![]() ![]() After the device is powered on, the signature databases are each checked against the platform signing key (PK).Here are the steps taken by UEFI Secure Boot: This key can be used to sign updates to the KEK or to disable UEFI Secure Boot. Once these databases are created and added to the device, the OEM locks the firmware from editing, and generates a platform signing key (PK). Key Enrollment Key database (KEK): Contains a list of signing keys that can be used to update the signature and revoked signature databases. Revoked Signature Database (dbx): This lists the signers or image hashes of operating system loaders, UEFI applications and UEFI drivers that are no longer trusted, and are NOT allowed to be loaded on the device Signature Database (db): This lists the signers or image hashes of operating system loaders, UEFI applications, and UEFI drivers that are allowed to be loaded on the device These databases are stored on the firmware nonvolatile RAM (NV-RAM) of the device. These databases include the Signature database (db), Revoked Signature database (dbx), and the Key Enrollment Key database (KEK). Secure Boot reduces the risk of pre-boot malware attacks to the device, such as rootkits.Īs the OEM, you need to store the UEFI Secure Boot databases on the IoT device at manufacture time. This feature prevents unknown code from being executed on the platform and potentially weakening the security posture of it. It restricts the system to only allow execution of binaries signed by a specified authority, such as firmware drivers, option ROMs, UEFI drivers or applications, and UEFI boot loaders. UEFI Secure Boot is the first policy enforcement point, and is located in UEFI. These firmware boot loaders are SoC-specific, so you will need to work with the appropriate device manufacturer to have these boot loaders created on the device. The UEFI environment is then loaded and control is handed over. When the device is first powered on, the first step in the overall boot process is to load and run firmware boot loaders, which initialize the hardware on the devies and provide emergency flashing functionality. ![]() ![]() In order to lockdown a Windows IoT device, the following considerations must be made. Unified Extensible Firmware Interface (UEFI) Secure BootĪdditional information on the Windows 10 boot process can be found here.There are three main areas that occur from when an IoT device is powered on, all the way through to the OS kernel loading and execution of installed application. Boot OrderĪn understanding of the boot order on a Windows 10 IoT Core device is needed before we can delve into the individual components that provide a secure platform for the IoT device. Together, these features provide the optimal protection that ensures that a platform will launch in a defined way, while locking out unknown binaries and protecting user data through the use of device encryption. These will assist device builders in creating fully locked down Windows IoT devices that are resilient to many different types of attacks. Windows 10 IoT Core includes security feature offerings such as UEFI Secure Boot, BitLocker Device Encryption and Device Guard. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |