gptkbp:instanceOf
|
computer security technology
|
gptkbp:auditedBy
|
security researchers
|
gptkbp:block
|
unsigned operating systems
|
gptkbp:canBe
|
gptkb:Microsoft_Windows_certification
corporate security policies
malicious firmware updates
system administrator
|
gptkbp:canBeBypassedBy
|
exploiting firmware vulnerabilities
|
gptkbp:canBeDisabled
|
yes
BIOS/UEFI setup utility
|
gptkbp:canBeManagedBy
|
OEMs
IT departments
|
gptkbp:canBeResetBy
|
clearing keys in firmware setup
|
gptkbp:canCauseIssuesWith
|
custom Linux kernels
unsigned drivers
|
gptkbp:compatibleWith
|
legacy BIOS systems
|
gptkbp:criticizedFor
|
potential to restrict user freedom
|
gptkbp:documentedIn
|
gptkb:UEFI_Specification
|
gptkbp:enables
|
chain of trust at boot
|
gptkbp:enforcedBy
|
UEFI firmware
digital signature verification
|
https://www.w3.org/2000/01/rdf-schema#label
|
UEFI Secure Boot
|
gptkbp:introduced
|
gptkb:UEFI_Forum
|
gptkbp:notableRelease
|
firmware updates
|
gptkbp:partOf
|
UEFI specification
|
gptkbp:prevention
|
bootkits
rootkits
unauthorized OS loaders
|
gptkbp:purpose
|
prevent unauthorized code execution during boot
|
gptkbp:relatedTo
|
gptkb:Measured_Boot
Secure Boot keys
Trusted Platform Module
|
gptkbp:replacedBy
|
legacy BIOS boot security
|
gptkbp:requires
|
certificate management
UEFI firmware
signed bootloaders
|
gptkbp:standardizedBy
|
gptkb:UEFI_Specification_2.3.1
|
gptkbp:supportedBy
|
gptkb:Windows_8
gptkb:macOS
gptkb:Microsoft_Windows
gptkb:Linux_distributions
|
gptkbp:usedIn
|
modern computers
|
gptkbp:uses
|
gptkb:Forbidden_Signature_Database_(dbx)
gptkb:Key_Exchange_Key_(KEK)
gptkb:Signature_Database_(db)
Platform Key (PK)
|
gptkbp:vulnerableTo
|
key compromise
|
gptkbp:bfsParent
|
gptkb:Windows_8
|
gptkbp:bfsLayer
|
5
|