Trusted computing - simply explained
If you browse the BIOS or if you picked up the term elsewhere, you are right to ask yourself what is Trusted Computing. We will explain what is behind it and how the technology works.
Trusted Computing simply explained: what is it actually?
In Trusted Computing, a special chip ensures that both the software and the hardware of a computer are protected against manipulation. The goal of Trusted Computing is therefore to increase the security of computers. Trusted computing is now also being used more and more on mobile phones and tablets.
- If a computer supports trusted computing, it is equipped with an additional chip, the "Trusted Platform Module" (TPM). The chip collects information about the connected hardware and the software used on the PC and stores this information in encrypted form.
- The operating system can read the chip at startup to check whether a change has been made to the PC. Programs can also read the information during ongoing operation.
- If malware causes changes in hardware or software and is recognized by trusted computing, the user receives at least one warning. Depending on requirements, trusted computing can also close the affected program immediately or cut the connection to the Internet to protect the system.
- The TPM chip is placed on the mainboard of the computer and offers further advantages. Among other things, it ensures under Windows that you can encrypt your files with BitLocker.
This is how Trusted Computing works
Without Trusted Computing, a PC is provided with anti-virus protection using software. This monitors current events and tries to ward off threats. Trusted computing starts much earlier.
- The manufacturers of the hardware and software are trusted from the start ("trust" is English and means "trust"). The original status of hardware and software is saved in the TPM chip and compared step by step with the current status when the PC is started.
- First, it is checked whether the hardware has changed. For example, a hard drive may be missing or replaced with a disk infected with malware. If the lowest level has been checked, the next higher level can be sure that everything is OK and start operation.
- The BIOS is checked after the hardware, then the boot loader and all components of the operating system and the installed software.
In the next practical tip, we will show you how to carry out the annual Windows check.