What Is a Trusted Computing Platform?
The term Trusted Computing Platform arises from the ability of a Trusted Computing Platform to provide reliable information about itself and its current software processes, and provide attestation to its construction and attestation to operation of its software processes. This ability is under the explicit control of the platform's owner. Recipients of such information from a Trusted Computing Platform, including the user of the platform, can use the information to decide whether it's safe to interact with the platform for their particular purpose. In other words, they can decide whether to trust the platform.
Trusted Computing Platforms are not typical "secure" platforms, although they unavoidably use information security mechanisms: The basis of Trusted Computing is provision of reliable evidence about the current computing environment, and attestation of selected computing environments. When a Trusted Computing Platform reports a given environment and supplies attestation that that environment has sufficient functions, protections, and integrity for some particular purpose, a Trusted Computing Platform can (in that session) be considered to be safe for that purpose. This is critical to an understanding of Trusted Computing Platforms, and worthwhile reiterating: If a user is performing a task on sensitive data that requires protection, he or she should perform that task on a platform only when its software environment is in a state that protects the data. A safe computing environment provided by a Trusted Platform could eventually be as safe as that of a dedicated and isolated coprocessor, depending on the choice of software environment. The choice of safe environment rests entirely with the data owner, although he or she may rely on the recommendations of others.
The Trusted Platform provides reliable evidence that the safe environment actually exists. The decision to instantiate the safe environment rests entirely with the owner or user of a platform. Once a platform has safe environments, those environments can be used to manipulate all kinds of important information, while minimizing the risk to that sensitiveor private, or even secretinformation. A user can maintain the privacy of his own personal data and, of course, can assure others that any sensitive material supplied by them will be treated with the same respect as his own personal data. This supports more adventurous and higher-value Internet interactions for personal and commercial purposes.