Fact-checked by Grok 2 weeks ago

Trusted computing base

The trusted computing base (TCB) is the totality of protection mechanisms within a computer system—including hardware, firmware, and software—that are responsible for enforcing the system's security policy.^[1] This base forms the foundation of a system's security architecture by isolating sensitive resources and mediating access to prevent unauthorized actions. Key components of the TCB include the reference monitor, an abstract mechanism that validates all subject-object interactions to ensure compliance with security rules, and the security kernel, the implementation of the reference monitor that enforces these rules through hardware, firmware, and software protections.^[2] The TCB is intentionally minimized in scope to reduce potential vulnerabilities, focusing only on elements essential for policy enforcement while excluding non-security-critical parts of the system.^[2] The concept of the TCB originated from efforts to standardize computer security in the U.S. Department of Defense during the 1970s and early 1980s, building on foundational models like the Bell-LaPadula security model for confidentiality.^[2] It was formalized in the Trusted Computer System Evaluation Criteria (TCSEC), known as the Orange Book, published by the DoD in December 1985 as DoD 5200.28-STD.^[2] The TCSEC established a framework for assessing TCB robustness through four divisions of evaluation classes: D (minimal protection, for systems failing higher criteria), C (discretionary protection, with subclasses C1 for basic identification and authentication, and C2 for controlled access and auditing), B (mandatory protection, with B1 for labeled security, B2 for structured design and covert channel analysis, and B3 for security domains and penetration resistance), and A (verified protection, with A1 requiring formal verification of the TCB design).^[2] These criteria emphasized assurance levels for the TCB, including policy enforcement, accountability, and operational integrity, influencing procurement and certification of secure systems for government use.^[2] Over time, the TCSEC evolved through interim standards like the Federal Criteria in 1993, leading to the international Common Criteria (CC) framework (ISO/IEC 15408), first published in 1996 and adopted as an ISO standard in 1999.^[3] Under Common Criteria, the TCB concept aligns with the Target of Evaluation (TOE), which specifies and assures security functions in products, extending TCSEC principles globally while incorporating functional and assurance requirements for broader IT security evaluations.^[3] Today, the TCB remains central to designing secure systems, particularly in high-assurance environments like confidential computing^[4] and embedded devices.^[5]

Introduction

Definition and Scope

The Trusted Computing Base (TCB) refers to the totality of protection mechanisms within a computer system—including hardware, firmware, and software—the combination of which is responsible for enforcing a security policy. This definition emphasizes the TCB's role as the foundational set of components that ensure the system's security objectives are met by controlling access to resources and maintaining confidentiality, integrity, and availability as dictated by the policy. The TCB is isolated from the rest of the system to prevent interference from untrusted code or processes, thereby preserving its reliability in policy enforcement.^[2] The scope of the TCB is strictly limited to those elements essential for security enforcement, excluding non-critical system functions such as user applications or peripheral drivers that do not directly impact policy implementation. This boundary is defined by the security perimeter, which identifies the interfaces and components subject to evaluation and verification, ensuring that only necessary parts are included to avoid unnecessary complexity. By design, the TCB does not encompass the entire system but focuses on the minimal set required to mediate security-relevant operations, allowing untrusted portions to operate outside its control while relying on it for protection.^[2] Conceptually, the TCB functions as a security kernel that mediates all access by subjects (such as processes) to objects (such as files or devices), ensuring that every security-sensitive interaction passes through its controlled mechanisms. Key characteristics include totality, where all relevant protection components are unified within the TCB; isolation, achieved through distinct address spaces and hardware features to shield it from external tampering; and correctness, requiring verifiable implementation that aligns precisely with the specified policy without flaws. These attributes collectively enable the TCB to provide a secure foundation for the system, with its effectiveness depending on the integrity of these isolated and verified elements.^[2]

Historical Development

The concept of the Trusted Computing Base (TCB) traces its roots to early efforts in secure operating systems during the 1960s and 1970s, particularly the Multics project, a collaborative initiative by MIT, Bell Labs, and General Electric that pioneered multilevel security features like hierarchical protection rings to enforce access controls in a time-sharing environment.^[6] This work laid foundational ideas for isolating trusted components from untrusted ones, influencing subsequent secure kernel designs in military systems.^[6] In the early 1970s, U.S. Department of Defense (DoD) initiatives formalized these concepts, with the 1972 Anderson Report—commissioned by the U.S. Air Force—articulating the need for a protected subsystem as a core mechanism to ensure system security by limiting the scope of trusted elements.^[7] The report emphasized research into multilevel secure computing to protect sensitive information, marking the first explicit call for what would evolve into the TCB framework.^[7] The 1980s saw significant advancement through DoD standards for multilevel secure systems, culminating in the Trusted Computer System Evaluation Criteria (TCSEC), known as the "Orange Book," published in December 1985.^[2] TCSEC explicitly defined the TCB as the totality of hardware, software, and firmware responsible for enforcing a security policy, establishing evaluation classes from D (minimal protection) to A1 (verified design) to certify systems for handling classified data.^[2] By the 1990s, international harmonization efforts led to the Common Criteria (ISO/IEC 15408), with initial versions issued in 1994 and adoption as an international standard in 1999, which superseded TCSEC by providing a flexible, globally recognized framework for evaluating IT security, including TCB integrity through assurance levels EAL1 to EAL7.^[8] This standard shifted focus from U.S.-centric military applications to broader commercial and international use, incorporating TCB minimization and verification principles.^[8] Post-2000, the TCB concept extended into commercial applications with the formation of the Trusted Computing Group (TCG) in April 2003, which developed standards for the Trusted Platform Module (TPM) to provide hardware roots of trust for platform integrity measurement and attestation. The initial TPM specifications, released in 2003, enabled secure boot processes and key management, bridging military-grade TCB principles to consumer devices like PCs and servers.^[9]

Core Principles

Foundation in Security Policy

A security policy consists of formal statements delineating rules for access to resources, ensuring confidentiality, integrity, and availability of information within a system.^[10] These policies specify constraints on interactions between subjects (such as users or processes) and objects (such as files or devices), forming the foundational rules that govern secure operations. The trusted computing base (TCB) serves as the enforcement mechanism for this security policy, interpreting and applying its rules without deviation to mediate all access attempts.^[1] As the reference monitor, the TCB validates every reference by subjects to objects against the policy, ensuring that only authorized interactions occur and preventing unauthorized access or modifications. This role positions the TCB as the core component responsible for upholding the policy across the entire system, encompassing hardware, firmware, and software elements critical to security.^[11] Security policies operate at various abstraction levels, ranging from mandatory access control (MAC) models, which impose system-wide rules based on classifications like sensitivity levels, to discretionary access control (DAC) models, where resource owners determine access permissions.^[12] A seminal example of a MAC policy is the Bell-LaPadula model, which enforces confidentiality through rules preventing information flow from higher to lower security levels, originally developed for multilevel secure systems. In contrast, DAC allows flexibility but relies on user discretion, potentially introducing vulnerabilities if not aligned with broader policy goals.^[12] Changes to the security policy necessitate re-evaluation or redesign of the TCB to ensure continued compliance, as the enforcement mechanisms must align precisely with the updated rules throughout the system's life cycle.^[2] Such modifications can occur during development or operations, requiring formal verification to maintain the TCB's integrity and prevent policy violations.^[13] This dynamic linkage underscores the TCB's dependence on a stable, well-defined policy for effective security enforcement.

