VaultBoot: Remote Attestation as a Service

HardenedVault wrote that VaultBoot was introduced in a previous article of Cyber ​​Fortress as an important component of “next-generation” firmware security, focusing on firmware security, trusted computing, and a firmware payload executive for advanced defense, and its design can play on the coreboot platform. The most excellent protection effect. Recently, Cyber ​​Fortress released a new version of VaultBoot , and the security protection capabilities in all aspects have been improved to a certain extent. There are two new features that people pay the most attention to: remote certification and support for arm64 hardware architecture . What is Remote proof? Simply put, it is to perform an important business (such as financial settlement, key distribution, key system startup, etc.) to prove to the server that the execution status of the current computing node is in line with expectations. Cyberfortress gives an example, For example, the full-disk encryption can be decrypted only after the computing node startup process is completed . This is just a use case for remote certification. Readers can use your limited imagination to bring trusted computing to more fields. For example, the new version of VaultBoot supports arm64. That means there is good news for industrial IoT devices.

This article is reprinted from: https://www.solidot.org/story?sid=71956
This site is for inclusion only, and the copyright belongs to the original author.

Leave a Comment