Trusted computing base

The trusted computing base (TCB) is the set of all system hardware, firmware, and software that is relied upon to enforce the system’s security policy. The ability of a TCB to correctly enforce a security policy depends on the mechanisms within the TCB and on the correct input by system administrative personnel of parameters related to the security policy.

A TCB architecture is a description of the interrelationships among the hardware, firmware, and software that, in combination, enforce the desired security policies for the system. In principle, a TCB architecture enables analysis to determine if certain security properties hold, and it allows continuous monitoring and verification of the integrity and properties of the TCB (including the kernel, configuration files, secure memory, privileged applications, and running applications).

The TCB is critical to the secure operation of an IT system. If the security of any component of the TCB is compromised, then the security of the entire computing system is suspect and cannot be assured.

The TCB kernel must interact with many processes and applications, both locally and over complex networks. Increasing system code complexity makes analysis of components of the TCB as well as interactions with untrusted components increasingly difficult. For all but the simplest of computational components and systems, it can be impractical or impossible to determine whether the TCB operates as desired and enforces all desired system security policies at all times. It is equally difficult to analyze a TCB architecture to ensure that it provides the security functionalities that are desired of a system.