{"description": "Secure Boot is a protocol that enables a safe and trusted path during the Linux boot process.\nIt verifies that the code the firmware loads on a motherboard is the code\nthat the user intends for the computer to load.\n\nSecure Boot is part of the Unified Extensible Firmware Interface (UEFI). The protocol\ndefines a process that prevents the loading of unsigned drivers, boot loaders, or\nkernel modules (or those with unacceptable digital signatures). When Secure Boot\nis enabled, system boot loaders, the Red Hat Enterprise Linux kernel, and all\nkernel modules must be cryptographically signed with a private key.\nThis allows them to be authenticated with the corresponding public key.", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": {}, "rules": ["secure_boot_enabled"], "platform": "machine", "platforms": ["machine"], "inherited_platforms": [], "cpe_platform_names": ["machine"], "title": "Secure boot configuration", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/secureboot/group.yml"}