Think of it this way. You issue some certificates out of your house stating that this particular tree is represented with this particular certificate. You are the one who has decided that a particular tree is represented by a particular certificate.
Now, when you give out these certificates into the real world, what are the chances that they :
1. Could be counterfieted -- i.e, someone creates an exact copy of your certificate..is able to forge your signature if there is one and then bring you a forge to redeem the tree. :)
2. That they give or sell that certificate to their neighbor, but a few days later sell that same certificate to another person down the street.
To avoid these situations, you have in the past needed another middle man. A bank, a government insitution, etc, etc.
Now, you don't need anyone. You can rely on the Blockchain.
Start understanding how private keys and public keys work. When you give out a certificate, it is identified by nothing more than a public key (or an address that is generated out of that public key), that certificate you were given is just a value (say 1 or 10 or 100) that is 'assigned' to that public key. And who can move, sell that value out to that address. The one who has the 'private key'.
Colored coins is just giving you a way to uniquely identify/mark your asset that you can then assign to public-key addresses.
Once you understand the relationship between the private keys and public keys... you'll start realizing that the physical part is nothing more than any physical object (perhaps a piece of paper) that contains enough information to identify that address (public-key), and also the private key to control that address.
Hope this makes sense.