Method for ensuring the trustworthiness of source code

12061,727

17/338941

June 04, 2021

A method for ensuring the trustworthiness of software source code (source code) is provided, wherein two software developers sign the source code produced by said software developers. A compiling device checks, on the basis of the public signature keys of the software developers, whether the source code is trustworthy and produces a binary code from the source code. The produced binary code is signed by the compiling device, and the signed binary code together with the public signature key of the compiling device is made available for further use. The signed binary code is therefore likewise trustworthy.

UNISCON UNIVERSAL IDENTITY CONTROL GMBH (Munich, DE)

UNISCON UNIVERSAL IDENTITY CONTROL GMBH (Munich, DE)

1. A method for ensuring the trustworthiness of software source code (source code), wherein: at least a first software developer (A) and a second software developer (B) for programming the source code are registered (S 1), wherein data assigned to the respective software developers (A, B) together with a public signature key (PubA, PubB) belonging to the respective software developer are imported into a secure infrastructure (DCUA), the first software developer (A) signs the source code created by him with his private signature key (PrivA) and the second software developer (B) signs (S 2) the source code (C 1) signed by the first software developer (A) with his private signature key (PrivB), the source code (C 2) signed by both software developers (A, B) is stored (S 3) in a source code server (QS), a compiling device (CE) arranged in the secure infrastructure (DCUA) imports (S 4) the signed source code (C 2) from the source code server (QA) into the secure infrastructure (DCUA), checks whether the imported source code has been signed with private signature keys (PrivA, PrivB) belonging (S 5 . 1) to the imported public signature keys (PubA, PubB), and translates the imported source code into executable binary code (S 5 . 2), the compiling device (CE) signs the binary code with a private signature key (PrivCE) assigned to the compiling device and exports the signed binary code (C 3) together with the public key (PubCE) belonging to the private signature key (PrivCE) to the binary code server (BS) belonging to the private signature key (PrivCE), wherein the private signature key (PrivCE) assigned to the compiling device (CE) and the public key (PubCE) belonging to this private signature key (PrivCE) are generated exclusively within the secure infrastructure (DCUA), and wherein the private signature key (PrivCE) assigned to the compiling device (CE) is stored exclusively in a volatile memory device (VM) of the secure infrastructure (DCUA).

2. The method of claim 1 , wherein a sensor device of the secure infrastructure (DCUA) continuously monitors access to the secure infrastructure and upon detection of unauthorized access deletes at least the private signature key (PrivCE) assigned to the compiling device (CE).

3. The method of claim 2 , wherein after the private signature key (PrivCE) assigned to the compiling device (CE) has been deleted, a new private signature key (PrivCE′) assigned to the compiling device and a new public key (PubCE′) belonging to the new private signature key (PrivCE′) are generated.

20060193475 August 2006 Borke
20160365981 December 2016 Medvinsky
20210105136 April 2021 Jäger
103 36 148 March 2005
186515 January 2013
WO-2005025128 March 2005

International Search Report issued for corresponding International Application No. PCT/EP2019/083134 dated Jan. 31, 2020. cited by applicant

edspgr.12061727