Protect the private keys associated with your signing application in an HSM service to avoid private keys from being stolen or compromised
Digital signing ensures the recipient of the package can trust the Digital Signature that was applied to the update. If an attacker was able to compromise the digital signature keys, they would also have the ability to impersonate the original author/publisher and create their own malicious updates (malware). These would be inherently trusted by the recipient since they trust the Digital Signature associated with the author/publisher. This could affect software security patches or hardware appliances such as routers. Using your own Digital Signing service within Thales Data Protection On Demand, you can protect the private keys associated with your signing application in an HSM service to avoid the private keys from being stolen or compromised.
Key Features
- Ensure integrity of documents
- Secure electronic tracking and storage
- Prove the integrity of the signed data and establish the publisher’s identity
- Protect the private keys associated with your signing application
Benefits
- Prevent fraudulent activity
- Prevent theft or compromise of private keys
- Seamlessly transition towards a paperless office environment
- Enhance security and ensure compliance
Adding a Luna Cloud HSM Service – Technical document
Learn how to provision services using the DPoD GUI. Once a service is created, the user downloads a Luna Cloud HSM service client to connect the service to a client machine.
How to Secure Code Signing at the Speed of DevOps - Webinar
When you sign a piece of code, you make a statement that it comes from your trusted brand and that you stand behind it. But what happens when that trust is broken? Recent attacks, such as the ASUS Live Update hack, underscore the importance of managing reputational risk. As...