NIST has released a new cybersecurity white paper, Security Considerations for Code Signing. This paper describes the concept of digitally signing code to provide both data integrity and source authentication. It describes features and architectural relationships of typical code signing solutions that are widely deployed today to support various use cases. It identifies some security challenges and provides recommendations to mitigate these threats.
Security and Privacy: digital signatures, identity & access management
Technologies: mobile, operating systems