In a trust-based system, access to an entity such as digital content, a computer application, or the like, is restricted based on pre-defined access requirements. One type of access requirement is a temporal or time-based requirement. For example, a temporal requirement may be that access is granted only if the current time is before or after a pre-defined value.
Of course, to check such a temporal requirement, the trust-based system must refer to a clock. Typically, if the trust-based system is resident on a computing device, the clock referred to is also on the computing device, although the clock may also be elsewhere. At any rate, a problem exists in that a temporal requirement to be checked by a trust-based system may be subverted merely by setting the referred-to clock to a value that would satisfy the temporal requirement.
Accordingly, a need exists for a method and mechanism whereby a secure clock is present on a computing device and is adjustable only by way of an external trusted time authority. Thus, a user of the computing device cannot subvert a temporal requirement that is enforced by a trust-based system merely by falsely setting the clock on the computing device to satisfy such temporal requirement.