Remote provisioning and authenticated writes to secure storage devices

What is claimed is: 1. At least one non-transitory machine-readable storage medium, comprising computer-executable instructions carried on the machine-readable medium, the instructions readable by a hardware processor, the instructions, when read and executed, for causing the hardware processor to: provision one or more read-only areas of a storage device; provision a candidate copy area of the storage device; secure access to the read-only areas of the storage device; determine that an attempted write to one of the read-only areas has been made; copy contents of the attempted write to the candidate copy area; verify a signature of data to be written to the read-only area using a unique key associated with the read-only area; and in response to verifying the signature of the data to be written to the read-only area using the unique key associated with the read-only area, copy the contents from the candidate copy area to the read-only area. 2. The non-transitory machine-readable storage medium of claim 1 , wherein the candidate area is as large as a largest of the read-only areas. 3. The non-transitory machine-readable storage medium of claim 1 , further comprising instructions for causing the hardware processor to: provision one or more key storage areas in which to store the unique keys associated with the one or more read-only areas. 4. The non-transitory machine-readable storage medium of claim 1 , further comprising instructions for causing the hardware processor to: provision the read-only areas of the storage device is performed during a boot process of the storage device; and upon provisioning the read-only areas, block further provisioning based upon a blocking instruction from an entity specifying the provisioning. 5. The non-transitory machine-readable storage medium of claim 1 , further comprising instructions for causing the hardware processor to: determine an attempted provisioning of a read-only area of the storage device; create and send a certificate-verification packet including a nonce of the storage device; receive a verification response to the certificate-verification packet; determine that the verification response identifies the source of the attempted provisioning; and verify the verification response based upon the nonce of the storage device. 6. The non-transitory machine-readable storage medium of claim 1 , further comprising instructions for causing the hardware processor to: after provisioning the read-only areas of the storage device, determine an attempted provisioning of a read-only area of the storage device; and verify data to be written based upon a validation using a key contained within the provisioning data. 7. The non-transitory machine-readable storage medium of claim 1 , further comprising instructions for causing the hardware processor to: determine that a second attempted write to one of the read-only areas has been made; copy contents of the second attempted write to the candidate copy area; compare a security version of a second payload to be written with a security version of a corresponding read-only area; verify the second attempted write by determining that the security version of the payload is greater or equal to the security version of the corresponding read-only area; and based on a verification of the second attempted write, copy the contents from the candidate copy area to the read-only area. 8. A system for securing electronic devices, comprising: a storage device including at least one non-transitory machine-readable storage medium; a hardware processor coupled to the storage device and configured to: provision one or more read-only areas of the storage device; provision a candidate copy area of the storage device; secure access to the read-only areas of the storage device; determine that an attempted write to one of the read-only areas has been made; copy contents of the attempted write to the candidate copy area; verify a signature of data to be written to the read-only area using a unique key associated with the read-only area; and in response to verifying the signature of the data to be written to the read-only area using the unique key associated with the read-only area, copy the contents from the candidate copy area to the read-only area. 9. The system of claim 8 , wherein the candidate area is as large as a largest of the read-only areas. 10. The system of claim 8 , wherein the hardware processor is further configured to: provision one or more key storage areas in which to store the unique keys associated with the one or more read-only areas. 11. The system of claim 8 , wherein the hardware processor is further configured to: provision the read-only areas of the storage device is performed during a boot process of the storage device; and upon provisioning the read-only areas, block further provisioning based upon a blocking instruction from an entity specifying the provisioning. 12. The system of claim 8 , wherein the hardware processor is further configured to: determine an attempted provisioning of a read-only area of the storage device; create and send a certificate-verification packet including a nonce of the storage device; receive a verification response to the certificate-verification packet; determine that the verification response identifies the source of the attempted provisioning; and verify the verification response based upon the nonce of the storage device. 13. The system of claim 8 , wherein the hardware processor is further configured to: after provisioning the read-only areas of the storage device, determine an attempted provisioning of a read-only area of the storage device; and verify data to be written based upon a validation using a key contained within the provisioning data. 14. The system of claim 8 , wherein the hardware processor is further configured to: determine that a second attempted write to one of the read-only areas has been made; copy contents of the second attempted write to the candidate copy area; compare a security version of a second payload to be written with a security version of a corresponding read-only area; verify the second attempted write by determining that the security version of the payload is greater or equal to the security version of the corresponding read-only area; and based on a verification of the second attempted write, copy the contents from the candidate copy area to the read-only area. 15. A method of electronic device security, comprising: provisioning one or more read-only areas of the storage device using a hardware processor; provisioning a candidate copy area of the storage device; securing access to the read-only areas of the storage device; determining that an attempted write to one of the read-only areas has been made; copying contents of the attempted write to the candidate copy area; verifying a signature of data to be written to the read-only area using a unique key associated with the read-only area; and in response to verifying the signature of the data to be written to the read-only area using the unique key associated with the read-only area, copying the contents from the candidate copy area to the read-only area. 16. The method of claim 15 , further comprising: provisioning one or more key storage areas in which to store the unique keys associated with the one or more read-only areas. 17. The method of claim 15 , further comprising: provisioning the read-only areas of the storage device is performed during a boot process of the storage devi