Professional Documents
Culture Documents
Schwa Be Row Bios
Schwa Be Row Bios
The BIOS
computer interface code that locates and loads the operating system into RAM. It provides low-level communication, operation and configuration to the hardware of a system, which at a minimum drives the keyboard and provides primitive output to a display -Wikipedia
PXE Support built in Used to select OS, no more boot loaders Operating System is sandboxed so all networking and memory management handled by EFI
Other features
Disk & Partition headers written twice
Protection against bad blocks & viruses OS verifies these headers are the same
TrustedCore
Phoenix Technologies
TrustedCore
The Phoenix TrustedCore family is an example of what Phoenix and Microsoft refer to as an entirely new category, Core System Software. Core System Software is pre-OS software that incorporates all the legacy functionality of BIOS while providing an additional element for secure storage of encrypted private keys within a users computer. In addition, TrustedCore allows for digitally signed firmware updating to preempt hostile attacks at the core of the device, and a built-in root of trust that can be leveraged for native x86 device authentication on both enterprise and service provider networks.
TrustedCore
Uses Windows CryptoAPI to
Ensure FlashBIOS updates are correctly signed and not modified Authenticate connected devices managed within Active Directory to networks and network applications Work with and authenticate Pre-OS Applications (recovery, anti-virus, etc) Securely store certificates for Microsoft applications and infrastructure
Integrates EFI
Youve put secure OS development back on the map I just want to play with the hardware! Still viewed (incorrectly) by some as DRM on a chip
Takeaways: There are some very valuable things in NGSCB Nervousness about possible implications of the NGSCB design Dialog is very important for any cutting edge technology
Contains at least one RSA private key (along with the accompanying digital certificate for the key) and one AES symmetric key