Roots of Trust


Roots of Trust (RoT) is a managed Trust Anchor Store or Key Management Service typically referred to when implementations are done in Hardware and used by Operating Systems

Roots of Trust may NOT always be down as a Hardware Device. Reality is of course that the Hardware Devices simply Software running on a "Secure" Hardware Device

Roots of Trust is a foundational component or process in a system that is relied on by other components of the system and whose failure would compromise the integrity of the bindings.

Primary Roots of Trust are irreplaceable and loos of a Primary Roots of Trust could cause the loss of the entire system.

Roots of Trust may be a complete Cryptographic Trusted Platform Module and may be referred to as:

NIST Roots of Trust [1]#

"Roots of trust are highly reliable hardware, firmware, and software components that perform specific, critical security functions. Because roots of trust are inherently trusted, they must be secure by design. As such, many roots of trust are implemented in hardware so that malware cannot tamper with the functions they provide. Roots of trust provide a firm foundation from which to build security and trust."

Roots of Trust and Public Key Infrastructure (PKI)#

Roots of Trust is a critical component of any Public Key Infrastructure (PKI) to generate and protect Trust Anchor (Certificate Authority) and Certificate Authority keys; CodeSigning to ensure software remains secure, unaltered and authentic; and creating certificates for credentialing and authenticating proprietary devices and other network deployments.

More Information#

There might be more information for this subject on one of the following: