The vast majority of information assets today exist on computer systems. This chapter takes the position that “subjects use computers and programs to access objects.” It then explores the question, “How can you develop a sense of trust that the source of a breach of the confidentiality, integrity, or availability of the valuable information assets will not be the computer?” If the computer itself has unknown vulnerabilities that allow a breach, or has a covert device that specifically siphons off data to the bad guys, there is little point in spending the money to implement security for the protection of those assets. Somehow, there must be a way to develop some level of trust at which you can feel confident ...