Implementing and Using the UEFI Key Management Service (KMS)

The UEFI specification has had the Key Management Service (KMS) protocol definition since version 2.3.1 and provides services to generate, store, retrieve, and manage cryptographic keys. As normal, the specification provides just the definition for the service and the underlying implementation can vary. There are several implementation options to implement the KMS protocol. A simple implementation is to build it on top of something already in the system such as a TPM. The most practical implementation requires interfacing with a Key Management Interoperability Protocol (KMIP) Server over a secure network connection. This presentation will cover the high-level interactions between a UEFI firmware and a KMIP server to implement the UEFI KMS protocol and several real use cases of the KMS protocol in modern systems.

Learn more about the UEFI Forum: https://uefi.org/​
Presentation slides: https://bit.ly/2KfbnFr​

Follow the UEFI Forum
Twitter: https://twitter.com/UEFIForum​
LinkedIn: https://www.linkedin.com/company/uefi-forum

Тэги:

#UEFI_Forum #UEFI #ACPI #Firmware #Unified_Extensible_Firmware_Interface #Secure_Boot

Скачать видео