Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Code Signing Channel Presentation

    Încărcat de

    thanga_sharmi
    72 vizualizări9 pagini
    code signing and channel presentation

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PPT, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    code signing and channel presentation

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PPT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    72 vizualizări9 pagini

    Code Signing Channel Presentation

    Încărcat de

    thanga_sharmi
    code signing and channel presentation

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PPT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 9

    Authentication. Security. Trust.

    Code Signing
    Distributing trustworthy software over
    the Internet
    GlobalSign. A GMO Internet Inc group company.

    Contents
    As operating system and browser vendors move towards higher
    security models and lock down capabilities on unknown code, it is
    increasingly important for developers and end users to identify
    legitimate applications from the masses of badware.
    What is Code Signing?
    The Benefits of Code Signing
    Supported Platforms
    Buyer Considerations
    Why choose GlobalSign?
    Adding Code Signing to your Portfolio

    Authentication. Security. Trust.

    www.globalsign.com

    What is Code Signing?


    Code Signing is the virtual equivalent of shrink-wrapping CD-based
    software for distribution.
    Software developers digitally sign code or software distributed over the
    Internet using X.509 v3 digital certificates marked for the specific use of
    digitally signing code.
    The digital certificate binds the identity of a
    person or entity to a public key which is related
    to a corresponding private key. The private key
    is used to apply a digital signature to a
    shortened version of the code which is run
    through a hashing algorithm. The public key is
    used to verify the signature.
    Signing the hash of the code with an algorithm
    like SHA-1 provides a method to validate if the
    code has changed in any way since signature.

    Authentication. Security. Trust.

    Digital Certificate marked for Code


    Signing
    (Code Signing Certificate)

    www.globalsign.com

    The Benefits of Code Signing


    Code Signing using a trusted third party prevents:

    Users abandoning the installation of an application that is not easily identified as genuine.
    Malicious alteration of legitimate code.
    Identity theft or damage to reputation of vendor or code author.

    The end user knows the digitally signed software being executed is legitimate, comes
    from a known software vendor and has not been tampered with since being
    published.

    Unsigned code
    The end user is presented with a
    warning message that may cause
    them to abandon the install.

    Signed code
    The code has been digitally signed
    by a certificate from a trusted
    Certification Authority. The end
    user is presented with the
    publishers identity.

    By digitally signing code, the software vendor enhances customer confidence,


    increasing the number of downloads.

    Authentication. Security. Trust.

    www.globalsign.com

    Supported Platforms
    Different platforms have different requirements and options
    available for digitally signing code. GlobalSigns Code Signing
    Certificates support:
    Microsoft Authenticode
    Windows ActiveX controls can be
    signed via Authenticode (32 bit and
    64 bit .exe, .ocx, .dll or other) and
    Kernel software for Windows.
    Windows 7 compatible.

    Microsoft Office & VBA


    Digitally sign Microsoft Office
    macros and Visual Basic
    Applications (VBA) to avoid
    Unknown Publisher macro
    warnings.

    GlobalSign is one of the select Certificate


    Authorities enabled by Microsoft to allow
    Windows Kernel 64 bit code signing.

    Adobe AIR applications


    Adobe AIR only allows digitally
    signed applications to be run.
    Java
    JAR applet files can be signed to
    allow apps access to client-side
    resources.

    Authentication. Security. Trust.

    Apple Mac applications


    Code Signing was introduced by
    Apple in MacOS 9 onwards.

    Mozilla & Netscape Objects


    Digitally sign Mozilla and legacy
    Netscape Object files to enable
    activation in Mozilla browsers.

    www.globalsign.com

    Buyer Considerations
    There are several elements to consider when choosing the right
    Code Signing Certificate to sign your application.
    Ubiquity
    Public rooted Code Signing Certificates, as opposed to self-signed certificates, will
    allow users to verify the authenticity of the publisher and origin of the software, as
    well as ensuring that the code has not been tampered with.

    Timestamping services
    Timestamping ensures that the signature on your application remains valid after the
    certificate has expired.

    Price and value


    Am I getting good value for the experience, support and functionality?

    Trust
    A good reputation and credibility of the Authority can inspire additional downloads of
    your application.

    Support for individuals and commercial software publishers


    Many Authorities only support commercial software publishers and not individuals.

    Authentication. Security. Trust.

    www.globalsign.com

    Why choose GlobalSign?


    The benefits of signing code with a GlobalSign Code Signing
    Certificate
    Removes the "Unknown Publisher" popup in Operating Systems and
    browsers.
    Full timestamping service included free of charge timestamping code
    ensures the signature does not expire.
    Allows an unlimited number of applications to be signed within the
    lifespan of the certificate.
    Supports all developer platforms.
    Offers multi-year savings - plus multi-year avoids having to renew
    annually.
    Offers a risk free refund.
    Comes with a $100,000 Warranty - underwritten Liability program.
    Multi-Language Tech Support - access to expert technical support staff
    via email and telephone.
    Issued by an organization thats been a WebTrust Accredited Certification
    www.globalsign.com

    Authentication. Security. Trust.

    Adding Code Signing to your


    Portfolio
    Adding Code Signing to your value chain

    Code Signing is the ideal value-add product for VARs looking to complement
    core services and existing portfolios, opening up a new revenue stream and ensuring
    customer satisfaction.

    Security

    Partner Program
    GlobalSign has developed specialist partner programs to allow you to resell Digital Certificates cost-effectively and hassle-free.
    Partners receive instant discounts and the GlobalSign SaaS web portal makes the application of certificates quick and easy. A flexible XML API
    can also allow the process to be fully automated and integrated into your own workflows.
    The whole range of GlobalSign Digital Certificate Solutions can be resold using the GlobalSign Partner account, including:

    Code Signing Certificates


    SSL Certificates

    Authentication. Security. Trust.

    Email encryption (S/MIME Digital IDs)


    Adobe Certified Document Services (CDS)
    Digital IDs
    www.globalsign.com

    Reselling Code Signing Certificates


    Talk to GlobalSign today about adding Code Signing
    Certificates to your portfolio.
    Learn more about our Partner Program at:
    http://www.globalsign.com/partners/
    Read White Paper.
    http://www.globalsign.com/resources/......

    Authentication. Security. Trust.

    www.globalsign.com

    S-ar putea să vă placă și