Understanding the UEFI Secure Boot Chain
Understanding the UEFI Secure Boot Chain
Understanding the UEFI Secure Boot Chain
Understanding the UEFI Secure Boot Chain
Understanding UEFI Secure Boot Chain
Executive Summary
Overview
Secure Boot Chain in UEFI
Additional Secure Boot Chain Implementations
Looking Forward – Platform Firmware Resiliency
Glossary
References
Figures
Powered by GitBook

Glossary

ACM – Authenticated Code Module. See Intel® Boot Guard.

AC-RAM - RAM Authenticated Code RAM

IBB – Initial Boot Block. See Intel® Boot Guard.

OBB – OEM Boot Block. See Intel® Boot Guard.

CDI – Constrained Data Item. See Clark-Wilson.

UDI – Unconstrained Data Item. See Clark-Wilson.

TP – Transformation Procedure. See Clark-Wilson.

IVP – Integrity Verification Procedure. See Clark-Wilson.

CR – Certification Rule. See Clark-Wilson.

ER – Enforcement Rule. See Clark-Wilson.

OEM – Original Equipment Manufacturer

ODM – Original Design Manufacturer

IBV – Independent BIOS Vendor

IFV – Independent Firmware Vendor

IHV – Independent Hardware Vendor

ISV – Independent Silicon Vendor

OSV – Operating System Vendor

TCB – Trust Computing Base

RoT – Root of Trust

RTU – Root of Trust for Update

RTD – Root of Trust for Detection

RTRec – Root of Trust for Recovery

DICE - Device Identifier Composition Engine

PFR – Platform Firmware Resilience

MMIO – Memory Mapped I/O.

PI – Platform Initialization. Volume 1-5 of the UEFI PI specifications.

SMM – System Management Mode.

UEFI – Unified Extensible Firmware Interface. Firmware interface between the platform and the operating system. Defined by the UEFI Forum (uefi,org).

Previous
Other Platform Firmware Resiliency (PFR) Implementations
Next
References
Last updated 10 months ago
Edit on GitHub