| 主权项 |
1. A method performed by a computing system for enforcing strict separation of software, the method comprising:
receiving, at a server, an application that includes a first signature, the first signature generated by a first signing key,
wherein the first signing key is a member of a first cryptographic key pair that comprises a first verifying key and the first signing key, andwherein the first verifying key is accessible to one or more computing devices that are members of a first computing environment; removing, at the server, the first signature from the application; generating, at the server, a signed application by associating a second signature with the application,
wherein the second signature is generated by a second signing key that is a member of a second cryptographic key pair that comprises a second verifying key and the second signing key,wherein the second verifying key is accessible to one or more computing devices that are members of a second computing environment, andwherein the first computing environment and the second computing environment are different computing environments selected from the group comprising: a development environment, a quality assurance environment, a testing environment, and a production environment; loading the signed application into memory at a computing device; and at least one of:
determining that the signed application is verified if the computing device is a member of the second computing environment, ordetermining that the signed application is not verified if the computing device is not a member of the second computing environment. |
