Browse > Article
http://dx.doi.org/10.5392/JKCA.2020.20.02.015

Analysis on Development Methodology of Modern Secure boot: Focusing on Platform Environment  

Kim, Jin-Woo (충남대학교 컴퓨터공학과)
Lee, Sang-Gil (충남대학교 컴퓨터공학과)
Lee, Jeong-Guk (충남대학교 컴퓨터공학과)
Lee, Sang-Han (ETRI부설연구소)
Shin, Dong-Woo (ETRI부설연구소)
Lee, Cheol-Hoon (충남대학교 컴퓨터공학과)
Publication Information
The Journal of the Korea Contents Association / v.20, no.2, 2020 , pp. 15-26 More about this Journal
Abstract
Secure boot is security technology that verifies the integrity of the computer system in boot stage and controls the boot process accordingly. The computer system can establish a secure execution environment from the threat of various malwares by security boot and also supports the recovery when system in emergency case. Recently, Secure boot has been adopted by various modern computer manufacturers to protect users' information from hacker attacks and to prevent abuse of their products by malicious users. In this paper, we classify security boot developed by various companies and organizations by platform, and analyze the design and development purpose of each security boot and investigate the limitation of design. It can be used as a reference for system security designers in various information of security boot development method and security design of system.
Keywords
System Security; Platform Security; Secure Boot; Embedded System; Security Requirements;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 A. Matrosov, Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats, No Starch Press, 2019.
2 M. Sabt, M. Achemlal, and A. Bouabdallah, "Trusted Execution Environment: What It is, and What It is Not," 2015 IEEE Trustcom/BigDataSE/ISPA, pp.57-64, 2015.
3 G. Bowen and W. Ozuem, Computer-Mediated Marketing Strategies: Social Media and Online Brand Communities, IGI Global, 2014.
4 J. P. John, A. Moshchuk, S. D. Gribble, and A. Krishnamurthy, "Studying spamming botnets using Botlab," Proceedings of the 6th USENIX symposium on Networked systems design and implementation, pp.291-306, 2009.
5 https://www.microsoft.com/security/blog/2017/06/27/new-ransomware-old-techniques-petya-adds-worm-capabilities/
6 C. Wressnegger, F. Yamaguchi, D. Arp, and K. Rieck, "Comprehensive Analysis and Detection of Flash-Based Malware," Proceedings of the 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp.101-121, 2016.
7 https://encyclopedia.kaspersky.com/glossary/bootkit/
8 https://encyclopedia.kaspersky.com/glossary/rootkit/
9 W. A. Arbaugh, D. J. Farber, and J. M. Smith, "A secure and reliable bootstrap architecture," Proceedings, 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097), pp.65-71, 1997.
10 UEFI, Unified Extensible Firmware Interface Specification Version 2.3.1 Errata C, UEFI Forum, 2012.
11 https://techcommunity.microsoft.com/t5/Windows-Hardware-Certification/Microsoft-UEFICA-Signing-policy-updates/ba-p/364828
12 https://www.welivesecurity.com/2018/09/27/lojax-first-uefi-rootkit-found-wild-courtesy-sednit-group/
13 V. Bashun, A. Sergeev, V. Minchenkov, and A. Yakovlev, "Too young to be secure: Analysis of UEFI threats and vulnerabilities," 2013 14th Conference of Open Innovations Association, pp.16-24, 2013.
14 https://docs.microsoft.com/ko-kr/windows-hardware/drivers/install/early-launch-antimalware
15 https://docs.microsoft.com/ko-kr/windows-hardware/drivers/install/elam-driver-requirements
16 https://docs.microsoft.com/ko-kr/windows/security/threat-protection/intelligence/virus-initiative-criteria
17 Apple, Apple T2 Security Chip, Apple Inc., 2018.
18 https://www.slashgear.com/apple-t2-chip-confirmed-to-have-kill-switch-for-diy-repairs-12553488/
19 https://appleinsider.com/articles/19/04/09/apples-t2-chip-makes-a-giant-difference-in-video-encoding-for-most-users
20 https://en.wikipedia.org/wiki/GNU_GRUB
21 https://docs.fedoraproject.org/en-US/Fedora/18/html/UEFI_Secure_Boot_Guide/sect-UEFI_Secure_Boot_Guide-Implementation_of_UEFI_Secure_Boot-Shim.html
22 Apple, iOS Security: iOS 12.3, Apple Inc., 2019.
23 https://source.android.com/security/verifiedboot
24 ARM, ARM Security Technology: Building a Secure System using Trustzone(R) Technology, ARM Limited., 2009.
25 https://lwn.net/Articles/447381/
26 https://www.wired.com/story/ios-jailbreak-new/
27 https://source.android.com/devices/architecture
28 Xilinx, Zynq-7000 SoC Technical Reference Manual, Xilinx, 2018.
29 Samsung Research America, Whitepaper: Samsung Knox Security Solution, Samsung Electronics, 2017.
30 https://android-developers.googleblog.com/2014/07/knox-contribution-to-android.html
31 E. Peterson, Secure Boot of Zynq-7000 SoC(XAPP1175), Xilinx, 2019.
32 https://github.com/Project-Olympus
33 B. Kelly, Project Cerberus Security Architecture Overview Specification, Open Compute Project, 2017.
34 고재용, 이상길, 김진우, 이철훈, "IoT 보안 요구사항 및 보안 운영체제 기반 기술 분석," 한국콘텐츠학회논문지, 제18권, 제4호, pp.164-177, 2018.   DOI
35 https://news.joins.com/article/23472884