Role as Security Prerequisite

The security of an entire computing system fundamentally reduces to the integrity of its Trusted Computing Base (TCB), as the TCB encompasses all components critical to enforcing the system's security policy; any compromise within it renders the overall protection ineffective, much like a "garbage in, garbage out" principle applied to security mechanisms.^[2] Without a sound TCB, no amount of additional safeguards in untrusted portions of the system can guarantee enforceable security, since the TCB must mediate all access decisions to prevent unauthorized actions.^[11] In the enforcement model, the TCB acts as the singular reference validation mechanism for security decisions, ensuring tamper-proof mediation between subjects (e.g., processes) and objects (e.g., data resources) in accordance with the defined security policy. This mediation requires the TCB to be always invoked for relevant operations, thereby isolating protected resources from potential tampering by untrusted code or users.^[2] Failure of the TCB results in total system vulnerability, where adversaries can bypass all protections, leading to unauthorized access, data exfiltration, or complete loss of confidentiality and integrity regardless of other implemented safeguards.^[11] For instance, if the TCB's enforcement logic is subverted, even robust encryption or access controls outside the TCB become irrelevant, as the mediation point itself is untrustworthy.^[14] Theoretically, the TCB's role as a prerequisite is grounded in formal verification approaches, where proofs of the TCB's correctness—demonstrating compliance with a formal security policy model—imply the security of the entire system, provided the TCB is the sole enforcer.^[2] This basis ensures that system-wide security properties, such as non-interference or information flow control, hold if and only if the TCB operates as specified.

Self-Protection Mechanisms

The trusted computing base (TCB) must protect its components from unauthorized modifications by untrusted processes to ensure the integrity and enforcement of the system's security policy. This protection need arises because any alteration to TCB elements could compromise the entire security architecture, allowing subjects to bypass access controls or escalate privileges. Key mechanisms include memory isolation, which enforces distinct address spaces for TCB execution to prevent interference from user-level processes, and privilege rings, which utilize hardware features like CPU modes (e.g., kernel mode) to restrict access based on hierarchical levels of sensitivity.^[2]^[7] Specific self-protection mechanisms encompass hardware-enforced isolation, cryptographic integrity checks, and runtime monitoring. Hardware isolation relies on processor architectures that segment memory and enforce mode switches, ensuring that untrusted code cannot access or modify TCB domains. Cryptographic integrity checks, such as code signing, verify the authenticity and unaltered state of TCB software and firmware during loading or execution, using digital signatures to detect tampering. Runtime monitoring involves periodic validation of TCB components through hardware or software features that confirm operational correctness, thereby detecting and responding to potential interference in real time. These mechanisms collectively form a tamper-resistant layer, as outlined in foundational criteria for secure systems.^[2] Implementing these self-protection features presents challenges, particularly in balancing robust security with system performance and avoiding exploitable complexity. Strong isolation and monitoring can introduce overhead, such as context-switching costs in privilege rings or computational expenses in cryptographic verifications, potentially degrading throughput in high-performance environments. Moreover, expanding the TCB to incorporate advanced protections risks increasing its size and complexity, which undermines analyzability and introduces new vulnerabilities. Effective designs therefore emphasize minimization and modularity to mitigate these trade-offs.^[2]^[7] A formal requirement for the TCB is that it must be self-defending, meaning it maintains isolation and tamper resistance as part of the reference monitor concept, which mediates all security-sensitive operations without external dependencies. This self-defending property ensures the reference monitor is always invoked, tamper-proof, and verifiable, preventing any unmediated access that could erode system security. Such requirements underpin evaluation criteria for trusted systems, demanding demonstrable evidence of protection completeness.^[7]^[2]

Trusted vs. Trustworthy Distinction

In the context of a trusted computing base (TCB), the term "trusted" refers to the set of system components—such as hardware, firmware, and software—upon which the overall security of the system relies, without implying any inherent reliability or security guarantees.^[15] These components are deemed critical because their correct operation is essential for enforcing the system's security policy, but labeling them as trusted merely acknowledges their foundational role rather than verifying their robustness.^[16] In contrast, "trustworthy" describes components that have been rigorously proven to behave securely through evidence-based assurance processes, ensuring they resist tampering, unauthorized access, and other threats as intended.^[15] This distinction underscores that trust in a TCB is positional and assumptive, while trustworthiness demands demonstrable properties like verifiability and tamper-evidence.^[16] Placing blind trust in unverified TCB elements carries significant risks, as flaws in these components can cascade into system-wide compromises. For instance, the Dirty COW vulnerability (CVE-2016-5195), a race condition in the Linux kernel's memory management, allowed local attackers to escalate privileges by modifying read-only memory mappings, affecting millions of systems and enabling root access exploits in the wild since its discovery in 2016.^[17] Such incidents highlight how kernels, often central to a TCB, can harbor undetected bugs due to their complexity—sometimes millions of lines of code—leading to privilege escalations or denial-of-service attacks when not subjected to thorough verification.^[18]^[16] Historical breaches like these demonstrate that assuming trustworthiness without evidence undermines the entire security architecture, potentially exposing sensitive data or enabling broader intrusions.^[17] The path to trustworthiness spans a spectrum of assurance techniques, ranging from informal code reviews and testing to advanced formal methods. Informal approaches, such as peer reviews or penetration testing, provide basic confidence but cannot exhaustively prove absence of flaws, while semi-formal evaluations like those in Common Criteria (e.g., EAL4 or EAL5) incorporate structured specifications and testing.^[16] At the higher end, formal methods employ mathematical proofs and tools like model checking or theorem provers—such as Isabelle/HOL used in the seL4 microkernel verification—to guarantee properties like absence of buffer overflows or unauthorized state changes from specification to implementation.^[16] These methods, though resource-intensive, offer the strongest evidence of security, far surpassing traditional testing in rigor. For a TCB to effectively underpin system security, all its components must strive for trustworthiness to validate the trust placed in them, as unproven elements introduce unacceptable vulnerabilities.^[16] This imperative often aligns with TCB minimization principles, where reducing the scope of trusted components facilitates deeper verification efforts.^[15] Ultimately, prioritizing trustworthiness over mere trust ensures the TCB serves as a reliable security foundation rather than a potential weak link.^[16]

