Back to glossary

Secure Boot

A security standard that ensures a device boots using only software that is trusted by the Original Equipment Manufacturer (OEM).

Categorysecurity

Overview

Secure Boot is a feature of the UEFI (Unified Extensible Firmware Interface) that prevents unauthorized operating systems and malware (like rootkits) from loading during the startup process. It works by verifying the digital signature of each piece of boot software.

How it Works

  1. The UEFI firmware checks the signature of the bootloader against a list of trusted certificates stored in the hardware.
  2. If the signature is valid, the bootloader is executed.
  3. The bootloader then verifies the signature of the OS kernel, and the process continues until the full system is loaded.

Importance

Secure Boot protects the system from 'bootkits' and other low-level malware that can subvert the security of the operating system before it even starts.

Related Terms

UEFI SecurityFirmware Security