TCB

Creator
Creator
Seonglae ChoSeonglae Cho
Created
Created
2024 Mar 15 4:23
Editor
Edited
Edited
2024 May 31 4:37
Refs
Refs

Trusted Computing Base

The less, the better. We have to trust less.
TCB (roughly) includes things in the computer that we assume to be correct, or that we trust.
 

TCB for PC includes at least

  • The operating system kernel including all its device drivers
  • All processes that run with root privileges
  • All program files owned by root with the set-user-ID bit set
  • All binaries and development tools that were used to build the above
  • The CPU
  • The mass storage devices and their firmware
  • The file servers and the integrity of their network links
A security vulnerability in any of these could be used to bypass the entire Unix access control mechanism.
 
 

xz

 
 
 

Recommendations