Minimization of TCB Size

The principle of minimizing the size of the Trusted Computing Base (TCB) is fundamental to enhancing system security by reducing the scope of components that must be rigorously verified and protected. A smaller TCB facilitates thorough testing, auditing, and formal verification, as the reduced complexity lowers the probability of undetected flaws or vulnerabilities. Conversely, an expanded TCB introduces more potential entry points for attacks, amplifying the risk of compromise across a broader codebase or hardware surface. This approach aligns with established security evaluation criteria, which emphasize modularity and simplicity to keep the TCB as compact as feasible.^[19] One primary strategy for TCB minimization involves adopting microkernel architectures, which confine the kernel to essential mechanisms such as inter-process communication (IPC), thread management, and basic memory protection, while relocating non-critical services—like device drivers and file systems—to user-space processes. This design contrasts sharply with monolithic kernels, where the entire operating system, including drivers and applications, operates within a single privileged address space, resulting in a significantly larger TCB. For instance, the seL4 microkernel implements this minimalism with approximately 8,700 lines of C code, enabling comprehensive formal verification of its functional correctness and security properties. In comparison, a monolithic kernel like Linux exceeds 40 million lines of code, encompassing a vast TCB that is challenging to fully audit.^[20]^[21]^[22] Despite these benefits, TCB minimization entails trade-offs, particularly in performance, as microkernel isolation requires frequent context switches and IPC overhead to enforce boundaries between components, potentially increasing latency for system calls compared to the direct execution in monolithic designs. However, this overhead is often offset by the security gains, including fault isolation that prevents a single faulty or malicious module from compromising the entire system—a vulnerability more prevalent in larger, integrated kernels. These isolation mechanisms also contribute to self-protection by limiting the propagation of errors within the TCB.^[20]^[22] TCB size is typically measured in lines of code (LOC) or the number of functional modules, providing quantifiable indicators of verifiability; for example, systems aiming for ideal minimalism target under 10,000 LOC for the kernel, as exemplified by seL4, which has been proven secure against a comprehensive threat model through mathematical verification rather than empirical testing alone. In practice, such metrics guide evaluations, ensuring that only indispensable elements remain in the TCB while extraneous features are externalized to untrusted domains.^[20]^[19]

Components

Hardware Elements

The hardware elements of the Trusted Computing Base (TCB) encompass critical components that enforce security policies through isolation, cryptographic protection, and integrity verification at the physical layer. Central to this are processor features that provide foundational isolation mechanisms. Modern CPUs incorporate protected modes, such as privilege rings (e.g., user mode at ring 3 and kernel mode at ring 0 in x86 architectures), which restrict access to sensitive resources and prevent unauthorized escalation of privileges.^[23] These modes ensure that untrusted code cannot directly manipulate hardware states, forming a hardware-enforced boundary within the TCB.^[23] The Memory Management Unit (MMU) further bolsters isolation by implementing virtual memory addressing and page-level protections, allowing the TCB to segregate processes and enforce memory access controls without relying on larger software layers.^[23] In TCB designs, the MMU is often configured to minimize trusted code exposure, such as by disabling it in highly privileged monitor modes to avoid including page table handlers in the TCB.^[23] Interrupt handling mechanisms, provided by the CPU's interrupt controller (e.g., APIC in x86), enable secure context switches by vectoring hardware events to privileged handlers, ensuring that external signals like timer or device interrupts trigger controlled transitions to kernel-level code without compromising isolation.^[24] Specialized hardware modules extend the TCB's capabilities for cryptographic enforcement. The Trusted Platform Module (TPM), a dedicated microcontroller, serves as a secure root for storing encryption keys, certificates, and platform measurements, performing operations like RSA signing and SHA hashing resistant to software tampering.^[25] Integrated into the motherboard, the TPM authenticates hardware integrity and supports attestation, ensuring that only verified configurations proceed in the boot process.^[25] Similarly, secure enclaves, exemplified by Intel Software Guard Extensions (SGX), create hardware-isolated execution environments (enclaves) that protect sensitive code and data from higher-privilege software, including the OS kernel, using CPU instructions to encrypt memory regions and attest enclave integrity.^[26] The SGX TCB includes hardware components like the Enclave Page Cache (EPC) for encrypted storage and microcode updates to maintain isolation guarantees.^[26] Firmware interfaces, particularly BIOS and UEFI, define the TCB boundary during system initialization by establishing boot integrity as the root of trust. UEFI Secure Boot verifies the cryptographic signatures of bootloaders and OS images using public keys stored in firmware, preventing unauthorized code execution from the pre-boot environment.^[27] This process measures firmware components into the TPM's Platform Configuration Registers (PCRs), creating a chain of trust that extends from immutable ROM-based roots to higher software layers, with mechanisms like Intel Boot Guard authenticating BIOS code against fused keys.^[27] Hardware-specific threats, such as side-channel attacks exploiting shared resources like caches, pose risks to TCB integrity by leaking information through timing or power variations. Cache side-channel attacks, for instance, can infer enclave data in SGX by observing cache eviction patterns.^[28] Mitigations integrated into TCB hardware include transactional memory extensions like Intel TSX, which preload sensitive data into private cache states during execution; any cache miss aborts the transaction, preventing observable leaks while maintaining performance with minimal overhead (e.g., up to 1.2% for typical workloads).^[28] These hardware defenses ensure the TCB remains resilient without expanding the trusted software footprint.^[28]

Software and Firmware Elements

The software elements of the Trusted Computing Base (TCB) primarily encompass the operating system kernel and associated modules responsible for enforcing the system's security policy. At the core is the security kernel, which implements the reference monitor concept to mediate all subject-object interactions, ensuring that access decisions align with mandatory and discretionary policies.^[2] This includes components such as access control lists (ACLs) for discretionary access management, where subjects are granted permissions based on predefined user or group lists, and authentication modules that verify user identities through mechanisms like passwords or biometrics before granting access to protected resources.^[2] These elements operate with minimal privilege, structured into modular layers to isolate critical functions and reduce the attack surface.^[2] Firmware components within the TCB focus on initializing and securing the boot process, ensuring that only trusted code executes from startup. Bootloaders, such as those in UEFI firmware, validate the integrity of subsequent software loads, including the kernel and initial drivers, using cryptographic signatures to prevent unauthorized modifications.^[29] Device drivers integral to the TCB handle hardware interactions for security-critical operations, such as input/output controls bound to sensitivity levels, thereby enforcing policy during system initialization and runtime I/O.^[2] The Core Root of Trust for Measurement (CRTM), often embedded in BIOS or UEFI firmware, serves as the immutable starting point for this chain, measuring and attesting to the trustworthiness of loaded components.^[29] Isolation techniques within the TCB's software and firmware bounds leverage virtualization to separate execution environments, preventing unauthorized interference. Hypervisors, as part of the TCB, provide hardware-assisted process isolation through distinct address spaces and domain enforcement, allowing multiple virtual machines to run securely on shared hardware while the hypervisor mediates resource access.^[30] Container runtimes, when integrated into the TCB, achieve similar isolation via kernel namespaces and cgroups, though they rely on the underlying OS kernel for enforcement, minimizing overhead compared to full virtualization.^[31] These mechanisms ensure that untrusted applications cannot compromise the TCB or other isolated partitions. Software and firmware elements in the TCB exhibit tight interdependencies with hardware for effective policy enforcement, particularly through system call (syscall) interfaces that invoke privileged hardware features like memory protection units or cryptographic accelerators. For instance, the reference monitor in software issues syscalls to hardware segmentation mechanisms to validate access attempts, ensuring tamper-resistant operation without exposing kernel internals.^[2] Firmware boot processes similarly depend on hardware roots of trust, such as Trusted Platform Modules (TPMs), to measure and protect initial loads before transitioning control to the software kernel.^[32] This hardware-software synergy is essential for maintaining the TCB's integrity across the boot and operational phases.

