CH07 Supply Chain Management Flashcards
What is a due diligence in terms of Supply Chain Assessment?
Due diligence - A legal principle identifying a subject has used best practice or reasonable care when setting up, configuring, and maintaining a system
- You need to ensure that their cybersecurity program is properly resourced.
- You also want to make sure that they have security assurance and risk management processes and programs in place. And by doing this, this will help make sure that they have a valid organization and a way of doing due diligence with themselves.
- You also need to look at the product support lifecycle.
- Do they have the proper security controls in place for confidential data?
- If things go wrong, will they be there to help you? Do they have incident response and forensics assistance?
- General and historical company information. Will they be around after certain number of years?
What is Trusted Foundry ?
A microprocessor manufacturing utility that is part of a validated supply chain (one where hardware and software does not deviate from its documented function)
Trusted Foundry Program is operated by the Department of Defense (DoD)
What is Hardware Source Authenticity ?
The process of ensuring that hardware is procured tamper-free from trustworthy suppliers
What is ROT ?
ROT = Hardware Root of Trust
▪ A cryptographic module embedded within a computer system that can endorse trusted execution and attest to boot settings and metrics
▪ A hardware root of trust is used to scan the boot metrics and OS files to verify their signatures, which we can then use to sign a digital report
It is a digital certificate embedded inside your processor or inside your firmware
What is TPM ?
TPM = Trusted Platform Module
The most common root of trust is TPM.
▪ A specification for hardware-based storage of digital certificates, keys, hashed passwords, and other user and platform identification information
▪ TPM is also used for full disk encryption, so if you’re using something like BitLocker in Windows it uses TPM and that key inside of TPM to make sure that data is secure.
▪ A TPM can be managed in Windows via the tpm.msc console or through group policy
What is HSM ?
HSM = Hardware Security Module
An appliance for generating and storing cryptographic keys that is less susceptible to tampering and insider threats than software-based storage. These are automated so they cannot be tampered by human.
What is Anti-Tamper?
Anti-Tamper = Methods that make it difficult for an attacker to alter the authorized execution of software
What are 2 Anti-tamper mechanisms ?
▪ field programmable gate array (FPGA)
▪ physically unclonable function (PUF)
When somebody tries to tamper with the system, these things will zero out your cryptographic key, which then can automatically wipe out the information.
What is UEFI?
UEFI = Unified Extensible Firmware Interface
It is a type of system firmware providing support for 64-bit CPU operation at boot, full GUI and mouse operation at boot, and better boot security
What is Secure Boot ?
A UEFI feature that prevents unwanted processes from executing during the boot operation
As a computer is booting up, it’s going to check things and make sure that there’s digital signatures installed from those operating system vendors. It makes sure that the bootloader is only loading things that are valid and not loading malware.
What is Measured Boot ?
A UEFI feature that gathers secure metrics to validate the boot process in an attestation report
As you’re booting up, it’s going to be taking different measurements, how much time does it take for you to do different tasks and creates a report and then attest to it.
What is Attestation ?
A claim that the data presented in the report is valid by digitally signing it using the TPM’s private key
What is eFUSE ?
A means for software or firmware to permanently alter the state of a transistor on a computer chip.
eFuse is an electronic fuse that uses one-time programming that’s used to seal these cryptographic keys and other security information during the formal development process. If somebody tries to mess with that, it will actually blow that fuse, making that product, that firmware no longer valid or trusted.
What are Trusted Firmware Updates ?
A firmware update that is digitally signed by the vendor and trusted by the system before installation
What are Self-Encrypting Drives ?
A disk drive where the controller can automatically encrypt data that is written to it
