Data Protection and Security

VI

Operating System Security and Secure Programming

VI.III

Security Evaluation

Trusted Computing:

The Trusted Computing Group is an alliance of Microsoft, Intel, IBM, HP and AMD which promotes a standard for a more secure PC. Their definition of security is controversial, though. TC provides a computing platform on which you can not tamper with the application software, and where these applications can communicate securely with their authors and with each other. The original motivation was digital rights management.

TC provides for a monitoring and reporting component to be mounted in future PCs. A smartcard chip or a dongle soldered to the motherboard supervises the boot process so that PC ended up in a predictible state with known hardware and software. The PC in a wrong state would not run TC applications. The OS security kernel bridges the gap between the chip and the application security components. It checks the HW components are on the approved list, the software components are signed and none of them has a serial number that has been revoked. The security kernel also works with new “curtained memory” feature in the CPU to prevent any TC application interfering with others.

Reference: FAQ about “Trusted Computing”