Design and Implementation

Key Design Principles

The design of a trusted computing base (TCB) relies on established security principles to ensure its reliability, verifiability, and resistance to compromise. These principles, originally articulated by Saltzer and Schroeder in their seminal 1975 paper, emphasize simplicity, explicit permissions, and comprehensive enforcement to minimize vulnerabilities in the mechanisms that protect system resources.^[33] In the context of TCB development, the U.S. Department of Defense's Trusted Computer System Evaluation Criteria (TCSEC, or Orange Book) incorporates and adapts these guidelines to mandate secure architecture for components enforcing security policies.^[2] By adhering to them, TCB designers prioritize mechanisms that are auditable and less prone to implementation flaws. Principle of least privilege requires that TCB components and associated subjects operate with the minimal set of permissions necessary to perform their functions, thereby limiting the potential impact of errors, malfunctions, or exploitation.^[33] This approach confines privileges to specific tasks, reducing the attack surface and facilitating auditing by narrowing the scope of potential misuse.^[33] For TCBs, the TCSEC explicitly mandates that modules be structured to enforce this principle, ensuring that even core enforcement elements do not retain unnecessary access rights.^[2] Economy of mechanism advocates for simple and small designs in protection systems to ease verification and reduce the likelihood of errors.^[33] Complex implementations increase the risk of overlooked flaws, whereas straightforward mechanisms allow for thorough inspection and testing.^[33] In TCB design, this translates to using conceptually simple protection structures with precisely defined semantics, as required by higher assurance levels in the TCSEC, promoting reliability without unnecessary features.^[2] Open design insists that security mechanisms should not rely on the secrecy of their design or implementation, instead depending on the confidentiality of keys or other parameters for protection.^[33] This avoids "security through obscurity," enabling independent review and improvement by the community while maintaining strength through auditable code.^[33] For TCBs, the TCSEC supports this by requiring comprehensive documentation of the protection philosophy and interfaces, allowing evaluators to assess the design without proprietary barriers.^[2] Fail-safe defaults stipulate that access decisions default to denial unless explicit permission is granted, basing controls on positive authorization rather than exclusion rules.^[33] This ensures that in ambiguous or failure scenarios, protection remains intact, preventing unintended access.^[33] Within TCB frameworks, the TCSEC enforces this through mechanisms that protect objects from unauthorized access by default or user action, aligning with mandatory and discretionary policies.^[2] Complete mediation demands that every access to every object be checked for authority to enforce the security policy consistently.^[33] Without this, bypasses could undermine the entire protection scheme, so the TCB must intervene in all relevant operations.^[33] The TCSEC requires TCBs to mediate all subject-object interactions under mandatory access control, ensuring no unvetted paths exist.^[2] Separation of privilege requires multiple distinct keys, passwords, or authorizations for operations involving sensitive resources, increasing security by necessitating collusion for compromise.^[34] This principle enhances TCB robustness by distributing trust across independent controls, aligning with TCSEC requirements for structured module isolation in higher assurance classes.^[2] Least common mechanism minimizes the sharing of protection mechanisms among users to avoid unintended interactions or covert channels.^[34] In TCB design, this supports isolation of security functions, as emphasized in TCSEC guidelines for independent modules and reduced complexity.^[2] Psychological acceptability ensures that security mechanisms are easy to use and understand, promoting correct application without excessive burden.^[34] For TCBs, this aids in verifiable implementations and user compliance with policies, though TCSEC focuses more on technical enforcement than usability.^[2]

Evaluation and Certification

The evaluation and certification of a Trusted Computing Base (TCB) involve rigorous processes to assess its security properties, ensuring it meets defined standards for protection against unauthorized access and tampering. These processes typically include multilevel criteria that escalate in stringency, from basic functional testing to formal mathematical proofs of correctness. Historically, the Trusted Computer System Evaluation Criteria (TCSEC), developed by the U.S. Department of Defense, established a foundational framework with four divisions ranging from D (minimal protection, for systems failing higher requirements) to A (verified protection).^[2] Within these, classes C1 and C2 provide discretionary protection through user identification and auditing, while B1 to B3 introduce mandatory access controls, structured designs, and penetration resistance; the highest class, A1 (verified design), mandates formal verification to prove the TCB's consistency with a formal security model down to the source code level.^[2] This level requires a formal top-level specification (FTLS) of TCB mechanisms, mathematical proofs of policy consistency, and mapping of the FTLS to implementation for demonstrable correctness.^[2] Building on TCSEC, the Common Criteria (CC) framework, an international standard (ISO/IEC 15408), provides a more flexible approach by defining Evaluation Assurance Levels (EALs) from 1 to 7, allowing evaluation of specific TCB subsets as part of the Target of Evaluation (TOE)—the portion enforcing security functions.^[35] EAL1 involves basic functional testing and vulnerability analysis, progressing to EAL4's methodical design and review using commercial practices; higher levels like EAL5 and EAL6 incorporate semi-formal verification of design and testing, while EAL7 demands formal verification and testing for extreme-risk environments, focusing on tightly scoped TCB elements to prove absence of exploitable flaws.^[35] This structure enables certification of TCB components without evaluating the entire system, emphasizing developer-provided evidence and independent validation.^[36] Key verification techniques for TCB certification include static analysis to detect code vulnerabilities without execution, penetration testing to simulate attacks and assess resistance, and formal proofs to mathematically verify security properties like information flow and access control.^[37] Static analysis examines TCB source code for flaws such as buffer overflows, while penetration testing, often team-based, probes for exploitable weaknesses under controlled conditions; formal proofs, as in TCSEC A1 or CC EAL7, use mathematical models to confirm the TCB enforces policy without covert channels or errors.^[38] These techniques are applied iteratively, with formal methods providing the highest assurance by reducing reliance on empirical testing alone.^[37] Certification is overseen by authoritative bodies, including the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) in the United States, which accredit labs and validate TCB evaluations under frameworks like TCSEC and CC. Internationally, the Common Criteria Recognition Arrangement (CCRA), established in 1999 among participating governments, enables mutual recognition of certificates up to EAL4 (and higher for some members) by licensed labs worldwide, ensuring consistent TCB assessments without redundant testing.^[39] These bodies maintain impartiality through accreditation standards like ISO/IEC 17025, focusing on TCB's role in overall system security.^[39]

