Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications. Several major hardware manufacturers and software vendors, collectively known as the Trusted Computing Group (TCG), are cooperating in this venture and have come up with specific plans. The TCG develops and promotes specifications for the protection of computer resources from threats posed by malicious entities without infringing on the rights of end users.
Microsoft defines trusted computing by breaking it down into four technologies, all of which require the use of new or improved hardware at the personal computer (PC) level:
- Memory curtaining -- prevents programs from inappropriately reading from or writing to each other's memory.
- Secure input/output (I/O) -- addresses threats from spyware such as keyloggers and programs that capture the contents of a display.
- Sealed storage -- allows computers to securely store encryption keys and other critical data.
- Remote attestation -- detects unauthorized changes to software by generating encrypted certificates for all applications on a PC.
In order to be effective, these measures must be supported by advances and refinements in the software and operating systems (OSs) that PCs use.
Within the larger realm of trusted computing, the trusted computing base (TCB) encompasses everything in a computing system that provides a secure environment. This includes the OS and its standard security mechanisms, computer hardware, physical locations, network resources and prescribed procedures.
The term trusted PC refers to the industry ideal of a PC with built-in security mechanisms that place minimal reliance on the end user to keep the machine and its peripheral devices secure. The intent is that, once effective mechanisms are built into hardware, computer security will be less dependent on the vigilance of individual users and network administrators than it has historically been. Concerns have arisen, however, about possible loss of user privacy and autonomy as a result of such changes.