Trust is one of the most valuable commodities in the world. Without trust, commerce doesn’t function, systems break down, and the networks of computers and internet-connected devices we have all come to rely on cannot operate.
The cornerstone of computer security is trust. Users should feel assured that their systems are properly configured and are working as they should, without any compromises or vulnerabilities. To build this trust, it’s important to have ways to verify and attest to the quality of both the hardware and software in use. This is key for assessing the overall integrity of any system.
What is trusted computing?
At the most basic level, the concept of trusted computing refers to standards, specifications, components and technologies designed to make computing more secure, whether through hardware upgrades or software modifications. Pioneered by our members, this concept provides assurance that computers will only boot up and operate in a predictable manner, creating a safe environment where data stored and used within a system can be authenticated.
Trusted computing leverages hardware Roots of Trust (RoT) to establish a secure platform for the user and the software to run on. Software that utilizes hardware RoT gains a significant boost in security through trusted computing – the approach not only establishes a fortified communication channel between the user and the software, but also enhances the system’s resilience against malicious software. By leveraging hardware-based trust mechanisms, such software gains exclusive access to designated areas of a device’s memory, safeguarding sensitive data. Additionally, the encryption keys are generated from a unique blend of hardware and software attributes specific to the device. This ensures that encrypted data remains secure and accessible only on systems with an identical hardware-software setup, providing an added layer of protection against unauthorized access, even in cases where data may be lost or stolen.
Implementing a trusted computing approach also enables users to better secure their devices from threats like viruses and malware, securing sensitive data and shielding it from unauthorized users. Those who embrace trusted computing will be able to determine what software is currently running on a device, and, through attestation principles, avoid the transmission of data to/from a compromized system. As a result, a secure environment can be created as a user’s device will not connect to any system until it has been deemed safe.
An ever-changing digital landscape
Trusted computing first became a reality with the development of the first Trusted Platform Module (TPM). The chip now sits at the heart of millions of personal computers, laptops, and electronic devices across the globe. Ensuring trusted computing for over twenty years, the TPM is a low cost, secure crypto-processor which is attached to a device to establish secure operations and protect a user’s identity and sensitive data. By following the requirements of trusted computing and utilizing a TPM, the building blocks that enable one component in a computer network to trust all the other linked pieces of hardware and software can be established.
As technology continues to evolve, trusted computing remains ever-present. With more and more devices and applications coming to the fore each year, the concept of trusted computing becomes increasingly vital. The initial standards and specifications that formed the basis of the first TPM have now expanded to cover a significant number of devices types worldwide, and through the continued hard work of our members, trust continues to be built into computers, smartphones and Internet of Things (IoT) devices.
In doing so, trust has now been established as a central component in a number of industries, including the finance, healthcare, industry, and automotive sectors. As we look to the future towards developments like and greater Artificial Intelligence (AI) implementation, the concept of trusted computing holds the key to secured systems long into the future.
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.