Trusted Computing are technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications. In this concept also includes enforcing a behavior that is can be achieved by loading the hardware with a unique encryption key inaccessible to the rest of the system.TC is controversial as the hardware is not only secured for its owner, but also secured against its owner. The conceptual technology involves
Secure input and output, sealed storage, and remote attestation.
Trusted Computing simulates a scenario attack towards the trusted computer environment. Such as "Evil Maid" Attacks on Encrypted Hard Drives. Where the attacker gains access to your shut-down computer and boots it from a separate volume. The attacker writes a hacked bootloader onto your system, then shuts it down, You boot your computer using the attacker's hacked bootloader, entering your encryption key. Once the disk is unlocked, the hacked bootloader does its mischief. It might install malware to capture the key and send it over the Internet somewhere, or store it in some location on the disk to be retrieved later, or whatever.
Issue in Computer Security
11
Multilevel Security is the application of a computer system to process information with incompatible classifications (i.e., at different security levels), permit access by users with different security clearances and needs-to-know. prevent users from obtaining access to information for which they lack authorization.
The technology involves for the multilevel security, One is to refer to a system that is adequate to protect itself from subversion and application of a computer that will require the computer to be strong enough to protect itself from subversion and possess adequate mechanisms to separate information domains, that is, a system we must trust.
The example scenario of multilevel security is Network has also attracted a growing number of Trojan horses' attacks. The Trojan horses' attacks have a dependency on data path in the network and establishes three probability models of single source node to single target node by single-path. single source node to single target node by multi-path and multi-source nodes to single target node by multi-path. Finally the model is applied to a military network information system, and the results are reasonable
one computer is being used in MLS mode, then that computer must use a trusted operating system (OS). Because all information in an MLS environment is physically accessible by the OS, strong logical controls must exist to ensure that access to information is strictly controlled. Customers that deploy trusted operating systems typically require that the product complete a formal computer security evaluation.
Trusted Computing and Multilevel Security