Patterns for Secure Boot and Secure Storage in Computer Systems

This is a paper I wrote together with Hans Löhr and Ahmad-Reza Sadeghi. It was presented at the SPattern 2010 workshop, co-located to the ARES 2010 conference. This paper describes two fundamental concepts of trusted computing in terms of security patterns, namely the Secure Boot pattern and the Secure Storage pattern. Although security patterns exist for operating system security, access control, and authentication, there have not been any on trusted computing particularly (to the best of our knowledge). Secure boot is at the heart of most security solutions and secure storage is fundamental for application-level security: it ensures that the integrity of software is verified before accessing stored data. Our paper aims at complementing existing system security patterns by presenting the common patterns underlying the different realizations of secure boot and secure storage.

[Paper] [Slides]


A Pattern for Secure Graphical User Interface Systems

This is a paper I wrote together with Thomas Fischer and Ahmad-Reza Sadeghi. It was presented at SPattern 2009 workshop in Linz. Several aspects of secure operating systems have been analyzed and described as security patterns. However, previous patterns do not cover explicitly the secure interaction of users with the user interface of applications. A secure user interface system has to provide a trusted path between the user and the application the user intends to use. The trusted path must be able to ensure integrity and confidentiality of the transmitted data, and must allow for the verification of the authenticity of the end points. Our paper presents a pattern for secure graphical user interface systems and evaluates its use in different implementations. This pattern shows how to fulfill the security requirements of a trusted path while preserving, in a policy-driven way, the flexibility that graphical user interfaces generally demand.

The central idea is to mediate all user input/output through a Secure User Interface (SUI) system, and to separate the content drawn by applications from what is actually displayed on the screen. The SUI controls solely the graphics rendering hardware and the input events from the user input devices (typically, keyboard and mouse). The picture shows the participating elements.

[Paper] [Slides]