Scribd Logo
Upload

Welcome to Scribd!

  • 19 views

    Trusted PC Overall Architecture: Operating System Secured Bios

    Uploaded by

    Tuan Lam
    The document describes the Trusted PC architecture which uses a Trusted Platform Module (TPM) security chip to securely store information and attest to the integrity of the hardware and BIOS. The BIOS is made secure through TPM measurements of any changes, an encrypted bootloader, and a BIOS password. The secured BIOS architecture utilizes UEFI and a graphical user interface to display operating system options while protecting the system through lower level drivers and initialization.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Trusted PC Overall Architecture: Operating System Secured Bios

    Uploaded by

    Tuan Lam
    19 views5 pages
    The document describes the Trusted PC architecture which uses a Trusted Platform Module (TPM) security chip to securely store information and attest to the integrity of the hardware and BIOS. The BIOS is made secure through TPM measurements of any changes, an encrypted bootloader, and a BIOS password. The secured BIOS architecture utilizes UEFI and a graphical user interface to display operating system options while protecting the system through lower level drivers and initialization.

    Original Description:

    PC made in Vietnam

    Original Title

    PC Made In VN

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document describes the Trusted PC architecture which uses a Trusted Platform Module (TPM) security chip to securely store information and attest to the integrity of the hardware and BIOS. The BIOS is made secure through TPM measurements of any changes, an encrypted bootloader, and a BIOS password. The secured BIOS architecture utilizes UEFI and a graphical user interface to display operating system options while protecting the system through lower level drivers and initialization.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    19 views5 pages

    Trusted PC Overall Architecture: Operating System Secured Bios

    Uploaded by

    Tuan Lam
    The document describes the Trusted PC architecture which uses a Trusted Platform Module (TPM) security chip to securely store information and attest to the integrity of the hardware and BIOS. The BIOS is made secure through TPM measurements of any changes, an encrypted bootloader, and a BIOS password. The secured BIOS architecture utilizes UEFI and a graphical user interface to display operating system options while protecting the system through lower level drivers and initialization.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 5

    Trusted PC Overall architecture

    Trusted PC

    Secured Operating
    BIOS System

    TPM PC Hardware

    TPM (Trusted Platform Module): Security chip (Infineon SLB 9670)

    1
    Secure Features using TPM

    Secure storage of information

    Secured PCR extension


    TPM
    BIOS
    Attestation

    PCR extension: Create hash value of all measurement values


    Attestation: Proof of intact and trustworthy of HW and BIOS

    2
    How to make BIOS securely?

    • Use TPM to detect any change on BIOS binary or


    Hardware based on PCR extension and attestation
    • Use encrypted Bootloader to protect against attack
    • BIOS password to avoid unallowed start

    3
    Secured BIOS architecture
    OS BIOS GUI
    OS Selection

    Boot loader BDS

    UEFI Core
    UEFI shell PEI/DXE Found.

    System table Protocols


    Platform
    Initialization Secured Library UEFI services

    Silicon
    Initialization Additional
    Additional ACPI Configuration
    SecDriver HardwareDriver
    Driver
    Code Hardware table

    TPM Hardware
    Hardware

    4
    BIOS Graphical User Interface

    • Display
    available OS
    • Option menu

    You might also like