In recent years, enterprises and consumers have become increasingly aware of, and concerned about, the state of security of their computing devices and systems. These concerns have been magnified in view of reports of government agencies installing backdoor components that allow surreptitious access onto computing devices after the devices have left their manufacturers. In view of these and other concerns, device manufacturers may wish to provide some form of guarantee or assurance to their customers that the computing devices they sell are secure. For example, a manufacturer may attempt to secure its devices by limiting the same (using, e.g., various software and/or hardware-based security components) to only booting images and/or executing applications that have been digitally signed by the manufacturer.
However, to ensure industry compatibility and/or to reduce development costs, manufacturers often incorporate various free or open-source software components (including operating systems, such as LINUX and FREEBSD) into their devices. Unfortunately, free or open-source software components are often governed by software licenses (such as the GNU GENERAL PUBLIC LICENSE (GPL)) that require that manufacturers allow end users to freely replace or otherwise modify the software components governed by these licenses. This requirement is often at odds with a manufacturer's desire to secure devices that run software governed by these types of licenses, effectively precluding the manufacturer from limiting its devices to only booting images and/or executing applications that have been digitally signed by the manufacturer. The present document, therefore, identifies and addresses a need for improved systems and methods for securing devices that must comply with the restrictions of free or open-source software licenses.