Patterns for Secure Boot and Secure Storage in Computer Systems

This is a paper I wrote together with Hans Löhr and Ahmad-Reza Sadeghi. It was presented at the SPattern 2010 workshop, co-located to the ARES 2010 conference. This paper describes two fundamental concepts of trusted computing in terms of security patterns, namely the Secure Boot pattern and the Secure Storage pattern. Although security patterns exist for operating system security, access control, and authentication, there have not been any on trusted computing particularly (to the best of our knowledge). Secure boot is at the heart of most security solutions and secure storage is fundamental for application-level security: it ensures that the integrity of software is verified before accessing stored data. Our paper aims at complementing existing system security patterns by presenting the common patterns underlying the different realizations of secure boot and secure storage.

[Paper] [Slides]