Trustyworthy Computing

The term Trustworthy Computing (TwC) has been applied to computing systems that are inherently secure, available and reliable. The Committee on Information Systems Trustworthiness’ publication, Trust in Cyberspace, defines such a system as one which

does what people expect it to do ? and not something else ? despite environmental disruption, human user and operator errors, and attacks by hostile parties. Design and implementation errors must be avoided, eliminated or somehow tolerated. It is not sufficient to address only some of these dimensions, nor is it sufficient simply to assemble components are themselves trustworthy. Trustworthiness is holistic and multidimensional.

More recently, Microsoft has adopted the term Trustworthy Computing as the title of a company initiative to improve public trust in its own commercial offerings. In large part, it is intended to address the concerns about the security and reliability of previous Microsoft Windows releases and, in part, to address general concerns about privacy and business practices. This initiative has changed the focus of many of Microsoft's internal development efforts, but has been greeted with skepticism by some in the computer industry.

Trusted vs. Trustyworthy

The terms Trustworthy Computing and Trusted Computing have distinct meanings. A given system can be trustworthy but not trusted and vice versa.

The Department of Defense defines a trusted system or component as one "one which can break the security policy", and a trustworthy system or component as one "that will not fail".