Patterns for Secure Boot and Secure Storage in Computer Systems

摘要

Trusted Computing aims at enhancing the security of IT systems by using a combination of trusted hardware and software components to provide security guarantees. This includes system state integrity and the secure link between the software and hardware of a computing platform. Although security patterns exist for operating system security, access control, and authentication, there is still none of Trusted Computing aspects. In this paper, we introduce security patterns for secure boot and for secure storage, which are important basic Trusted Computing concepts. Secure boot is at the heart of most security solutions and secure storage is fundamental for application-level security: it ensures that the integrity of software is verified before accessing stored data. Our paper aims at complementing existing system security patterns by presenting the common patterns underlying the different realizations of secure boot and secure storage.