What is a Trusted System or Trusted Computing Base?

A trusted system or a trusted computing base (TCB) provides a secure environment for computer systems that includes the operating system and its security mechanisms, software protection, hardware, physical locations, network hardware and software, firmware, and prescribed procedures (Rouse, 2005). The main features of a trusted computing base are it is reliable, secure and meets the requirements of the users. It enforces security policies to ensure the security of the system and its information. The system safety is achieved by provisioning methods, like controlling access, requiring authorization to access specific resources, enforcing user authentication, safeguarding anti-malware and backing up data (Techopedia, n.d).

The two most important elements of a TCB are the objects and subjects. Objects are anything within the trusted system environment where users are granted to use or access which are labeled with sensitivity levels. Objects can be processes, software, or hardware, and it is a passive entity that are designed to contain or receive information (Gregg, 2013, para 8). Subjects, on the other hand, are processes that wanted to access the objects, which are active entities such as people, processes, or devices (Gregg, 2013, para 7). All the objects must have cleared the same level of classification or higher.

These elements are controlled by the reference monitor that can be designed to use tokens, capability lists, or labels (Gregg, 2013, para 10).
Tokens are used to communicate security attributes before requesting access.
Capability lists offers faster lookup than security tokens but are not as flexible.
Security labels are used by high-security systems because labels offer permanence. This is provided only by security labels.

The concept of TCB should be applied to software’s that handles and manage highly sensitive information. Some examples are health care software that stores patient information, financial and banking software’s and almost every operating system. Web and cloud computers should also have TCB to prevent unauthorized access and vulnerability to data leak and hacking.

References

Gregg, M. (2013). CISSP Exam Cram: Security Architecture and Models. Retrieved from http://www.pearsonitcertification.com/articles/article.aspx?p=1998558&seqNum=3
Rouse, M. (2005). Trusted computing base (TCB). Retrieved from http://searchsecurity.techtarget.com/definition/trusted-computing-base
Techopedia (n.d). Trusted Computing Base (TCB). Retrieved on July 27, 2016 from https://www.techopedia.com/definition/4145/trusted-computing-base-tcb

Comments

What is a Trusted System or Trusted Computing Base?

What do you think?

Comments

Leave a ReplyCancel reply

Securing a Central Computer Network

Protect confidential files from theft using data encryption products

How to start, stop, and restart a MySQL database server?

What to Know About Joint Application Development (JAD) Process

Why Having a Short or Branded URL is Important

30+ Trendy Color Palettes with Gradient Palettes

How to compress files and folders in terminal

How to Add and Delete Users on Ubuntu 16.04 | DigitalOcean

Setting Up an Apache Virtual Hosts on Ubuntu 14.04 LTS

Important Notes About Test-Driven Development (TDD)

What are the Basics of Project Management?

3D Printing 300 Face Shields (PER DAY) – LTT

What do you think?

Comments

Leave a ReplyCancel reply

Log In

Sign In

Forgot password?

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections