A trusted computing device (TCD) includes an isolated environment, host interface, secure interface, and program instructions. The environment includes an isolated environment processor (IEP), memory (secure and non-secure partition), and an auxiliary processor (AP). Memory and AP are connected for data communication with the IEP, and communicate with a host only through the IEP. The host interface and each secure interface are connected for data communication with the IEP. The instructions provision TCD for cryptographic operations via a secure interface; present a first file system partition comprising a write file and a read file with file creation/deletion privileges allocated only to the IEP at the host interface via the IEP; present a non-secured file system partition with access to the non-secure partition via the host interface via the IEP; receive, via the write file, requests to perform trusted computing; perform requested computing using the IEP, secure memory, and AP; and write results to the read file.