What is Trusted Computing Base (TCB)?
A Trusted Computing Base (TCB) refers to all hardware, firmware and software components of a computer system that are combined to provide the system with a secure environment. It enforces security policies to keep the system and its information safe. System security is achieved through provisioning methods such as access control, authorization for access to specific resources, enforcement of user authentication, protection against malware and securing of data.
Overall, the ability and performance of the TCB is based on the correctness and relevance of its applied techniques and mechanisms, the security and protection of these mechanisms in order to ensure their correctness and the correct entry of parameters that are required in security guidelines. In short, any hardware or software should only be part of the given TCB if - and only if - it should be part of the mechanisms of that TCB.
Computer systems that do not implement TCB as part of their architectural design are only secured because of external solutions. In addition, the reason for a computer system's security depends on a proper understanding of its capabilities and limitations. Since a computer with a TCB can do anything that a Von Neumann Architektur computer can, there will likely be things that users willingly or unintentionally do to make the system less secure. Therefore, the mechanisms in the TCB should take into account the human security factor.