HSM ÀÚ·á½Ç °ü·ÃÀڷḦ ´Ù¿î·Îµå ¹ÞÀ» ½Ç ¼ö ÀÖ½À´Ï´Ù.
Äڵ弸í(Code-Signing) |
µî·ÏÀÏ | 2016-03-28 |
Á¶È¸¼ö | 1650 |
Certificate Authority Security Council(CASC) ¿¡¼ ÀÛ¼ºÇÏ¿© ¹èÆ÷ÇÑ, Code Signing ¿¡ ´ëÇÏ¿©, ÇÊ¿äÇÑ ÀÌÀ¯¿Í ¾î¶»°Ô µ¿ÀÛÇÏ´Â Áö¿¡ ´ëÇÏ¿©, ½±°í ÀÚ¼¼ÇÑ ¼³¸íÀ» ÇÏ°í ÀÖ´Â ÀÚ·á(CASC-Code-Signing.pdf)°¡ ÀÖ´Â À§Ä¡ ÀÔ´Ï´Ù. CASC´Â SSL Certificate¸¦ ¹ßÇàÇÏ´Â 7°³ÀÇ CA±â°ü(Comodo, Symantec, Trend Micro, DigiCert, Entrust, GlobalSign, GoDaddy)ÀÌ Internet Security Ç¥ÁØÀ» È«º¸ÇÏ°í Internet Security IssueµéÀ» ±³À°½ÃÅ°±â À§ÇÏ¿©, 2013³â 2¿ù °á¼ºÇÑ ´ÜüÀÔ´Ï´Ù. ÀÚ·á¿¡¼ ¼³¸íÇÏ°í ÀÖµíÀÌ, Code Signing ±¸Çö ½Ã, °¡Àå Å« Issue´Â Code-Signing Certificate¿¡¼ »ç¿ëµÇ´Â Private-Key¸¦ ¾î¶»°Ô protectÇÏ´Â °¡ ÀÔ´Ï´Ù. ÀÌ ÀÚ·á¿¡¼´Â FIPS 140-2 Level 2 ÀÌ»óÀÇ ÀÎÁõÀ» ¹ÞÀº ¾ÏÈ£ Àåºñ¸¦ »ç¿ëÇ϶ó°í ±Ç°í ÇÏ°í ÀÖ½À´Ï´Ù. https://casecurity.org/wp-content/uploads/2013/10/CASC-Code-Signing.pdf |
|