Examples and Applications

In Operating Systems

In operating systems, the trusted computing base (TCB) encompasses the kernel and associated mechanisms that enforce security policies, ensuring isolation and access control for system resources. Historical systems like MULTICS pioneered segmented TCB designs, where memory segmentation provided a foundation for protection rings that confined privileged operations to a minimal set of trusted components, preventing unauthorized access across user and supervisor modes.^[40] This approach influenced subsequent secure OS designs by demonstrating how hardware-supported segmentation could form the core of a verifiable TCB, as evaluated in early vulnerability assessments that highlighted its robustness compared to contemporaries.^[6] Similarly, the Unisys OS 1100 implemented a segmented TCB within its multi-threaded architecture, where the TCB included complex software layers for access control and resource management, certified under Department of Defense standards for controlled access protection.^[41] The system's TCB partitioned functionality into segments to minimize the attack surface, allowing for secure multitasking in high-assurance environments like government applications, though its large footprint posed verification challenges.^[41] In modern Linux distributions, SELinux forms a key part of the TCB by enforcing mandatory access control (MAC) through type enforcement (TE) and role-based access control (RBAC), labeling processes and objects to restrict interactions beyond discretionary permissions.^[42] TE confines subjects to specific domains and objects to types defined in policy rules, while RBAC assigns roles to users for granular privilege management, reducing the risk of privilege escalation in the kernel.^[43] This integration ensures the Linux kernel acts as a reference monitor within the TCB, as seen in enterprise deployments where SELinux policies are tailored to minimize trusted code.^[42] The Windows NT kernel similarly constitutes the TCB, incorporating a security reference monitor that evaluates access control lists (ACLs) for file systems and other objects, alongside NTLM for user authentication to verify identities against domain policies.^[44] NTLM operates as a challenge-response protocol within the kernel's authentication subsystem, integrating with ACLs to enforce discretionary access control while protecting the integrity of privileged kernel operations.^[45] This architecture isolates user-mode applications from kernel resources, forming a hybrid TCB that balances performance and security in enterprise settings.^[44] Android extends SELinux integration into its TCB for mobile security, applying MAC policies to confine system services and apps, thereby protecting sensitive data like logs and user information from exploits.^[46] By labeling kernel components and user-space daemons with SELinux contexts, Android's TCB enforces domain transitions and prevents unauthorized escalations, as refined over iterations to cover the entire software stack.^[47] This approach has significantly reduced the impact of vulnerabilities in mobile environments, with policies evolving to address the unique threats of app ecosystems.^[46]

In Hardware Security Modules

Hardware Security Modules (HSMs) serve as dedicated hardware components that form a minimal trusted computing base (TCB) for performing cryptographic operations in isolation from the host system, ensuring the integrity and confidentiality of sensitive data and keys. These modules are engineered to resist tampering and provide a root of trust for secure processing, often validated against rigorous standards to support applications in high-security environments. By confining cryptographic functions to a physically protected boundary, HSMs minimize the TCB size and reduce exposure to software vulnerabilities in the broader platform.^[48] The Trusted Platform Module (TPM) 2.0 exemplifies a specialized HSM that establishes a hardware root of trust for platform integrity, enabling secure boot processes and runtime measurements. Defined by the ISO/IEC 11889 standard, TPM 2.0 includes a cryptoprocessor for key generation and storage within tamper-resistant non-volatile memory, preventing unauthorized extraction or modification of secrets. It supports remote attestation through mechanisms like direct anonymous attestation (DAA) and enhanced authorization values (EV), allowing a verifier to confirm the platform's configuration without revealing sensitive details. Additionally, TPM 2.0 facilitates sealed storage, where data is bound to specific platform states, ensuring it can only be accessed if the system remains in a trusted configuration. This root of trust extends to platform integrity by measuring firmware and software components during boot, storing hashes in platform configuration registers (PCRs) for later verification.^[49]^[50] In enterprise settings, HSMs are deployed for compliant cryptographic key management in sectors like banking and cloud computing, where they must adhere to Federal Information Processing Standards (FIPS) 140-2 or the updated FIPS 140-3 for validation of security boundaries and algorithms. FIPS 140-3 specifies requirements for cryptographic modules, including physical security levels that protect against unauthorized access and environmental tampering, making certified HSMs essential for regulatory compliance in financial transactions and data protection. For instance, AWS CloudHSM provides FIPS 140-2 Level 3 validated modules that integrate with cloud infrastructures, allowing customers to generate, store, and manage encryption keys in a dedicated hardware environment isolated from the AWS network. These modules support high-throughput operations for applications such as payment processing and digital signing, while the TCB is confined to the HSM's firmware and hardware, excluding the host OS to enhance overall security.^[48]^[51]^[52] Secure elements in Internet of Things (IoT) devices leverage HSM-like functionality through technologies such as ARM TrustZone, which creates isolated execution environments to protect critical operations from compromised normal-world software. TrustZone partitions the processor into secure and non-secure worlds at the hardware level, using a system monitor to enforce access controls on memory, peripherals, and interrupts, thereby forming a TCB for handling authentication, encryption, and firmware updates in resource-constrained devices. In IoT contexts, this isolation ensures that secure elements—such as those in smart sensors or gateways—can maintain trust for tasks like device provisioning and data integrity checks, even if the main application layer is vulnerable to attacks. ARM TrustZone for Cortex-M processors, in particular, extends these capabilities to low-power IoT endpoints, providing a minimal TCB that supports standards like GlobalPlatform for secure element management.^[53]^[54] A notable case study is Intel Trusted Execution Technology (TXT), which implements a dynamic root of trust for measurement (DRTM) using an HSM-integrated approach with TPM collaboration to establish late-launch security in enterprise and server platforms. Intel TXT initiates a measured launch sequence via the GETSEC[SENTER] instruction, which resets the platform to a known state, measures the authenticated code module (ACM), and extends PCRs in the TPM before loading the operating system or hypervisor. This dynamic mechanism allows attestation of runtime environments without relying on a static boot chain, reducing the TCB by excluding potentially untrusted firmware from the trust boundary. In practice, TXT has been applied in virtualized data centers for secure workload isolation, where remote parties can verify the integrity of the launch process through TPM quotes, ensuring compliance with standards like those from the Trusted Computing Group. Evaluations show that TXT effectively mitigates rootkit threats by providing verifiable evidence of a clean system state post-launch.^[55]^[56]

