Chapter 7- Supply Chain Management Flashcards
A legal principal identifying a subject has used best practice or responsible care when setting up, configuring, and maintaining a system
Due Diligence
A microprocessor manufacturing utility that is part of a validated supply chain (one where hardware and software does not deviate from its documented function.
Trusted Foundry
The process of ensuring that hardware is produced tamper-free from trustworthy suppliers
Hardware Source Authenticity
A cryptographic module embedded within a computer system that can endorse trusted execution and attest to boot settings and metrics.
Hardware Rood of Trust (ROT)
A specification for hardware-based storage of digital certificates, keys, hashed passwords, and other user and platform identification information.
Trusted Platform Module (TPM)
An appliance for generating and storing cryptographic keys that is less susceptible to tampering and insider threats than software-based storage.
Hardware Security Module (HSM)
Methods that make it difficult for an attacker to alter the authorized execution of software.
Anti-Tamper
FPGA
Field Programmable Gate Array
PUF
Physically Unclonable Function
Gives an attacker an opportunity to run any code at the highest level of CPU privilege.
Firmware Exploit
A type of system firmware providing support for 64-bit CPU operation at boot, full GUI and mouse operation at boot, full GUI and mouse operation at boot, and better boot security.
Unified Extensible Firmware Interface (UEFI)
A UEFI feature that prevents unwanted processes from executing during the boot operation.
Secure Boot
A UEFI feature that gathers secure metrics to validate the boot process in an attestation report.
Measured Boot
A claim that the data presented in the report is valid by digitally signing it using the TPM”s private key.
Attestation
A means for software of firmware to permanently alter the state of a transistor on a computer chip.
eFUSE