VeriSign, Inc. announced it will be providing a Trusted Content Delivery service for software providers that creates a secure distribution channel for sending software programs and updates over the Internet. The TCD solution is designed specifically to solve long-time delivery flaws within the software and antivirus software market including:
- Anti-Intrusion – All points of entry between the end user, the system administrator and VeriSign are locked down and secured by digital certificates embedded in the client and server components of the solution.
- Update spoofing – All software updates are authenticated by a VeriSign digital code-signing certificate, to prevent spoofing by individuals or organizations pretending to be legitimate software providers.
- Hoax warnings and notifications – Each update notification and communication between VeriSign and the customer is secured by a digital certificate and passed securely through the VeriSign application, not via public e-mail.
- Content level control – Each individual update maintains its own revocation history. This allows providers, using standard toolsets, to ensure that end-users use the appropriate version of update; it also permits revocation of updates found to be flawed after their initial release.
- Software piracy – System administrators and IT Executives are provided with auditable license compliance reports and certified reports on the update status on all clients across their network.
VeriSign’s TCD solution will be made available to all software providers beginning in the first quarter, 2003. The solution will be available to medium and large enterprises, including Fortune 500 companies and the US government agencies in the $1.8 billion worldwide market for users of antivirus software. The solution is designed to reduce enterprise risk against sophisticated cyber threats as well as provide system administrators with a precise way to get certified system audit information and ensure compliance with their licensing agreements.
As the largest authenticator of online businesses in the world, VeriSign has more than 400,000 digital certificates currently installed on Web sites around the globe. VeriSign provides the industry’s most secure forms of authentication and encryption by using automated as well as person-to-person background checks to confirm the identity of sources on the Internet.
VeriSign also announced today a joint development agreement with Authentium, Inc., parent company of Command Software Systems and creators of Curtains for WindowsTM firewall, antivirus and identity protection desktop software, to adapt TCD concepts and to provide a secure distribution process for delivering antivirus software and updates over the Internet.
“We are excited to incorporate VeriSign security with our world-class antivirus software,” said John Sharp, president and CEO of Authentium. “The recent compromise at Kapersky Labs, in which subscribers were potentially duped into accepting fake updates which contained the Bridex Worm, demonstrates the critical importance of this enhanced approach to update security.”
“Authentium has shown true technological leadership and insight in their approach to the problem of update security,” said Ben Golub, senior vice president of VeriSign Trust and Payment Services. “We look forward to working together and creating the best possible security solutions for delivering software programs and updates.