Challenges and Future Directions

Verification and Assurance Challenges

One of the primary challenges in verifying the correctness of a trusted computing base (TCB) is scalability, particularly for formal verification methods in large-scale systems. Formal verification, which involves mathematically proving that a system adheres to its specifications, becomes infeasible for TCBs comprising millions of lines of code, such as modern operating system kernels. For instance, the Linux kernel exceeds 40 million lines of code as of 2025, rendering exhaustive proofs computationally prohibitive due to the exponential growth in proof complexity with system size. In contrast, smaller microkernels like seL4, with approximately 8,700 lines of C code, have been successfully formally verified for functional correctness, highlighting how minimizing the TCB size is essential for tractable verification but impractical for feature-rich, monolithic kernels that must support diverse hardware and functionalities. Large TCBs, such as the Xen hypervisor with around 1 million lines of code, are indicative of systems where studies on similar large codebases (e.g., OpenBSD) report approximately 33 vulnerabilities per million lines over extended periods, exacerbating the verification burden as code evolves rapidly.^[21]^[20]^[57] Insider threats and supply chain risks further complicate assurance by undermining the trustworthiness of third-party components integrated into the TCB. Insider threats, including malicious actions by developers or unintentional errors by personnel with access to source code or hardware fabrication, can introduce backdoors or flaws that bypass verification processes; for example, a disgruntled employee might embed malware during software development, as analyzed in supply chain incident corpora. Supply chain risks amplify this, as adversaries can tamper with components during manufacturing or distribution, such as inserting counterfeit hardware or compromised firmware, which erodes confidence in the TCB's integrity. Ensuring trustworthiness requires rigorous supplier assessments, background checks on personnel, and continuous monitoring, yet these measures are challenged by globalized supply chains involving numerous unvetted sub-tier contractors. The NIST framework emphasizes flow-down controls like access limitations and authenticity verification for third-party elements, but incomplete visibility into sub-suppliers often leaves gaps in assurance.^[58]^[59] Legacy code integration poses additional verification hurdles, as inherited components from older systems carry unresolved vulnerabilities that propagate into the TCB. Operating system kernels frequently incorporate legacy drivers and modules, which form part of the TCB but lack modern security practices, leading to exploits like buffer overflows or privilege escalations; research on commodity kernels shows that device drivers alone account for a significant portion of vulnerabilities due to their unverified, historical codebases. Evolving systems exacerbate this, as updates to new features must interface with legacy elements without re-verifying the entire TCB, resulting in inherited flaws that testing may overlook. This problem is particularly acute in trusted environments, where even minor legacy vulnerabilities can compromise the whole base, as seen in analyses of kernel codebases where outdated modules resist formal analysis due to absent specifications.^[60] Metrics for assurance in TCB verification often reveal discrepancies between testing coverage and comprehensive threat models, limiting confidence in system security. While code coverage metrics, such as line or branch coverage from automated testing, can reach high percentages (e.g., 80-90% in kernel tests), they frequently fail to align with threat models that prioritize adversarial paths like side-channel attacks or privilege escalations, which may not be exercised in standard tests. Assurance evaluation thus requires integrating threat modeling to identify design-level risks, but quantitative metrics for this alignment remain underdeveloped, with studies showing that traditional testing overlooks up to 70% of potential insider or supply-chain-induced threats. Guidelines recommend combining automated testing with risk-based metrics to bridge this gap, yet the lack of standardized, threat-informed measures hinders scalable assurance in complex TCBs.^[61]^[62]

Adaptation to Evolving Threats

To address persistent software vulnerabilities in trusted computing bases (TCBs), researchers have shifted toward verifiable microkernels, which minimize the codebase and enable formal proofs of correctness to eliminate common exploits like buffer overflows and null pointer dereferences. The seL4 microkernel exemplifies this approach, comprising just 8,700 lines of C code and 600 lines of assembly, with its full functional correctness formally verified in 2009 using the Isabelle/HOL theorem prover, marking the first such proof for a general-purpose operating system kernel. This verification ensures no crashes, unsafe pointer operations, or infinite loops, thereby shrinking the TCB and enhancing resistance to zero-day vulnerabilities by reducing the attack surface compared to monolithic kernels.^[20] Quantum computing poses a severe threat to TCBs by potentially breaking widely used cryptographic algorithms such as RSA and elliptic curve cryptography through efficient factorization and discrete logarithm solving. To counter this, post-quantum cryptography (PQC) algorithms are being integrated into TCB components, replacing vulnerable primitives with quantum-resistant alternatives like lattice-based schemes. The National Institute of Standards and Technology (NIST) launched its PQC standardization process in December 2016 with a call for submissions, culminating in the publication of Federal Information Processing Standards (FIPS) 203, 204, and 205 in August 2024 for CRYSTALS-Kyber, CRYSTALS-Dilithium, and SPHINCS+, respectively, which provide interoperable digital signatures, key encapsulation, and key establishment mechanisms suitable for embedding in hardware and firmware TCB elements. In 2025, adoption advanced with the NSA's release of CNSS Policy 15 in March specifying quantum-resistant algorithms, and Microsoft's integration of ML-KEM and ML-DSA into Windows via the November update, facilitating broader deployment in secure systems.^[63]^[64]^[65] In cloud and distributed systems, TCBs must extend beyond traditional hardware boundaries to secure virtualized environments where data and code traverse untrusted infrastructures. Confidential computing achieves this by leveraging hardware-based trusted execution environments (TEEs), such as Intel SGX or AMD SEV-SNP, to isolate workloads and protect data in use, effectively narrowing the TCB to include only the hardware root of trust, the attested enclave, and minimal firmware while excluding hypervisors, operating systems, and cloud operators. This adaptation mitigates threats like memory scraping, side-channel attacks, and insider compromises in multi-tenant settings, enabling secure multi-party computation for applications in finance and healthcare without exposing sensitive data.^[66] Emerging trends further bolster TCB resilience through AI-assisted formal verification and reinforced hardware roots of trust to combat supply chain attacks. Machine learning techniques, such as those applied in AI for formal methods (AI4FM), automate proof search and tactic selection in theorem provers like Lean or Isabelle, accelerating the verification of complex TCB components and making it feasible to certify larger systems against evolving exploits. Complementing this, hardware roots of trust—such as Trusted Platform Modules (TPMs) compliant with ISO/IEC 11889—provide tamper-resistant anchors for secure boot and remote attestation, verifying firmware and software integrity to detect compromises like the 2020 SolarWinds supply chain attack, where malware was inserted into legitimate updates affecting thousands of organizations. These roots ensure cryptographic validation of updates from development to deployment, limiting the impact of logistics and ICT channel tampering.^[67]

