Verisign unveils secure content delivery service

Companies selling software and antivirus products will soon be able to secure products they distribute to customers online,...

Companies selling software and antivirus products will soon be able to secure products they distribute to customers online, digital authentication company VeriSign claimed.

The company, which manages more than 400,000 digital certificates on Web sites worldwide, will launch a secure content delivery service called Trusted Content Delivery (TCD) early next year. The service will attempt to address security issues that complicate the job of distributing software applications and updates over the Internet.

Among the services available through the TCD program are anti-intrusion protection that secures the distribution pipeline using digital authentication certificates at both the sending and receiving side of a transaction.

A variety of methods for securing the distributed software will also be available through the TCD service. Those methods will include software code-signing using VeriSign certificates to prevent the spoofing of legitimate software vendors. Version control features will allow vendors to ensure customers use the proper version of a released software update and will even revoke flawed updates.

Auditing features will enable IT administrators to generate reports on the software update status of clients across networks, verifying that all users are running legal and up-to-date versions of software applications.

TCD is targeting large companies and the US government.

More and more software vendors and corporations are turning to online distribution of software updates to address security vulnerabilities in products. Microsoft Windows XP contains an automatic update feature that notifies users when updates for the operating system are available and allows them to download and install updates over the Internet.

The growing demand for antivirus software by both businesses and home users has also called attention to the need for a secure delivery channel. Most antivirus vendors rely on the Internet-based subscription services that automatically distribute updated virus signatures to customers. Those signatures inoculate those customers against new viruses and other emerging threats.

But the ready acceptance of online software distribution can make it easy for malicious hackers to put worms and other destructive code on the computers of unsuspecting users.

Last month, Russian antivirus software maker Kaspersky Labs fell victim to a hacker who commandeered the company's e-mail server to distribute copies of the BrideX e-mail worm to recipients of Kaspersky's newsletter.

Antivirus and firewall software vendor Authentium will be an early adopter of the TCD service and will use it to deliver software updates to its customers over the Internet.

Verisign did not disclose price details for TCD.

Read more on Antivirus, firewall and IDS products