As more and more computing devices are being used in people's daily life, security has become a widespread concern for users and content providers. Viruses, worms, Trojan horses, identity theft, software and media content piracy, and extortion using threats of data destruction are rampant. Usually, these attacks involve installing and executing malicious software codes to expose access to device resources that would otherwise be private to the system, the content provider, the user or an application.
An operating system may provide some security features to guard against such attacks. However, the security features of an operating system often fail to keep up with new attacks occurring on a daily basis. Moreover, when booting a computing device, security features may not yet be initialized and are vulnerable to bypass and/or tampering.
To reduce the possibility of system exploits, a secure boot system may be employed to require a signature verification for each production software image. Such a code audit measure, however, may not be completely bullet proof as the number of codes involved is usually very large and continues to increase.
Therefore, current security measures do not deliver a robust solution to protect applications and content inside a computing device, while at the same time providing the flexibility to update the software and or firmware for the device.