摘要 |
A method of authenticating or controlling a software application on an end user device comprises downloading software application data from a remote server, the data including application code, a cryptographically derived signature, and an identity of an application developer. The identity is then used as a look-up key to obtain/authenticate a public key of the application data, and to obtain associated installation and/or operation conditions, with the signature authenticated using the application code and public key, and, if authentication is successful, authentication of the application code is performed. Aspects of this may be performed by an antivirus service, which may use a signature or heuristic based scan if authentication is unsuccessful. The conditions may be allowed filenames or ranges of filenames; allowed file installation locations; allowed operating behaviours; or community prevalence thresholds or patterns. Also disclosed is a method of scanning an application involving a whitelist of authenticated certificates and authentication conditions; determining that an application was signed with a certificate, and determining whether application code satisfies the conditions to determine whether the application is trusted or should be scanned by an antivirus. |