Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Beginner
69 Views

Trusted Computing Base (TCB), Provisioning Certification Service (PCS), and DCAP

Jump to solution
In the product brief for DCAP, the Intel SGX PCS part talks about the API and that TCB information can be fetched. What is this TCB information in this context and what is it used for? TCB for me is the limited codebase running inside the enclave.
Tags (1)
0 Kudos

Accepted Solutions
Highlighted
Moderator
69 Views

Hello Emil,

There are two types of TCB.

  1. Trusted Cose Base, which is, like you said, essentially the limited codebase running inside the enclave.
  2. Trusted Computing Base, which includes platform-specific information related to the CPU microcode. This TCB is used by DCAP to ensure that the platform that the enclave is running on is indeed a trusted platform. The TCB is an important part of the attestation process. I recommend you read the Intel SGX ECDSA QuoteLibReference_DCAP_API.pdf which contains more info on how the TCB is used.

Regards,

Jesus

View solution in original post

0 Kudos
3 Replies
Highlighted
Moderator
70 Views

Hello Emil,

There are two types of TCB.

  1. Trusted Cose Base, which is, like you said, essentially the limited codebase running inside the enclave.
  2. Trusted Computing Base, which includes platform-specific information related to the CPU microcode. This TCB is used by DCAP to ensure that the platform that the enclave is running on is indeed a trusted platform. The TCB is an important part of the attestation process. I recommend you read the Intel SGX ECDSA QuoteLibReference_DCAP_API.pdf which contains more info on how the TCB is used.

Regards,

Jesus

View solution in original post

0 Kudos
Highlighted
Beginner
69 Views
Thank you for your answer Jesus! The naming is a little unfortunate. While reading in the QuoteLibReference document I noticed on page 6 that TCB (Trusted Computing Base) can potentially be called HW TCB or Provisioning TCB. I'm currently writing a paper about Intel SGX and I feel that using either Provisioning TCB or HW TCB in the paper not to confuse it with TCB (Trusted Code Base) is a good idea. Which would be more correct? Best regards, Emil Hemdal
0 Kudos
Highlighted
Moderator
69 Views

Hello Emil,

It all depends on the context in which you use the term TCB. You should be fine using either term as long as you clearly define the term the first time you use it then use the term consistently. Also, see how each term is used in other papers and try to be consistent with them. Good luck on your paper!

Regards,

Jesus

0 Kudos