Supply chain assessment Flashcards
Trusted foundry
A microprocessor manufacturing utility that is part of a validated supply chain (Where hardware and software does what the documentation says it does), this is operated by the DoD
Hardware Source Authenticity
The process of ensuring that hardware is procured tamper-free from trustworthy suppliers
ROT
Hardware root of trust: Used to scan the boot metrics and OS files to verify their signatures
TPM
Trusted Platform Module: Specification for hardware-based storage of certificates, keys, hashed passwords etc.
UEFI
Unified Extensible Firmware Interface: A type of firmware that provides support for 64-bit CPU operation at boot
Secure Boot
UEFI feature that prevents unwanted processes from executing
during the boot operation
Measured Boot
UEFI feature that gathers secure metrics to validate the boot
process in an attestation report
Attestation
claim that the data presented in the report is valid by digitally
signing it using the TPM’s private key
eFUSE
means for software or firmware to permanently alter the state
of a transistor on a computer chip
Self encrypting drives
disk drive where the controller can automatically encrypt data
that is written to it
Secure processing
A mechanism for ensuring the confidentiality, integrity, and availability of
software code and data as it is executed in volatile memory
SME
Secure memory encryption
SEV
Secure encrypted virtualization
TXT
Trusted execution technology
SGX
Software guard extensions
