Opensign-project - Online code signing and integrity verification service for open source community
SummaryThe service will allow all .NET and Java code modules to be uploaded to the service to be signed by a community code signing key. Each community (such as OWASP) will have a key and corresponding Software Publishing Certificate (SPC) which can optionally be embedded in the code module itself. Generally, however, the service is intended for developers and the wider community of concerned users that want to ensure that their downloaded portable executable is exactly what it purports to be. The root key will be stored in an HSM and will sign an SPC from a locally generated key-pair of which the public key will be sent to the service. Key pair generation can be made and submitted using standard .NET delay signing and jar signing tools distributed with the SDKs, however, the project remit will ensure that a client-side graphical tool for each environment is available to generate the keys pairs needed to sign code with and allow submission to the code signing service for signing and generation of SPC by the server's proprietary CA. Anonymity will not be allowed so the project will include a database of users which will be the basis of directory for SPCs. There will be a web and web services interface using an online login and WS-Security respectively which will allow the code to be uploaded on demand and signed by a code signing key with the option to embed the certificate or not. Project Homepage
http://code.google.com/p/opensign-project
88
comments powered by Disqus
Related Products
Truth - Codesigned Dependable and Secure Computing Systems
Truth is a multi-discipline project for design and evaluation of fault-tolerant and secure computing systems (Computing).Truth is a computing infrastructure specfically designed and being developed for novice programmers who have a strong technical background on their application areas (e.g., bioengineering, biology, and medicine) not computer science or engineering. Truth aims application areas with strong reliability, safety, security, and real-time requirements (e.g., personal health-care dev
Flepjhaverkamp - A network simulator and protocol for wireless sensor nodes
A project that implements a realistic 3D simulator frontend and a complete TCP/IP-like protocol stack for a network consisting of EYES Wireless Sensor nodes. Timespan: 6 weeks. Completed on June 29th, 2008. AuthorsThis project has been created by: H.Y. Bruintjes J.H. Donker C.E. Etheredge J. Teeuw As part of the 214515 Codesign project (2008) at the University of Twente. ConceptThe scope of this project includes creating a completely functioning protocol stack that is capable of transmitting rel
Resthttpservice - A new Flex HTTPService component that fully supports REST
The current Flex HTTPService component is severely lacking when it comes to making REST calls. This component can only send GET and POST requests (no PUT, DELETE, HEAD, or OPTIONS without using a proxy) and does not make available the HTTP status code returned in the response. Rather, it fires a fault event for any HTTP response that does not have a status code of 200 (even a 201 "created" status is considered a fault condition). The aim of this project is to create a fully REST-aware component
Rest-assured - Java DSL for easy testing of REST services
Testing and validating REST services in Java is harder than in dynamic languages such as Ruby and Groovy. REST Assured brings the simplicity of using these languages into the Java domain. News2012-04-16: REST Assured was presented at the Scandinavian Developer Conference. 2012-04-05: REST Assured 1.6.1 is released with bugs fixes and better support for specifying session id's. See change log for details. 2012-03-29: REST Assured will be presented at the Jazoon conference in Zürich, Switzerland.
Mantevo - Miniapplications and related tools to foster co-design of high performance computing appli
The Mantevo project is dedicated to developing and distributing open source software packages, called miniapplications and minidrivers, that act as performance proxies for real applications and their key performance features. These proxies tend to be much smaller in size than the applications they represent. They can be used as co-design vehicles in the study of new programming approaches, new language usage, and the interplay between the application and the underlying computer software and hard
Sharefile-api-php - The library provides simple and easy-to-use access to ShareFile REST API
ShareFile API PHP is a standalone PHP library which simplify access to ShareFile REST API. Features:All methods and operations support. No additional libraries and extensions are needed. Easy to use. Error handling support. ShareFile online file sharing serviceShareFile allows you to create a custom-branded, password-protected area where you can exchange business files with clients easily, securely, and professionally. Whether you deal with files that are simply too large to transfer by email, n
Userstory - Example of use Spring 3, JPA 2 / Hibernate 3.5, RestFull Web Services and OpenID
DescriptionUserStory is a Java project with two goals : 1 SandBox of utilization of recent Java technologies 2 Provide to users a solution for share good stories (With Media content) TechnologiesSpring 3 IOC/MVC/Security, JPA 2, Hibernate 3.5, RestFul Web Services, EhCache 2.0.1 OpenID Maven 2 UserStory application can communicate with RestFul Web Service in XML or Json. ToDo ListVersion 1HIGH - Add GED for media Content HIGH - Add Event service HIGH - Add Act service HIGH - Add functions shared
Persevere-framework - Persevere - REST JSON database, distributed computing, and persistent object m
Persevere is an open source set of tools for persistence and distributed computing using an intuitive standards-based JSON interfaces of HTTP REST, JSON-RPC, JSONPath, and REST Channels. The core of the Persevere project is the Persevere Server. The Persevere server includes a Persevere JavaScript client, but the standards-based interface is intended to be used with any framework or client. The Persevere Server is an object storage engine and application server (running on Java/Rhino) that provi
Randr - R and R - REST and Relaxation, a REALLY simple REST client / server
R and R - short for REST and Relaxation, is REALLY simple REST client / server offering compatible libraries in PHP and Java and other languages to come. It provides a very easy to use interface, enabling a server to be set up with only a few lines of code. It also provides secure requests through signing parameters with a private key. Sourceforge: http://sourceforge.net/projects/randr Change Log0.30 Some bug fixes I forgot to commit :-S 0.29 Made url variable protected 0.28 0.25/0.26/0.27 corru
Discbenchmarkingonsecurechip - this prooject work is totally related to the IEEE transaction on know
Secure chips, e.g., present in smart cards, USB dongles, i-buttons, are now ubiquitous in applications with strong security requirements. Moreover, they require embedded data management techniques. However, secure chips have severe hardware constraints, which make traditional database techniques irrelevant. The main problem faced by secure chip DBMS designers is to be able to assess various design choices and trade-offs for different applications. Our solution is to use a benchmark for secure ch
