# Hardware Security
Hardware security protege los dispositivos y sus datos contra la manipulación y la fuga, aplicando secure boot, trusted execution, protected key storage y robustas protecciones físicas.
Hardware security abarca un espectro de tecnologías y prácticas para defender el hardware del dispositivo y sus datos contra amenazas. Las áreas clave incluyen:
1) Secure Boot: asegura que el sistema arranque solo firmware confiable estableciendo una root of trust que se extiende desde el hardware, firmware y software.
2) Trusted Execution Environments (TEEs): aíslan código y datos sensibles, reduciendo la exposición a OS o apps comprometidos.
3) Hardware Security Modules (HSMs) y Secure Elements: proporcionan protected key storage resistente a la manipulación y operaciones criptográficas aceleradas.
4) Cryptographic Techniques: gestión de claves robusta, hardware-based key storage, generación de bits aleatorios, medidas anti-tamper, algorithm agility y secure attestation.
5) Physical Security: sellos tamper-evident, shielding, encapsulaciones a prueba de fallos y protecciones ambientales.
6) Firmware y Supply Chain Security: secure boot chains, firmware firmado, actualizaciones seguras y auditoría de la supply chain.
7) Threat Modeling, Verification, y Compliance: evaluaciones de riesgo formales, pruebas (FIPS 140-3, CC) y gobernanza continua.
8) Operational Practices: control de acceso estricto, rotación y destrucción de claves, respuesta a incidentes y auditabilidad.
graph LR
Center["# Hardware Security"]:::main
Rel_operating_system_security["operating-system-security"]:::related -.-> Center
click Rel_operating_system_security "/terms/operating-system-security"
Rel_iot_security["iot-security"]:::related -.-> Center
click Rel_iot_security "/terms/iot-security"
Rel_security_automation["security-automation"]:::related -.-> Center
click Rel_security_automation "/terms/security-automation"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧒 Explícalo como si tuviera 5 años
Generated ELI5 content
🤓 Expert Deep Dive
Generated expert content
❓ Preguntas frecuentes
What is hardware security?
Hardware security is the practice of protecting devices and the data they process from threats through a combination of hardware-based protections and secure software practices.
What are Secure Boot and TEEs?
Secure Boot establishes a chain of trust during startup, while TEEs provide isolated environments for sensitive computations and data.
Why are physical protections necessary?
Physical protections prevent tampering, environmental damage, and unauthorized access to embedded keys and secrets.
How are keys protected in hardware?
Keys are stored in tamper-resistant storage such as HSMs/secure elements and are used through controlled cryptographic operations.