|An Introductory Breakdown of Trusted Computing|
The question of trust in computing is an important and oft overlooked one. If the security of a system cannot be guaranteed or is known to be inadequate, then any output received from that system cannot be trusted to be correct. There are four areas that make up a system or platform, each of which has its own issues that must be resolved: hardware, operating system, applications, and configuration. A break in one area could undermne the trust for the entire system.
In today's personal computer environment, a PC works perfectly if things are set up correctly , but if the PC is not set up correctly, you have the classic "garbage in, garbage out" scenario. Is that right? Or, can a well set up machine still give you garbage that is glorified because it came from a computer? A trusted platform believes that both situations are possible and acceptable. The rationale behind the two introductory quotes is that from a trust standpoint both quotes describe a trusted platform. Asimov really hits the nail on the head with the point that once you know what is happening it always happens in the exact same way. Galloois points out that if we do not understand what we are dealing with then the answers we get from the device are no better than tomfoolery.
To resolve these issues, the first task is to understand the computing environment of today, what works and what does not work, why we trust platforms to perform certain jobs but do not trust them for other jobs.
This articles comes from the book, Dynamics of a Trusted Platform.
Update your feed preferences