Secure boot
Secure Boot is a process to ensure that your PC boots using only software that is trusted by the PC manufacturer. Secure Boot isn't exclusive to Microsoft and is defined in UEFI specification documents, though Microsoft does have specific requirements defined in the links included below.
When the PC starts, the firmware checks the signature of each piece of boot software, including firmware drivers (Option ROMs) and the operating system. If the signatures are good, the PC boots, and the firmware gives control to the operating system.
Secure Boot is required for Windows operating systems; Windows 8, 8.1, and 10, and is also part of UEFI Specification docs. For more information, see section 27.1 Secure Boot in the UEFI specification document for additional information.
For more information regarding Windows requirements for Secure boot, see System.Fundamentals.Firmware.UEFISecureBoot in WHCP-Systems-Specification-1607 (ZIP download).
Related resources
Hardware Security Testability Specification
Windows Hardware Compatibility Program Specifications and Policies
WHCP-Systems-Specification-1607 (ZIP download)
Secured Boot and Measured Boot: Hardening Early Boot Components Against Malware
Windows 8.1 Secure Boot Key Creation and Management Guidance