusted Computing Base?
Well, Wikipedia defines the trusted computing base as follows:
"The trusted computing base (TCB) of a computer system is the set of all hardware, firmware, and software components that are critical to its security. Bugs occurring inside the TCB might jeopardize the security properties of the entire system."
What is important to know is that reducing the size of the Trusted Computing Base, which reduces the likelihood of bugs within the TCB, improves the overall security of a computer system. All code that runs in the privileged mode of the underlying processor is part of the TCB; however, the TCB almost always includes other software as well. For example, in a Linux system, any daemon running as root would be part of the TCB.
The Trusted Computing Base is always relative to a particular program since different programs depend on different things. Developers looking to provide more secure environments for particular programs should strive to place those programs in an environment with a small TCB. OKL4 offers exactly that capability. It allows such programs to exist in a small TCB execution environment alongside a full operating system environment with a much larger TCB.
This question, and a few more, are answered in our FAQ page.
Posted by Robert C. McCammon on January 31 at 10:14 AM
About Robert C. McCammon:
Rob McCammon, Vice President of Product Management, is in charge of overseeing the product roadmap and developing product strategies. With his challenging role and as the father of six, Rob would like to thank the makers of Diet Pepsi Max for allowing him to survive each day. Rob loves music and even when he is jet lagged and sleep-deprived, he would never miss a concert.