These articles discuss methods for securing the TFTP server for authorized users and preventing access to the TFTP server.
Trivial file transfer protocol (TFTP) provides basic file transfer with no user authentication. TFTP works with either Bootstrap Protocol (BOOTP) or Dynamic Host Configuration Protocol (DHCP).
The client connects initially to either the BOOTP server or the DHCP server. The BOOTP server or the DHCP server replies with the client’s IP address and the name of the load file. The client then initiates a TFTP request to the server for the load file. When the client completes downloading of the load file, it ends the TFTP session.