Secure Boot Encryption with Linux Implementation for Embedded Developers
-
- Englisch ausgewählt
46,99 €
inkl. gesetzl. MwSt.,
Lieferung nach Hause
Beschreibung
Produktdetails
Einband
Taschenbuch
Erscheinungsdatum
15.07.2026
Abbildungen
XXV, 19 illus., schwarz-weiss Illustrationen
Verlag
ApressSeitenzahl
236
Maße (L/B)
23,5/15,5 cm
Gewicht
400 g
Sprache
Englisch
EAN
9798868828171
Secure Boot Encryption with Linux serves as a quick guide to building and maintaining a secure, embedded Linux system by establishing a verifiable Chain-of-Trust from the moment power is applied until the first user space application takes control. It meticulously breaks down what the Secure Boot implementation is, and critically, what it is not by providing the technical knowledge necessary to guard against sophisticated bootkits and unauthorized code execution.
We begin by dissecting the Linux Cryptographic Subsystem and the core mechanism for secret protection: the Linux Key-Management Facility (Keyring). It provides an in-depth, practical guide to implementing Trusted Keys and Encrypted Keys, detailing how these secrets are secured by tying them to specialized hardware like the Trusted Platform Module (TPM). This unique focus ensures that critical encryption and signing keys are never exposed to user spaces, neutralizing the impact of successful root-level exploits. Next, we explore the implementation of a full Secure Boot Chain-of-Trust. Readers will learn how the Chain-of-Trust works from the initial pre-bootloader (e.g., U-Boot SPL or the Arm Trusted Firmware), through the main bootloader, up to the kernel and the root filesystem. This process guarantees that only code signed by a trusted authority is executed, providing unparalleled protection against firmware injection and persistent bootkits. We finish by looking at a blue print for Secure System Lifecycle Management, integrating the kernel's key-management with Transparent Encryption (dm-crypt) for the root filesystem and detailing the procedures for maintaining security over time.
By focusing on root-proof key management and end-to-end integrity enforcement, this pocket guide is essential reading for developers and security architects who need to build resilient Linux products that meet the highest standards of modern cybersecurity.
You Will Learn:
- How to implement and manage cryptographic secrets using the Linux Key-Management Facility (Keyring)
- Understand how to use the Linux Crypto API for secure hashing, signing, and encryption operations
- How to establish an unbreakable Chain-of-Trust that verifies the integrity and authenticity of every system component, from the initial hardware Root-of-Trust and the pre-bootloader to the final Linux kernel load.
- How to achieve Transparent Full Disk Encryption by integrating the secure Keyring with key technologies for data confidentiality for OS and Kernel levels
This Book is for:
Experienced embedded Linux developers and security architects
Noch keine Bewertungen vorhanden
Verfassen Sie die erste Bewertung zu diesem Artikel
Helfen Sie anderen Kundinnen und Kunden durch Ihre Meinung.
Kurze Frage zu unserer Seite
Vielen Dank für dein Feedback
Wir nutzen dein Feedback, um unsere Produktseiten zu verbessern. Bitte habe Verständnis, dass wir dir keine Rückmeldung geben können. Falls du Kontakt mit uns aufnehmen möchtest, kannst du dich aber gerne an unseren Kund*innenservice wenden.
zum Kundenservice