Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build

Nonfiction, Computers, Networking & Communications, Computer Security, Operating Systems, Application Software
Cover of the book Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build by Slava Gomzin, Slava Gomzin
View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart
Author: Slava Gomzin ISBN: 9781476313184
Publisher: Slava Gomzin Publication: April 22, 2012
Imprint: Smashwords Edition Language: English
Author: Slava Gomzin
ISBN: 9781476313184
Publisher: Slava Gomzin
Publication: April 22, 2012
Imprint: Smashwords Edition
Language: English

Booklet for developers and security professionals on how to implement code obfuscation, .NET strong name signing, and Authenticode code signing in order to protect applications deployment. The guide contains detailed description of different code signing implementation options from basic software to sophisticated hardware solution.

Topics include: reasons to implement code obfuscation and signing, obfuscation and strong name signing dependencies, description of Authenticode signing process, singing certificates and certificate authorities, signing certificate private key storage: hardware vs. software, three ways to implement code signing, and more (Article: ~4,460 words).

Table of Contents includes:

  1. Introduction
    Several Reasons to Implement Code Obfuscation and Signing
    Additional Benefits of Strong Name Signing
    Additional Benefits of Authenticode Signing
  2. Code Obfuscation and Strong Name Signing
    Code Obfuscation Tools
    Obfuscation Project and Strong Name Signing
    Obfuscation and Strong Name Signing from Command Line
  3. Authenticode Code Signing
    Code Signing
    Digital Signatures
    How Code Signing Works
    Authenticode
    Code Signing Certificate
    X.509 Standard
    Obtaining Code Signing Certificate
    Signing Certificate Pricing
    Code Signing Certificate Storage: Hardware vs. Software
    Time Stamping
    Certificate Validity (Expiration Date)
  4. Implementing Authenticode Signing
    Code Signing Process à la Microsoft
    Code Signing Implementation Options: Advantages, Disadvantages, Costs
    Option 1: “Full Hardware”
    Option 2: “Basic Software”
    Option 3: “Combined Software/Hardware”
  5. Tips on Implementing “Combined Software/Hardware” Option
    Requirements to Signing Application
  6. Tips on Implementing “Basic Software” Option
    Installing Code Signing Certificate on Signing Server
    SignTool
    Installing SignTool
    Using SignTool
  7. Testing
    Testing Obfuscation
    Testing Strong Name Signatures
    Testing Authenticode Signatures
  8. Resources
    Tools and Products
    Authenticode Certificates Offered by Public Certificate Authorities
    Online Authenticode Timestamping Services
    Standards
    Articles
    Books
    About the Author

Slava Gomzin, CISSP, ECSP, Security+ has more than 15 years of professional experience in software development and application security. He is Security Architect at Retalix USA.

View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart

Booklet for developers and security professionals on how to implement code obfuscation, .NET strong name signing, and Authenticode code signing in order to protect applications deployment. The guide contains detailed description of different code signing implementation options from basic software to sophisticated hardware solution.

Topics include: reasons to implement code obfuscation and signing, obfuscation and strong name signing dependencies, description of Authenticode signing process, singing certificates and certificate authorities, signing certificate private key storage: hardware vs. software, three ways to implement code signing, and more (Article: ~4,460 words).

Table of Contents includes:

  1. Introduction
    Several Reasons to Implement Code Obfuscation and Signing
    Additional Benefits of Strong Name Signing
    Additional Benefits of Authenticode Signing
  2. Code Obfuscation and Strong Name Signing
    Code Obfuscation Tools
    Obfuscation Project and Strong Name Signing
    Obfuscation and Strong Name Signing from Command Line
  3. Authenticode Code Signing
    Code Signing
    Digital Signatures
    How Code Signing Works
    Authenticode
    Code Signing Certificate
    X.509 Standard
    Obtaining Code Signing Certificate
    Signing Certificate Pricing
    Code Signing Certificate Storage: Hardware vs. Software
    Time Stamping
    Certificate Validity (Expiration Date)
  4. Implementing Authenticode Signing
    Code Signing Process à la Microsoft
    Code Signing Implementation Options: Advantages, Disadvantages, Costs
    Option 1: “Full Hardware”
    Option 2: “Basic Software”
    Option 3: “Combined Software/Hardware”
  5. Tips on Implementing “Combined Software/Hardware” Option
    Requirements to Signing Application
  6. Tips on Implementing “Basic Software” Option
    Installing Code Signing Certificate on Signing Server
    SignTool
    Installing SignTool
    Using SignTool
  7. Testing
    Testing Obfuscation
    Testing Strong Name Signatures
    Testing Authenticode Signatures
  8. Resources
    Tools and Products
    Authenticode Certificates Offered by Public Certificate Authorities
    Online Authenticode Timestamping Services
    Standards
    Articles
    Books
    About the Author

Slava Gomzin, CISSP, ECSP, Security+ has more than 15 years of professional experience in software development and application security. He is Security Architect at Retalix USA.

More books from Application Software

Cover of the book Photoshop 7 Down and Dirty Tricks by Slava Gomzin
Cover of the book HTML5 canvas in tempo reale by Slava Gomzin
Cover of the book Electronic Bank Statement & Lockbox in SAP ERP by Slava Gomzin
Cover of the book Prezi Essentials by Slava Gomzin
Cover of the book Learning Game Physics with Bullet Physics and OpenGL by Slava Gomzin
Cover of the book VFX Fundamentals by Slava Gomzin
Cover of the book iWork: The Missing Manual by Slava Gomzin
Cover of the book Architecting HBase Applications by Slava Gomzin
Cover of the book Human Recognition in Unconstrained Environments by Slava Gomzin
Cover of the book PCI DSS by Slava Gomzin
Cover of the book Evernote For Dummies by Slava Gomzin
Cover of the book Multimediaeinsatz auf Nachrichtenwebsites by Slava Gomzin
Cover of the book Microsoft Excel 2019 Pivot Table Data Crunching by Slava Gomzin
Cover of the book Corporate Security Crossroads: Responding to Terrorism, Cyberthreats, and Other Hazards in the Global Business Environment by Slava Gomzin
Cover of the book Advanced Monitoring in P2P Botnets by Slava Gomzin
We use our own "cookies" and third party cookies to improve services and to see statistical information. By using this website, you agree to our Privacy Policy