| 摘要 |
A software distribution method ( 300 ) with security add-on is proposed. Particularly, any software package to be deployed to selected target endpoints is encrypted ( 312 - 315 ) with a symmetric key (generated dynamically). The symmetric key is in turn encrypted ( 318 - 321 ) with a public key of each target endpoint. A multi-segment software package (embedding the encrypted software package and the encrypted symmetric keys) is then deployed ( 324 - 336, 360 ) to all the target endpoints. In this way, each target endpoint can decrypt ( 343 - 348 ) the encrypted symmetric key with a corresponding private key; it is then possible to decrypt ( 363 - 366 ) the encrypted software package with the symmetric key so obtained. As a result, the endpoint is able to apply ( 369 ) the decrypted software package. Therefore, the application of the software package can be restricted to the desired target endpoints only.
|
