From the course: ISC2 Certified Information Systems Security Professional (CISSP) (2024) Cert Prep

Unlock this course with a free trial

Join today to access over 24,000 courses taught by industry experts.

Code signing

Code signing

- [Instructor] Code signing provides a way for developers to demonstrate to end users that applications come from a legitimate source. You may already know from your knowledge of cryptography that individuals may apply digital signatures to data to provide nonrepudiation. Anyone wishing to verify a digital signature may do so by using the signers digital certificate. Digital signatures may also be used for code signing. Users may obtain software from a wide variety of sources. It may be pre-installed on their computer by their IT department. They might download software from an App Store or find it on a website code. Code signing attempts to help users determine whether code is legitimate using digital signatures. Developers who wish to sign their code obtain a digital certificate from a trusted certificate authority. They then use the private key associated with that digital certificate to create a digital signature before releasing their code to the world. When a user downloads the…
