New NIST Guidelines To Protect Computer At Start Up
@smriti-ZtAJsx
•
Oct 13, 2024
Oct 13, 2024
998
National Institute of Standards and Technology has issued a new draft providing guidance for vendors and security professionals to protect personal computers at start up. This allows the users to secure their BIOS and check for any malicious modifications that might pose a threat to the security of the system. This publication is the second in a series of BIOS documents, after BIOS Protection Guidelines (NIST SP 800-147) was released in April 2011.
#-Link-Snipped-#
When a computer is turned on, the first code that is run by the PC is BIOS or Basic Input/Output System. BIOS is a built in software that initializes and identifies system devices and hardware. Since it interacts directly with the hardware, it is a low level software, hence making its authenticity all the more important. Any unauthorized changes in the BIOS could be part of a sophisticated, targeted attack on an organization, giving the attacker a straight access to organization's systems, causing disturbance. This calls for a proper security measure to monitor the integrity of the BIOS.
The BIOS Integrity Measurement Guidelines (NIST Special Publication 800-155) allows a way to determine if the BIOS has been modified and explains how to report any such modifications. The SP 800-155 provides hardware and software vendors guidelines so as to develop products that will support BIOS security mechanisms. The detection mechanisms in SP 800-155 are in accordance with the protection mechanisms which were outlined in SP 800-147 offering greater authority on the security of the BIOS.
NIST has also requested comments on draft #-Link-Snipped-# by January 20, 2012.
Source: #-Link-Snipped-#Â Image Credit: #-Link-Snipped-#
#-Link-Snipped-#
When a computer is turned on, the first code that is run by the PC is BIOS or Basic Input/Output System. BIOS is a built in software that initializes and identifies system devices and hardware. Since it interacts directly with the hardware, it is a low level software, hence making its authenticity all the more important. Any unauthorized changes in the BIOS could be part of a sophisticated, targeted attack on an organization, giving the attacker a straight access to organization's systems, causing disturbance. This calls for a proper security measure to monitor the integrity of the BIOS.
The BIOS Integrity Measurement Guidelines (NIST Special Publication 800-155) allows a way to determine if the BIOS has been modified and explains how to report any such modifications. The SP 800-155 provides hardware and software vendors guidelines so as to develop products that will support BIOS security mechanisms. The detection mechanisms in SP 800-155 are in accordance with the protection mechanisms which were outlined in SP 800-147 offering greater authority on the security of the BIOS.
NIST has also requested comments on draft #-Link-Snipped-# by January 20, 2012.
Source: #-Link-Snipped-#Â Image Credit: #-Link-Snipped-#