References

[1]
trusted computing base (TCB) - Glossary | CSRC
Definitions: Totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination responsible for enforcing a ...
[2]
[PDF] Trusted Computer System Evaluation Criteria ["Orange Book"]
Oct 8, 1998 · The security-relevant portions of a system are referred to throughout this document as the Trusted Computing. Base (TCB). Systems representative ...<|control11|><|separator|>
[3]
[PDF] Evolving Information Technology Security Standards
In the early 1980's, the Trusted Computer System Evaluation Criteria (TCSEC) was developed. This was commonly referred to as the orange book. As a result of ...
[4]
Trusted Computing Base (TCB) in Azure Confidential Computing
May 7, 2025 · Trusted computing base (TCB) refers to all of a system's hardware, firmware, and software components that provide a secure environment.
[5]
[PDF] Thirty Years Later: Lessons from the Multics Security Evaluation
Almost thirty years ago a vulnerability assessment of. Multics identified significant vulnerabilities, despite the fact that Multics was more secure than ...
[6]
[PDF] Computer Security Technology Planning Study (Volume I)
Oct 8, 1998 · This report presents a research and devel opment plan to guide the work leading to the achievement of secure multilevel computer systems for the ...Missing: 1971 | Show results with:1971
[7]
History - Common Criteria
... ISO/IEC 15408 standard in 1999. The ISO version corresponds to the version 2.1 of the Common Criteria document edited by the Common Criteria Management Board.
[8]
[PDF] TPM Main Part 1 Design Principles TCG Published
Mar 1, 2011 · Version. Date. Description. Rev 50. Jun 2003. Started 30 Jun 2003 by David Grawrock. First cut at the design principles. Rev 52. Jul 2003.
[9]
information security policy - Glossary | CSRC
Definitions: Aggregate of directives, regulations, rules, and practices that prescribes how an organization manages, protects, and distributes information.
[10]
What is a trusted computing base (TCB)? - TechTarget
Jan 10, 2022 · The TCB acts as the reference monitor that works at the boundary between the trusted and untrusted domains of a computing system. It functions ...
[11]
discretionary access control (DAC) - Glossary | CSRC
An access control policy that is enforced over all subjects and objects in an information system where the policy specifies that a subject that has been ...
[12]
[PDF] USE OF THE TRUSTED COMPUTER SYSTEM EVALUATION ...
The TCSEC [4] was not made a DoD standard until 1985 and was slow to be adopted into policies and directives of the individual services. Part of the reason was ...
[13]
Part 1 - Foundations of Computer Security - Paul Krzyzanowski
Trusted Computing Base and Supply Chain Security. Every secure system depends on a Trusted Computing Base ... If the TCB is compromised, the entire system is at ...
[14]
What is a Trusted Computing Base? - Red Hat Emerging Technologies
Jun 18, 2021 · A Trusted Computing Base (TCB) refers to all system components critical to establishing and maintaining the security of a system, serving as ...
[15]
[PDF] Trusted Trustworthy Proof
Jul 16, 2008 · Trusted computing without a trustworthy TCB is a phantasy. Initiatives such as the TCG's trusted platform module aim at providing a trust anchor ...
[16]
NVD - CVE-2016-5195
### Summary of CVE-2016-5195 (Dirty COW)
[17]
Linux Kernel Vulnerability - CISA
Oct 21, 2016 · US-CERT is aware of a Linux kernel vulnerability known as Dirty COW (CVE-2016-5195). Exploitation of this vulnerability may allow an attacker ...Missing: trusted computing base
[18]
[PDF] Trusted Computer System Evaluation Criteria(TCSEC)
The TCSEC defines 6 evaluation classes identified by the rating scale from lowest to highest: D, C1, C2, B1,. B2, B3, and A1. An evaluated computer product ...
[19]
[PDF] seL4: Formal Verification of an OS Kernel - acm sigops
seL4, a third-generation microkernel of L4 prove- nance, comprises 8,700 lines of C code and 600 lines of assembler. Its performance is comparable to other ...
[20]
Linux kernel source expands beyond 40 million lines
Jan 26, 2025 · ... Linux kernel sources would expand beyond 40 million lines early this year. Linux 6.13 was released early in January 2025, with 39,819,522 lines ...
[21]
[PDF] Microkernel Architecture and Security
Monolithic Kernel vs. Microkernel. 9. Fine-grained components. Static ... TCB is larger in size. TCB is smaller in size. If one component fails, the entire ...
[22]
[PDF] Hardware Enforcement of Application Security Policies Using ...
To avoid including page table handling code in the trusted computing base, the processor's MMU is disabled while executing in monitor mode. 2.3 OS overview.
[23]
[PDF] Secure Computing using Certified Software and Trusted Hardware
Dec 14, 2017 · A central question addressed by this thesis is how the trusted hardware primitives can be used safely to build the trusted components of modern ...
[24]
Trusted Platform Module (TPM) Summary | Trusted Computing Group
TPM (Trusted Platform Module) is a computer chip (microcontroller) that can securely store artifacts used to authenticate the platform (your PC or laptop).
[25]
Trusted Computing Base Recovery - Intel
Oct 9, 2025 · Trusted Computing Base (TCB) Recovery is a process that restores the integrity and functionality of the TCB after a compromise.Missing: implications | Show results with:implications
[26]
[PDF] NIST.IR.8320.pdf
Consequently, the underlying software must be part of the Trusted Computing Base (TCB). In shared environments, customers are forced to trust that the entities ...
[27]
[PDF] Strong and Efficient Cache Side-Channel Protection using ... - USENIX
Aug 16, 2017 · We presented Cloak, a new technique that defends against cache side-channel attacks using hardware trans- actional memory. Cloak enables the ...
[28]
[PDF] NIST SP 800-147, BIOS Protection Guidelines
On most trusted computing architectures, the BIOS boot block serves as the computer system's CRTM because this firmware is implicitly trusted to bootstrap ...
[29]
[PDF] Security Recommendations for Hypervisor Deployment - CSRC
Oct 20, 2014 · • All hypervisor components that form part of the Trusted Computing Base (TCB) must be included under the scope of the Tboot mechanism so ...
[30]
[PDF] Application Container Security Guide
This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these concerns.
[31]
[PDF] Trusted Platform Module (TPM) Use Cases - DoD
Nov 6, 2024 · TPM use cases include asset management, hardware supply chain security, boot integrity, device identification, authentication, encryption, and ...
[32]
The Protection of Information in Computer Systems
Invited Paper. Abstract. This tutorial paper explores the mechanics of protecting computer-stored information from unauthorized use or modification.
[33]
[PDF] Pre-defined packages of security requirements November 2022 CC ...
