Subscribe free to our newsletters via your
. 24/7 Space News .

Build safety into the very beginning of the computer system
by Staff Writers
Washington DC (SPX) May 16, 2011

File image.

A new publication from the National Institute of Standards and Technology (NIST) provides guidelines to secure the earliest stages of the computer boot process. Commonly known as the Basic Input/Output System (BIOS), this fundamental system firmware-computer code built into hardware-initializes the hardware when you switch on the computer before starting the operating system. BIOS security is a new area of focus for NIST computer security scientists.

"By building security into the firmware, you establish the foundation for a secure system," said Andrew Regenscheid, one of the authors of BIOS Protection Guidelines (NIST Special Publication 800-147). Without appropriate protections, attackers could disable systems or hide malicious software by modifying the BIOS. This guide is focused on reducing the risk of unauthorized changes to the BIOS.

Designed to assist computer manufacturers writing BIOS code, SP 800-147 provides guidelines for building features into the BIOS that help protect it from being modified or corrupted by attackers.

Manufacturers routinely update system firmware to fix bugs, patch vulnerabilities and support new hardware. SP 800-147 calls for using cryptographic "digital signatures" to authenticate the BIOS updates before installation based on NIST's current cryptographic guidelines. The publication is available just as computer manufacturers are beginning to deploy a new generation of BIOS firmware.

"We believe computer manufacturers are ready to implement these guidelines and we hope to see them in products soon," said Regenscheid.

The publication also suggests management best practices that are tightly coupled with the security guidelines for manufacturers. These practices will help computer administrators take advantage of the BIOS protection features as they become available.

BIOS Protection Guidelines, NIST SP 800-147


Related Links
National Institute of Standards and Technology (NIST)
Cyberwar - Internet Security News - Systems and Policy Issues

Comment on this article via your Facebook, Yahoo, AOL, Hotmail login.

Share this article via these popular social media networks DiggDigg RedditReddit GoogleGoogle

Memory Foam Mattress Review
Newsletters :: SpaceDaily :: SpaceWar :: TerraDaily :: Energy Daily
XML Feeds :: Space News :: Earth News :: War News :: Solar Energy News

White House to unveil cybersecurity strategy
Washington (AFP) May 13, 2011
The White House plans to unveil its policy proposals next week for international cooperation in cyberspace. The White House said Friday that it plans to release a policy document - "US International Strategy for Cyberspace" - at an event on Monday. "This first-of-its-kind policy document offers our comprehensive vision for the future of international cooperation in cyberspace," the Wh ... read more

A Wrinkly Old Reveal Clues To Its Past

MoonBots Challenges Teams to Conduct Lunar Missions with LEGO Robots

Earth's Nearest Neighbor Within Reach

Space Adventures proposes modified Soyuz TMA for Lunar tourists

Opportunity Cracks The 18-Mile Mark

Mars Science Laboratory Aeroshell Delivered To Launch Site

Mars Express Sees Deep Fractures on Mars

Opportunity Images Small Craters

Heaven is a 'fairy story': Hawking

Putting the Common Housefly onto the dinner plate

JPL Facility has Built Famed Spacecraft for 50 Years

Texas Space Alliance Celebrates New Space "Tourism" Law

Top Chinese scientists honored with naming of minor planets

China sees smooth preparation for launch of unmanned module

China to attempt first space rendezvous

Countdown begins for Chineses space station program

The Sabatier System: Producing Water on the ISS

Andrews Space Delivers Cargo Module Power Unit for Orbital's Cygnus Spacecraft

ISS orbit to be readjusted for Soyuz TMA-20 return

Soyuz is in the launch zone at Europe's Spaceport

Another Ariane 5 begins its assembly at the Spaceport

ST-2's installation on SYLDA marks the start of final payload integration for Ariane 5's next mission

Arianespace to launch ABS-2 in 2013

GSAT-8 put through its paces

Flipping Hot Jupiters

What a scorcher: 'Hot Jupiter' puzzle explained

An Earth as Dense as Lead

Astronomers unveil portrait of 'super-exotic super-Earth'

Video gaming teens sleep less: study

DAICHI (ALOS) Operations Completed

Making strong, tough metallic glass cheaply

Lessening the Dangers of Radiation

The content herein, unless otherwise known to be public domain, are Copyright 1995-2014 - Space Media Network. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA Portal Reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement,agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement