Premium Members Get 10% Off and Earn Rewards Find Out More

Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build

Add to Wishlist

Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build

eBook

$4.99

eBook
$4.99

Available on Compatible NOOK Devices and the free NOOK Apps.

WANT A NOOK? Explore Now

Buy As Gift

Related collections and offers

LEND ME^® See Details

Overview

Booklet for developers and security professionals on how to implement code obfuscation, .NET strong name signing, and Authenticode code signing in order to protect applications deployment. The guide contains detailed description of different code signing implementation options from basic software to sophisticated hardware solution.

Topics include: reasons to implement code obfuscation and signing, obfuscation and strong name signing dependencies, description of Authenticode signing process, singing certificates and certificate authorities, signing certificate private key storage: hardware vs. software, three ways to implement code signing, and more (Article: ~4,660 words).

Table of Contents includes:
1. Introduction
Several Reasons to Implement Code Obfuscation and Signing
Additional Benefits of Strong Name Signing
Additional Benefits of Authenticode Signing
2. Code Obfuscation and Strong Name Signing
Code Obfuscation Tools
Obfuscation Project and Strong Name Signing
Obfuscation and Strong Name Signing from Command Line
3. Authenticode Code Signing
Code Signing
Digital Signatures
How Code Signing Works
Authenticode
Code Signing Certificate
X.509 Standard
Obtaining Code Signing Certificate
Signing Certificate Pricing
Code Signing Certificate Storage: Hardware vs. Software
Time Stamping
Certificate Validity (Expiration Date)
4. Implementing Authenticode Signing
Code Signing Process � la Microsoft
Code Signing Implementation Options: Advantages, Disadvantages, Costs
Option 1: �Full Hardware�
Option 2: �Basic Software�
Option 3: �Combined Software/Hardware�
5. Tips on Implementing �Combined Software/Hardware� Option
Requirements to Signing Application
6. Tips on Implementing �Basic Software� Option
Installing Code Signing Certificate on Signing Server
SignTool
Installing SignTool
Using SignTool
5. Testing
Testing Obfuscation
Testing Strong Name Signatures
Testing Authenticode Signatures
6. Resources
Tools and Products
Authenticode Certificates Offered by Public Certificate Authorities
Online Authenticode Timestamping Services
Standards
Articles
Books
About the Author

Product Details
About the Author

Product Details

BN ID:	2940014549684
Publisher:	Book'n'share Media
Publication date:	08/11/2012
Series:	Application Security
Sold by:	Barnes & Noble
Format:	eBook
File size:	597 KB

About the Author

Slava Gomzin is a Security and Payments Technologist at Hewlett-Packard, where he helps create products that are integrated into modern payment processing ecosystems using the latest security and payments technologies. Prior to joining Hewlett-Packard, Slava was a security architect, corporate product security officer, R&D and application security manager, and development team leader at Retalix, a Division of NCR Retail. As PCI ISA, he focused on security and PA-DSS, PCI DSS, and PCI P2PE compliance of POS systems, payment applications, and gateways. Before moving into security, Slava worked in R&D on design and implementation of new products including next-generation POS systems and various interfaces to payment gateways and processors. Slava currently holds CISSP, PCIP, ECSP, and Security+ certifications. He blogs about payment security at www.gomzin.com.

From the B&N Reads Blog

Page 1 of

Related collections and offers

Overview

Product Details

About the Author

Related Subjects

Customer Reviews