Software Signing Certificate Reputation Model
First Claim
Patent Images
1. A computer-implemented method for using a computer system of a certificate authority to digitally sign software, the method comprising:
- receiving a request from a software developer to digitally sign software included in the request;
accessing a security policy associated with the software developer, the security policy describing criteria for valid requests by the software developer;
determining whether the request is valid based at least in part on the security policy;
digitally signing the software responsive to the determination indicating that the request is valid; and
providing the digitally-signed software to the software developer.
2 Assignments
0 Petitions
Accused Products
Abstract
A request from a software developer is received to digitally sign software included in the request. A security policy associated with the software developer is accessed where the security policy describes criteria for valid request by the software developer. A determination is made whether the request is valid based at least in part on the security policy. The software is digitally signed responsive to the determination indicating that the request is valid. The digitally signed software is provided to the software developer.
40 Citations
20 Claims
-
1. A computer-implemented method for using a computer system of a certificate authority to digitally sign software, the method comprising:
-
receiving a request from a software developer to digitally sign software included in the request; accessing a security policy associated with the software developer, the security policy describing criteria for valid requests by the software developer; determining whether the request is valid based at least in part on the security policy; digitally signing the software responsive to the determination indicating that the request is valid; and providing the digitally-signed software to the software developer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer program product comprising a non-transitory computer-readable storage medium storing computer-executable code, the code when executed by a computer processor performs steps comprising:
-
receiving a request from a software developer to digitally sign software included in the request; accessing a security policy associated with the software developer, the security policy describing criteria for valid requests by the software developer; determining whether the request is valid based at least in part on the security policy; digitally signing the software responsive to the determination indicating that the request is valid; and providing the digitally-signed software to the software developer. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A computer system of a certificate authority to digitally sign software, the system comprising:
-
a computer processor; and a non-transitory computer readable storage medium storing computer program modules configured to execute on the computer processor, the computer program modules comprising; a signing request module configured to receive a request from a software developer to digitally sign software included in the request; a request verification module configured to; access a security policy associated with the software developer, the security policy describing criteria for valid requests by the software developer; determine whether the request is valid based at least in part on the security policy; and a software signing module configured to; digitally sign the software responsive to the determination indicating that the request is valid; and provide the digitally-signed software to the software developer. - View Dependent Claims (17, 18, 19, 20)
-
Specification