Patterns for Secure Boot and Secure Storage in Computer Systems

RuhR-University Bochum System Security Lab

Patterns for Secure Boot and Secure
Storage in Computer Systems

Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

Horst Görtz Institute for IT Security
Ruhr-University Bochum
Germany

SPattern '10 (co-located with ARES 2010)
4th International Workshop on Secure Systems Methodologies Using Patterns
Krakow, Poland, 18 February 2010


Motivating Example
● Password wallet for web authentication
Client PC
Web Server

passwords

Marcel Winandy Patterns for Secure Boot and Secure Storage (SPattern '10) Krakow, 2010-02-18 2


Motivating Example
Client PC
Web Server

How do you know that your trusted
system has started?
passwords



Motivating Example
Client PC
Web Server

system has started?
passwords
How do you ensure that only your
wallet application can access the
stored passwords?


Secure Boot Pattern



Context
● Users want to be sure about operational
integrity of applications and OS
● Unauthorized changes may lead to security
violation
● Users trust the hardware
– But need to verify integrity status of loaded software
● Users can be local or remote



Problem
● Software can be manipulated or exchanged
● Malware can register itself within any stage of
the boot process
● Forces:
– You want to ensure integrity of loaded software
– You want the computer to always boot in a well-
defined secure state
– You want to allow modifications of the system
(e.g. updates, additional software)



Solution
● Chain of trust
– Each boot stage verifies integrity of next stage
● using cryptographically secure methods
(hash functions, digital signature)
– Only if check ok, control is transferred to next stage
otherwise: system is halted
● Root of trust
– Whole process depends on integrity of first module
– First module therefore protected by hardware
● Including the integrity verification data (hashs, keys)



Solution
● Structure:



Variants
● Authenticated Boot
– Does not halt if integrity verification fails
– But allows (remote) party to verify the system state
– Integrity measurement results are recorded
securely for later inspection
(e.g. in protected hardware registers)
– Trusted (hardware) module vouches for stored
results (e.g. via digital signature)



Consequences
● Benefits:
– Software integrity state is verified at boot time
– System starts only if integrity is OK
– Authenticated boot: more flexible, check later
● Liabilities:
– Setup/update of integrity verification data securely
– Specific mechanisms needed for software updates
– Integrity checks are only load-time, not runtime
– Adds complexity and overhead



Known Uses
● Cell BE processor Sony PlayStation3

● Trusted Platform Module (TPM) PCs, Laptops

(Authenticated Boot)

● Open Mobile Terminal Platform (OMTP) specs
Mobile phones
(Abstract definition, different implementations)


Secure Storage Pattern



Context
● Provide storage that protects confidentiality and
integrity of stored data for software applications
● Grant software to access the clear data only if
the software has not been tampered with
● Hardware is trusted



Problem
● Cryptographic methods protect confidentiality
and integrity (encryption, digital signatures)
● But software that has access to the keys could
be manipulated
● Forces:
– You need to protect confidentiality/integrity of data
– You need to protect secret keys from unauthorized
access and usage
– You want to allow modifications/updates of software



Solution



Consequences
● Benefits:
– Software can access protected data only if integrity
verification of the software has succeeded
– Data can be protected such that only authorized
software (OS and applications) can access it
● Liabilities:
– Backup strategy needed (hardware failures result in
data loss because of hardware-protected keys)
– Software updates more difficult (mechanism
needed for updating integrity verification data)
– Adds complexity and overhead



Known Uses
● Cell BE processor Sony PlayStation3

● Trusted Platform Module (TPM) PCs, Laptops

● Open Mobile Terminal Platform (OMTP) specs
Mobile phones
(Abstract definition, different implementations)


Conclusion



Example Resolved
Client PC
Web Server

system has started?
passwords
stored passwords?



Example Resolved
Client PC
Web Server

Secure Boot
system has started?
passwords
stored passwords?



Example Resolved
Client PC
Web Server

Secure Boot
system has started?
passwords
Secure Storage
stored passwords?



Summary and Conclusion
● Secure Boot describes how to start a system in
known secure state (or how to verify it later)
● Secure Storage describes how to bind the
access to data to the integrity state of software
(and protect data even when system is offline)
● Both are fundamental concepts of trusted
computing
● Valuable addition to OS security patterns



Summary and Conclusion
● Secure Boot describes how to start a system in
known secure state (or how to verify it later)
● Secure Storage describes how to bind the
access to data to the integrity state of software
(and protect data even when system is offline)
Questions?
● Both are fundamental concepts of trusted
computing
● Valuable addition to OS security patterns

Marcel Winandy
Ruhr-University Bochum
marcel.winandy@trust.rub.de


BACKUP



Related Patterns
● Secure Boot:
– Boot Loader
● Emphasis on error correction; no root of trust
– Authenticator
● Creates proof of identity of subjects; no chain of trust



Related Patterns
● Secure Storage:
– needs Secure Boot
– needs Controlled Virtual Address Space
● Providing process isolation
– Information Obscurity
● Encryption, hide encryption keys in protected location
– Controlled Execution Environment
● Control access to protected resources; only runtime
– Reference Monitor
● Access control enforcement; no offline enforcement


Patterns for Secure Boot and Secure Storage in Computer Systems

More Related Content

Similar to Patterns for Secure Boot and Secure Storage in Computer Systems (20)

More from Marcel Winandy (11)

Patterns for Secure Boot and Secure Storage in Computer Systems