Trusted Computing Base (TCB)
Base components that enforce the fundamental protection mechanisms on a computing system.
Hardware;
Firmware;
Software.
TCB vulnerabilities potentially affect the security of the entire system
TCB by TCSEC (Trusted Computer System Evaluation Criteria, aka Orange Book)
The totality of protection mechanisms within a computing system - including hardware, firmware, and software - the combination of which is responsible for enforcing a computer security policy.
A TCB consists of one or more components that together enforce a unified security policy over a product or system.
The ability of a trusted computing base to correctly enforce a security policy depends solely on the mechanisms within the TCB and on the correct input by system administrative personnel of parameters (e.g., a user's clearance) related to the security policy.
TCB by MITRE
A TCB is a hardware and software access control mechanism that establishes a protection environment to control the sharing of information in computer systems. A TCB is an implementation of a reference monitor, […], that controls when and how data is accessed.
TCB fundamental components
CPU security mechanisms.
Protection rings;
Virtualization;
Other mechanisms;
E.g. Intel SGX enclaves, etc.
Operating system security model.
Computational model;
Access rights and privileges.
Last updated