Documente Academic
Documente Profesional
Documente Cultură
kind of architectural construct which is called as Trusted computing base (TCB) in 1980s. A
great computer scientist , John Rushby, defined TCB as combination of trusted process and
kernel. This TCB comprises group of all hardware, software and other components that are
mandatory in creating and maintaining the security of the system. Basically this TCB consists of
an operating system, network hardware and software, well defined protocols and the exact
physical location of the system. So if there is chance in occurrence of any bugs or vulnerabilities
within the TCB will completely impact the security properties of the entire system. A piece of
hardware and software on which security depends and that we differentiate it from a much larger
quantity that can misbehave without any impact on security of the system.
Provisions were created during designing a TCB for system architecture. These provisions
include protection against malware, backing up data, user authentication support, awarding
authorization for few specific applications, etc. Main aim of the TCB is to maintain the
Here TCB is responsible for implementing security policy and monitoring all the required
activities of the system to make sure that it functions flawless and restricts all aspects to the
policy. So in order to attain this, the TCB needed to act like an abstract machine known as
reference monitor. The functioning of reference monitor occurs at the boundary between trusted
and untrusted domains of the system. Accessing the objects like files, processes etc by authorized
person, application etc is its main function . Because of the barriers present in between subjects
and objects there is a need To attain stability, the reference monitor maintains two properties for
2 It has control over all access, impossible to bypass and should be treated for its own validity.
There are some attributes which are supplied by z/OS. So to include any software into the TCB,
then that software must have atleast one of these attributes. They are
Softwares outside the TCB are treated untrusted. Softwares which are part of the z/OS TCB
should confirm that application software is following the security policy. Software portions of
the TCB are needed to be protected from any tampers or effects. This is all because of the Von
neumon architecture applied virtually on all modern systems since machine code can be
processed by any program barring memory management provisions. In the present era of cpu,
protecting the memory which hosts the TCB is done by appending a piece of hardware known as
TCB is also responsible for input output operations, execution domain switching, memory