Securing Your Code Shouldn’t Impede Your Innovation
Code signing, the process of digitally signing executables and scripts, proves the identity of the software author and guarantees that the code has not altered or corrupted since it was published. The efficacy of code signing as an authentication mechanism for software depends how effectively publishers secure their code signing keys against unauthorized access. The potential impact of code signing key compromise can include major damage to brand and trust, immense costs due to certificate recall, breach response, legal compensation as well as loss of overall revenue.
Code Signing Key Protection is a Challenge
With the increased volume and frequency of code signing due to the proliferation of software applications, as well as software and firmware that operates IoT/network infrastructure hardware, code signing key management has become complex. Keys end up on dispersed endpoint devices and services without proper protection. As employees come and go, and keys remain on employees’ endpoints, the security and control of those signing keys become extremely difficult to manage. Unfortunately, existing code signing key management alternatives are challenging to implement, presenting a tradeoff between security and usability:
Hardware (HSMs, TPMs and security tokens) provide security but are cumbersome & complex to administer.
Hardware inhibits automation and scalability, especially for organizations requiring code signing across multiple sites and/or hybrid cloud infrastructures.
Keys stored on build servers, USB tokens, etc., are susceptible to unauthorized access and compromise.
Lack of centralized key management and administrative controls for all code signing operations across the organization limits the ability to enforce security policies consistently.
Legacy solutions do not allow for automation, such as key/certificate generation and signing operations.
Protect Your Software with
End to End Secure Code Signing
Unbound’s code signing solution delivers hardware-level security without the hardware, making it an excellent fit for organizations with hybrid cloud environments and/or disparate development sites. This platform-agnostic solution has fully abstracted the hardware and can be deployed as a single, centralized code signing solution to cover development teams in disparate locations using any mix of environments (public cloud, private cloud, on premise). UKC is very easy to use and supports full automation of all operations including maintenance, set up and administration, seamlessly integrating with DevOps processes to ensure secure and rapid application delivery.
UKC includes advanced context-based auditing tools that give you the full details of every code signing operation, every time a key is used. Logs include: what type of operation, the date and time of the operation; the build servers from which the request was made; and the user that authorized the code signing operation. Audit logs can be viewed from the console or exported to a third-party tool such as a SIEM.
UKC is FIPS 140-2 Levels 1 & 2 Validated, allowing you to sign Extended Validation (EV) Code Signing Certificates without the need for cumbersome hardware to protect and control your private code signing keys.
Any Code, Anywhere
Cover distributed teams using any mix of cloud/hybrid environments for code signing on multiple platforms.
Seamlessly integrates with your DevOps processes to ensure secure and rapid application delivery.
Fits any deployment size and complexity including huge development teams distributed globally.
Supports full automation of all operations including maintenance, setup and administration.
Seamless AD/IDaaS integration for user-based authentication and auditing on your code signing keys.
How Does it Work?
Unbound Key Control enables secure management of cryptographic keys on any standard platform, including physical/virtual machines and containers.
A typical code signing process is started by calculating the hash of the code using algorithms like SHA-1 or SHA-2. Then, the build server initiates a certification request to Unbound accompanied with the application name, the hash and the public key, after which Unbound signs the hash with the private key using MPC protocol to access both key shares. The signed hash is then returned to the build server.
1. Create a hash of the code using an algorithm such as SHA-1 or SHA-2.
2. Certificate Request (Application Name & Version, Hash, Public Key).
3. Unbound signs with the private key on the hash.
4. Returning hash signed with the private key.
Unbound provides hybrid-cloud, multi-site support in a single system deployment, meeting the needs of organizations with large and/or disparate development teams across distributed environments.
A single Unbound Key Control cluster is used to manage all code signing certificates from one centralized system with a single pane of glass. All build servers and developer machines are connect to the cluster to consume code signing services.
Leveraging Code Signing Best Practices for Your Enterprise
While the need for code signing has grown, so has it's complexity. With the proliferation of software, as well as software operating IoT/network infrastructure hardware, the protection of code signing keys is critical. In this guide we discuss why enterprises need a central code signing key protection & key management platform, and best practices to implement secure code signing.
Code Signing Solution Brief
Companies that work with Code Signing are under a sophisticated cyber threat landscape that HSMs cannot sufficiently guard against. The Unbound Key Control (UKC) code signing solution delivers pure-software HSM-level security covering all development teams across your entire infrastructure.
Case Study: Enterprise Code Signing
In this case study we pose challenges facing a top tech company, including the large number of developers and global sites, a mix of on-premise and cloud-based development environments and how to tackle the problem of agility vs. scalability.
Best Practices for Implementing Secure Code Signing
Best practices for implementing secure code signing--explore new approaches for code signing, and review best practices. We’ll highlight some of the new challenges in protecting code signing private keys and certificates in today’s world of increased virtualization, scaling and distribution.