Here is how integritysetup from the cryptsetup package in Linux works. A user provides an authentication key to the OS when reading or writing data to a file system. When reading, the OS only returns a data block if it was written with the same key as it is being read. Hence the same key is used when writing and reading.
Authentication for email allows different keys for writing and reading. The secret key from a key pair is used for writing (signing), and the public key from the same key pair is used for reading (verifying a signature). I'm imagining that a key pair may be used for file system authentication too.
Such an authentication may be useful for the OS file system on a multi-user computer. Only the system administrator has the secret key, so only the system administrator can install or update the software on the computer. Every user has the public key, so every user can verify that the software isn't a trojan. The system administrator is not needed to start the computer.
AFAIK, Linux doesn't provide such authentication. I wonder does any OS provides such authentication? Full-disk authentication is okay too.
