E.3.10 Establish a root of trust

Control Details

Objective

Provide the foundation for secure operations of a computing system

Definition

Roots of trust (RoT) are highly-reliable hardware, firmware, and software components that perform specific, critical security functions, such as storing the keys used for cryptographic functions and enabling a secure boot process. Many RoT are implemented in hardware so that malware cannot tamper with the functions they provide. The RoT is established from an offline source.

Assessment Questions

1. Describe your root of trust for performing specific, critical security functions such as storing keys for cryptographic functions or enabling secure boot. How are these implemented?

Reference sources

1. CNCF-SSC BP-SA: Follow best practices for establishing a root of trust from an offline source