« Summary of the Amazon EC2 and Amazon RDS Service Disruption in the US East Region | Main | NIST Full Virtualization Technologies: Guidelines For Secure Implementation And Management »

2011.05.03

NIST SP800-147, BIOS Protection Guidelines

 こんにちは、丸山満彦です。NISTがBIOS保護のガイドラインを出していますね。。。
=====
This document provides guidelines for preventing the unauthorized modification of Basic Input/Output System (BIOS) firmware on PC client systems. Unauthorized modification of BIOS firmware by malicious software constitutes a significant threat because of the BIOS’s unique and privileged position within the PC architecture. A malicious BIOS modification could be part of a sophisticated, targeted attack on an organization —either a permanent denial of service (if the BIOS is corrupted) or a persistent malware presence (if the BIOS is implanted with malware). This guide provides platform vendors with recommendations and guidelines for a secure BIOS update process. Additionally, it provides recommended best practices that are tightly coupled with the security guidelines for platform vendors.
=====
 ということですね。。。

 
■NIST
・2011.04.28 NIST Special Publication 800-147

=====
Table of Contents

Executive Summary
1. Introduction
 1.1 Authority
 1.2 Purpose and Scope
 1.3 Audience
 1.4 Document Structure
2. Background
 2.1 System BIOS
 2.2 Role of System BIOS in the Boot Process
  2.2.1 Conventional BIOS Boot Process
  2.2.2 UEFI Boot Process
 2.3 Updating the System BIOS
 2.4 Importance of BIOS Integrity
 2.5 Threats to the System BIOS
3. Threat Mitigation
 3.1 Security Guidelines for System BIOS Implementations
  3.1.1 BIOS Update Authentication
  3.1.2 Secure Local Update
  3.1.3 Integrity Protection
  3.1.4 Non-Bypassability
 3.2 Recommended Practices for BIOS Management

List of Appendices

 Appendix A— Summary of Guidelines for System BIOS Implementations
 Appendix B— Glossary
 Appendix C— Acronyms and Abbreviations
 Appendix D— References
=====

|

« Summary of the Amazon EC2 and Amazon RDS Service Disruption in the US East Region | Main | NIST Full Virtualization Technologies: Guidelines For Secure Implementation And Management »

Comments

Post a comment



(Not displayed with comment.)




TrackBack

TrackBack URL for this entry:
http://app.cocolog-nifty.com/t/trackback/64462/51565132

Listed below are links to weblogs that reference NIST SP800-147, BIOS Protection Guidelines:

« Summary of the Amazon EC2 and Amazon RDS Service Disruption in the US East Region | Main | NIST Full Virtualization Technologies: Guidelines For Secure Implementation And Management »