Nov 20, 2022 · the Common Criteria for Information Technology Security Evaluation ... evaluation assurance levels (EAL) and the composed assurance packages (CAPs) ...Missing: TCB | Show results with:TCB
[34]
[PDF] CC2022PART1R1.pdf - Common Criteria
recommendations on the secure use of the base component that are also addressed as requirements in the base component user guidance. The base component ...
[35]
[PDF] Handbook for the Computer Security Certification of Trusted Systems
Jan 1, 1996 · Trusted Computing Base, TCSEC. Trusted Computer System Security ... DOD 5200.28-STD, December 1985, (The Orange Book). Department of ...<|control11|><|separator|>
[36]
[PDF] Secure Software Systems - University of the Pacific
Even formal methods can have holes, e.g. Did you prove the right thing? Do your assumptions match reality? Page 34. Testing vs Verification. ⬈ Testing.
[37]
[PDF] Arrangement on the Recognition of Common Criteria Certificates
May 23, 2000 · This arrangement aims to ensure high IT evaluation standards, improve product availability, and allow use of certified products without further ...
[38]
[PDF] Building a Trusted Computing Foundation
The Common Criteria for Information Technology Security Evaluation, an international body that establishes computer product security evaluation criteria. As ...
[39]
[PDF] Unisys Corporation OS 1100 - DTIC
Sep 27, 1989 · TCB Software. The Trusted Computing Base for OS 1100 is by the nature of the system large, multi-threaded and complex. The software included ...Missing: segmented | Show results with:segmented
[40]
[PDF] NSA Security-Enhanced Linux (SELinux)
– RoleBased Access Control. – Type Enforcement. – MultiLevel Security ... • Basis for Trusted Computer Solution's Trusted Linux. • Port exists for FreeBSD ...Missing: base | Show results with:base
[41]
Chapter 49. Security and SELinux | Red Hat Enterprise Linux | 5
In Red Hat Enterprise Linux, MAC is enforced by SELinux. For more information, refer to Section 49.2, “Introduction to SELinux”. 49.1.4. Role-based Access ...
[42]
[PDF] Architecture of the Windows Kernel - FSU Computer Science
• WRK: Windows Research Kernel (NT kernel in source). • Design Workbook ... ➢ central ACL-based security reference monitor. ➢ configuration (registry).
[43]
[PDF] Beware of Geeks Bearing Gifts: A Windows NT Rootkit Explored
Apr 4, 2001 · The trust of Kernel mode processes is a fundamental concept of rootkit's ability to undermine the TCB of Windows NT.
[44]
Security-Enhanced Linux in Android - Android Open Source Project
Aug 26, 2024 · With SELinux, Android can better protect and confine system services, control access to application data and system logs, reduce the effects of ...Missing: trusted computing base
[45]
[PDF] Protecting the Android TCB with SELinux
Aug 19, 2014 · Today's Talk. • Looking at how SELinux has been applied over the past year to protect the Android Trusted. Computing Base (TCB).Missing: mobile | Show results with:mobile
[46]
FIPS 140-3, Security Requirements for Cryptographic Modules | CSRC
This standard shall be used in designing and implementing cryptographic modules that federal departments and agencies operate or are operated for them under ...
[47]
[PDF] Trusted Platform Module 2.0 Library Part 0: Introduction
Dec 20, 2024 · Dedicated BIOS support - TPM 2.0 adds a Storage hierarchy controlled by platform firmware, letting the OEM benefit from the cryptographic ...
[48]
Trusted Platform Module Technology Overview - Microsoft Learn
Aug 15, 2025 · The TPM is a secure crypto-processor providing hardware-based security, used for cryptographic operations, device authentication, and system ...
[49]
Compliance - AWS CloudHSM
Relying on a FIPS-validated HSM can help you meet corporate, contractual, and regulatory compliance requirements for data security in the AWS Cloud. FIPS 140-2 ...Missing: enterprise banking
[50]
What is AWS CloudHSM? - AWS CloudHSM - AWS Documentation
A hardware security module (HSM) is a computing device that processes cryptographic operations and provides secure storage for cryptographic keys. With AWS ...Pricing for AWS CloudHSM · Use cases · How it worksMissing: enterprise banking
[51]
TrustZone for Cortex-M - Arm
TrustZone technology for Arm Cortex-M processors enables robust levels of protection at all cost points for IoT devices.
[52]
Security - Arm TrustZone technology
TrustZone works by enabling regions in memory to be marked as Secure or Non-secure, which gives a Secure and a Non-secure memory world within TrustZone.Missing: environments | Show results with:environments
[53]
[PDF] Intel Trusted Execution Technology
This paper describes a highly scalable architecture called Intel® Trusted. Execution Technology (Intel® TXT) that provides hardware-based security.
[54]
[PDF] Intel® Trusted Execution Technology (Intel® TXT)
The dynamic PCRs are written by the dynamic root of trust for measurement. (DRTM). In the PC, the DRTM is the process initiated by GETSEC[SENTER]. A PC TPM ...Missing: study | Show results with:study
[55]
[PDF] What If You Could Actually Trust Your Kernel? - USENIX
The advent of formally verified OS kernels means that for the first time we have a truly trustworthy foundation for systems. In this paper we explore the ...Missing: issues | Show results with:issues
[56]
[PDF] Cybersecurity Supply Chain Risk Management Practices for ...
May 5, 2022 · reporting potential indicators of insider threat within the supply chain. Enterprises should require their prime contractors to implement ...<|control11|><|separator|>
[57]
[PDF] Insider Threats Involving Supply Chain Risk - DTIC
Analysis of the CERT Insider Threat Incident Corpus is dynamic, so categories and definitions are subject to change over time. Page 4. Insider Threat Incidents ...
[58]
[PDF] Protecting Commodity Operating System Kernels from Vulnerable ...
For example, it identifies interrupt handlers based upon their function prototypes; in Linux interrupt handlers always return a value of type irqreturn t.
[59]
[PDF] Guidelines on Minimum Standards for Developer Verification of ...
It recommends the following techniques: • Threat modeling to look for design-level security issues. • Automated testing for consistency and to minimize human ...
[60]
[PDF] Exploring the Use of Metrics for Software Assurance - DTIC
Threat modeling. Software risk analysis identifies “input data risks with input verification” as requiring mitigation. Design includes mitigation. Input data ...
[61]
Post-Quantum Cryptography | CSRC
### Summary of NIST PQC Standardization Timeline and TCB Integration
[62]
[PDF] Hardware-Based Trusted Execution for Applications and Data
Confidential Computing protects data in use by performing computation in a hardware-based, attested Trusted Execution Environment. These secure and isolated ...
[63]
[PDF] A Review of Technologies that can Provide a 'Root of Trust' for ...
In December 2020, FireEye discovered that a supply chain attack had compromised SolarWinds. Orion to distribute malware [11]. Victims received a digitally ...