FOR FASTER ANSWERS, CHECK THESE LINKS BEFORE YOU EMAIL US:

Authors/Publishers

How Smashwords works
- Where are my ebooks?
How to format ebooks
- Smashwords Style Guide
- Troubleshooting
Problem uploading
ISBNs
Distributing via Smashwords
Earnings & payment schedules

Readers

Received an email from us, or wondering if something changed at Smashwords?
Check our 'Site Updates' for the latest news.

Have a question not already answered in the links at left or on our FAQ? Ask it below.

Your E-mail:
Subject:

Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build

By Slava Gomzin

Booklet for developers and security professionals on how to implement code obfuscation, .NET strong name signing, and Authenticode code signing in order to protect applications deployment. The guide contains detailed description of different code signing implementation options from basic software to sophisticated hardware solution.

Topics include: reasons to implement code obfuscation and signing, obfuscation and strong name signing dependencies, description of Authenticode signing process, singing certificates and certificate authorities, signing certificate private key storage: hardware vs. software, three ways to implement code signing, and more (Article: ~4,460 words).

Table of Contents includes:
1. Introduction
Several Reasons to Implement Code Obfuscation and Signing
Additional Benefits of Strong Name Signing
Additional Benefits of Authenticode Signing
2. Code Obfuscation and Strong Name Signing
Code Obfuscation Tools
Obfuscation Project and Strong Name Signing
Obfuscation and Strong Name Signing from Command Line
3. Authenticode Code Signing
Code Signing
Digital Signatures
How Code Signing Works
Authenticode
Code Signing Certificate
X.509 Standard
Obtaining Code Signing Certificate
Signing Certificate Pricing
Code Signing Certificate Storage: Hardware vs. Software
Time Stamping
Certificate Validity (Expiration Date)
4. Implementing Authenticode Signing
Code Signing Process à la Microsoft
Code Signing Implementation Options: Advantages, Disadvantages, Costs
Option 1: “Full Hardware”
Option 2: “Basic Software”
Option 3: “Combined Software/Hardware”
5. Tips on Implementing “Combined Software/Hardware” Option
Requirements to Signing Application
6. Tips on Implementing “Basic Software” Option
Installing Code Signing Certificate on Signing Server
SignTool
Installing SignTool
Using SignTool
5. Testing
Testing Obfuscation
Testing Strong Name Signatures
Testing Authenticode Signatures
6. Resources
Tools and Products
Authenticode Certificates Offered by Public Certificate Authorities
Online Authenticode Timestamping Services
Standards
Articles
Books
About the Author

Slava Gomzin, CISSP, ECSP, Security+ has more than 15 years of professional experience in software development and application security. He is Security Architect at Retalix USA.

Available ebook formats: epub mobi pdf html

First 20% Sample: epub mobi (Kindle) Online Reader

Price: $4.99 USD

Buy Add to Library Give as a Gift

How gifting works

Create Widget

Category: Nonfiction » Computers & Internet » Security / cryptography
Category: Nonfiction » Computers & Internet » Software development & engineering / general
Published: April 22, 2012
Words: 4,840
Language: English
ISBN: 9781476313184

Tags: security software development application security obfuscation code signing authenticode digital signatures code signing certificate

About Slava Gomzin

Slava Gomzin is an information security enthusiast and full-stack technologist. He is the author of multiple publications on information security and technology including books "Hacking Point of Sale" (Wiley, 2014) and the just-published "Bitcoin for Nonmathematicians" (Universal Publishers, 2016).
Slava is VP of Information Security and Technology at Pieces Technologies, an innovative start-up that deploys cutting edge technology to improve clinical and community health outcomes. Before Pieces Tech, he was Director of Information Security at Parkland Center for Clinical Innovation (PCCI), a noted scientific research and development nonprofit corporation. Prior to joining PCCI, Slava was a Security and Payments Technologist at Hewlett-Packard, where he helped create products that are integrated into modern payment processing ecosystems using the latest security technologies. Before HP, he worked in various information security and software development positions at Retalix, a Division of NCR Retail. Slava currently holds CISSP and other security certifications. He blogs about information security and technology at www.gomzin.com.

Learn more about Slava Gomzin

Also by This Author

Reviews of Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build by Slava Gomzin

Review

This book has not yet been reviewed.

Report this book