Trusted client

In computing, a trusted client is a device or program controlled by the user of a service, but with restrictions designed to prevent its use in ways not authorized by the provider of the service. That is, the client is a device that vendors trust and then sell to the consumers, whom they do not trust. Examples include video games played over a computer network or the Content Scramble System (CSS) in DVDs.

Trusted client software is considered fundamentally insecure: once the security is broken by one user, the break is trivially copyable and available to others. As computer security specialist Bruce Schneier states, "Against the average user, anything works; there's no need for complex security software. Against the skilled attacker, on the other hand, nothing works."[1] Trusted client hardware is somewhat more secure, but not a complete solution.[2]

Trusted clients are attractive to business as a form of vendor lock-in: sell the trusted client at a loss and charge more than would be otherwise economically viable for the associated service. One early example was radio receivers that were subsidized by broadcasters, but restricted to receiving only their radio station. Modern examples include video recorders being forced by law to include Macrovision copy protection, the DVD region code system and region-coded video game consoles.

Trusted computing aims to create computer hardware which assists in the implementation of such restrictions in software, and attempts to make circumvention of these restrictions more difficult.

See also

References

  1. ^ Bruce Schneier (August 2000). "The Fallacy of Trusted Client Software". Information Security Magazine. Retrieved 2008-01-30.
  2. ^ Grand, Joe (2000-10-12). "Attacks and Countermeasures for USB Hardware Token Devices" (PDF). Proceedings of the Fifth Nordic Workshop on Secure IT Systems Encouraging Co-operation. Reykjavik, Iceland: Grand Ideas Studio. pp. 35–57. ISBN 9979-9483-0-2. Archived (PDF) from the original on 2022-10-09. Retrieved 2006-08-25.

Content Disclaimer

Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.

  1. The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
  2. There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
  3. It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
  4. Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
  5. Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.