verified boot

E203896

Verified boot is a security mechanism that ensures a device only runs software that is cryptographically validated as trusted and unmodified during the startup process.

All labels observed (6)

Label Occurrences
Android Verified Boot 2
Direct Boot 2
Secure Boot 2

How this entity was disambiguated

Statements (49)

Predicate Object
instanceOf boot integrity mechanism
secure boot process
security mechanism
aimsTo detect unauthorized modifications to boot components
enforce integrity of the software stack from power-on
benefits overall platform security
resistance to persistent compromise
canBeImplementedBy verified boot self-linksurface differs
surface form: Android Verified Boot

UEFI
surface form: UEFI secure boot
canInclude rollback protection
verification of system partitions
version checks for boot components
ensures bootloader integrity
kernel integrity
operating system integrity at boot
software loaded during boot is cryptographically validated
hasPurpose ensure device only runs trusted software at startup
prevent execution of tampered software during boot
protect system integrity from early-boot malware
involves chain of trust
measured boot data
root of trust
verification of each stage of the boot process
isRelatedTo firmware security
measured boot
secure boot
trusted computing
trusted platform module
isUsedIn IoT devices
consumer electronics
embedded systems
enterprise devices
mobile operating systems
mayStoreKeysIn Trusted Platform Module 2.0
surface form: TPM

hardware-backed keystore
secure element
operatesDuring device startup process
system boot sequence
prevents booting if critical components are not verified
execution of untrusted boot components
persistent rootkits from loading at startup
reliesOn immutable root of trust in hardware or firmware
trusted keys stored in secure storage
requires verification of bootloader code
verification of critical system files at boot
verification of kernel image
uses cryptographic signatures
hash functions
public key cryptography

How these facts were elicited

Referenced by (9)

Full triples — surface form annotated when it differs from this entity's canonical label.

ChromiumOS securityFeature verified boot
Titan M security chip integratesWith verified boot
subject surface form: Titan M
this entity surface form: Android Verified Boot 2.0
NetBSD supportsSecurityFeature verified boot
this entity surface form: veriexec
verified boot canBeImplementedBy verified boot self-linksurface differs
this entity surface form: Android Verified Boot
BitLocker (device encryption variant) requires verified boot
this entity surface form: Secure Boot
UEFI securityFeature verified boot
this entity surface form: Secure Boot
Pixel security architecture includes verified boot
this entity surface form: Android Verified Boot
Android N feature verified boot
this entity surface form: Direct Boot
Android N securityEnhancement verified boot
this entity surface form: Direct Boot