What is a trusted computer base?
A trusted computer base is concept that every aspect of the computer, processor, software firmware and hardware working together to protect
the information that it contains or to comply with an organisations security policy. This comes from the very core operating system that affects every aspect of how that computer should run. There are a number of components that need to work together to maintain the desired result.
The processor receives requests from a user upon which it will retrieve, then decode, action then store the result. Multi-processors may multi task an number of action at the same time, such as calculate a report whilst allowing for further data input. This function needs to operate in such a way as not to village the security of that device. On a simple level it would be programmed to ask for a username and password so that the subject accessing the machine has the correct privileges to perform those actions.
Memory is a the way that a computer stores information. This may be physically in disk storage space such as ROM (Read Only Memory) or in a volatile state like RAM(Random Access memory) that is faster and used for tasks that are one at that time.
Firmware is a standard set of instructions that tell peripherals and hardware how to operate. These commands can be everything from recognising an external hard drive to understanding letter inputs from a keyboard.
The kernel is at the very heart of the system and assigns and prioritises tasks, traces the location of files, and allows programs to operate without interference from another process. A request from a user to access a file by using this particular program goes to the kernel first to then check resources and make sure the command does not clash with any other process.
Reference monitor is the check that refers back to the security kernel for rights of access and processing. A request from a user will be captured by the monitor, it then makes sure the details match the records held in the user database and deny or allow access. It also produces and audit trail of events until the activity ends.
So how does a trusted computer base work all together?
So as an example of this in operation is the use of Advances Space Layout Randomisation. This is the process of not keeping all components of a program software and information in one place but spreading it around the disk so in case the computer is compromised then it would be difficult for a hacker to put everything together. This complex task of throwing things about, remembering where they and who should have access to them would not be possible unless all of the above components work together in order to protect the computer in question. The trusted computer base is the abstract concept that holds all these disparate components together for that co-ordinated purpose. . It also produces and audit trail of events until the activity ends.
If you need assistance with information security see our services page.