Trusted Computing aims at enhancing the security of IT systems by using a combination of trusted hardware and software components to provide security guarantees. This includes system state integrity and the secure link between the software and hardware of a computing platform. Although security patterns exist for operating system security, access control, and authentication, there is still none of Trusted Computing aspects. In this paper, we introduce security patterns for secure boot and for secure storage, which are important basic Trusted Computing concepts. Secure boot is at the heart of most security solutions and secure storage is fundamental for application-level security: it ensures that the integrity of software is verified before accessing stored data. Our paper aims at complementing existing system security patterns by presenting the common patterns underlying the different realizations of secure boot and secure storage.
[1]
Carsten Rudolph,et al.
Facilitating the Use of TPM Technologies through S&D Patterns
,
2007,
18th International Workshop on Database and Expert Systems Applications (DEXA 2007).
[2]
William A. Arbaugh,et al.
A secure and reliable bootstrap architecture
,
1997,
Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).
[3]
Peter Sommerlad,et al.
Security Patterns: Integrating Security and Systems Engineering
,
2006
.
[4]
Martin S. Olivier,et al.
Patlet for Digital Forensics First Responders
,
2007
.
[5]
Dietmar Schütz.
Boot Loader
,
2006,
EuroPLoP.
[6]
Ahmad-Reza Sadeghi,et al.
Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels
,
2009,
TRUST.