{"title":"Hardware protection of UEFI-firmware and NVRAM of the computer with Resident Security Component","authors":"Aleksandr V. Bolodurin, Andrey A. Altuhov","doi":"10.26583/bit.2022.4.07","DOIUrl":null,"url":null,"abstract":". The issue of protecting the firmware and the memory area for storing variables (NVRAM - Non Volatile Random Access Memory) of the UEFI (Unified Extensible Firmware Interface) system are discussed in the paper. The research methodology is a deduction. The problem of trusted computer loading, in particular, the proprietarity of the UEFI stage, is relevant in the field of computer security. For an introduction to the context and subject field, the components and environment of the UEFI system, attack vectors on the system, the consequences of successful attacks for the user and built-in security tools are briefly described. The advantages and disadvantages of using two memory areas with different access modes as a way to protect critical UEFI system data are considered. As a memory area with a configurable access policy, it is proposed to use the hardware implementation of the resident security component (HRSC). Finally, the functionality of the HRSC and the applicability of this solution for","PeriodicalId":278246,"journal":{"name":"Bezopasnost informacionnyh tehnology","volume":"70 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Bezopasnost informacionnyh tehnology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.26583/bit.2022.4.07","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
. The issue of protecting the firmware and the memory area for storing variables (NVRAM - Non Volatile Random Access Memory) of the UEFI (Unified Extensible Firmware Interface) system are discussed in the paper. The research methodology is a deduction. The problem of trusted computer loading, in particular, the proprietarity of the UEFI stage, is relevant in the field of computer security. For an introduction to the context and subject field, the components and environment of the UEFI system, attack vectors on the system, the consequences of successful attacks for the user and built-in security tools are briefly described. The advantages and disadvantages of using two memory areas with different access modes as a way to protect critical UEFI system data are considered. As a memory area with a configurable access policy, it is proposed to use the hardware implementation of the resident security component (HRSC). Finally, the functionality of the HRSC and the applicability of this solution for
。本文讨论了UEFI(统一可扩展固件接口)系统中固件和存储变量的存储区域(NVRAM - Non - Volatile Random Access memory)的保护问题。研究方法是一种演绎法。可信计算机加载的问题,特别是UEFI阶段的专有性,是与计算机安全领域相关的问题。对于背景和主题领域的介绍,简要描述了UEFI系统的组件和环境,系统上的攻击向量,成功攻击对用户和内置安全工具的后果。考虑了使用具有不同访问模式的两个存储区域作为保护关键UEFI系统数据的方法的优点和缺点。作为一个具有可配置访问策略的存储区域,建议使用驻留安全组件(HRSC)的硬件实现。最后,介绍了HRSC的功能和该解决方案的适用性
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
