By: James Tomasetta
In today’s increasingly connected world, the need for security is no longer just for communicating over the Internet, but is also needed to ensure that the user’s personal computer is free from malicious code. In order to secure the user’s local computer, a root of trust needs to be established, starting from the manufacturer of the hardware and continuing through the firmware and into the installed software. The key components in securing this root of trust are a fixed or secured boot loader that is inherently trusted by the system and is used to start the authentication sequence, which can be implemented using many existing hardware security chips on the market, such as the ATSHA204 from Atmel. The second key piece needed is a secure key vault used to store the keys used to sign different pieces of code loaded on the system back to their developers. Once the code has been verified the boot ROM will start executing code and continue to repeat these steps until the system is fully booted. Once the root of trust has been established for the system, the user can ensure that none of the code running on the system has been modified.