RidgeRun Platform Security Manual/Platform Security/Secure Boot: Difference between revisions

RidgeRun Platform Security Manual/Platform Security/Secure Boot (view source)

93 bytes added , Thursday at 19:29

1,937

edits

❯

@@ Line 67: / Line 67: @@
 * BOOTAA64.efi: Typically used as part of the boot process when the device is trying to boot from removable media like a USB drive or an SD Card
-These are the codes that are authenticated after they are loaded and before its execution. They have to be correctly signed to be executed. Like the general Secure Boot process, the keys have to be kept securely stored. And unlike the general Secure Boot process, the UEFI secure boot authentication is effective unless there is a physical access to the SoC to reflash it with the UEFI secure boot process disabled. The two boot code authentication ways could be a good combination, rather than two independent ways to secure the SoC as mentioned before.
+These are the codes that are authenticated after they are loaded and before their execution. They have to be correctly signed to be executed. Like the general Secure Boot process, the keys must be stored securely. Unlike the general Secure Boot process, the UEFI secure boot authentication is effective unless there is physical access to the SoC to reflash it, with the UEFI secure boot process disabled. As mentioned before, the two boot code authentication methods could be a good combination, rather than two independent ways to secure the SoC.
-<br>
+<be>
+{{review|there is no clarity if we can use both together or if they are mutually exclusive|lleon}}
 === Example: NXP ===