Trusted Computer Base

Tags: security

A security policy that [see page 7, combines] both of the ways to protect against Trojans by creating two computer systems, one which is tightly protected and assumes no Trojans exist on it (the Trusted Computer Base) and another untrusted system which can only access resources through the TCB under the guidance of a Reference Monitor.

The reference monitor enforces MAC policies (limits the potential for disclosing information). You can't look at the whole system.

Links to this note

Trojan Horse