Software is distributed to various platforms. The software may be updated or altered to deal with vulnerabilities or to provide additional features. Over time, the version of software on a given platform includes a collection of various components or updates. When a new software component is created for a next version, the software component is distributed to the platforms for updating. The update may undesirably create a vulnerability or other error in the software.
To avoid malicious alteration of software, many software components are digitally signed. Some systems or networks of platforms require signing all or some of their software components. Digital signing allows the platforms to determine the authenticity of the origin of the software. However, digital signing of the software components does not attest to the security or absence of security bugs in the software. It is common place for security defects to be found in software components that leave the component open to vulnerabilities that may be exploitable under certain conditions. If an attacker can cause a vulnerable, but signed, software component to be loaded, the system may be compromised. For security of the system, more than digital signing is used, such as processes to ensure that the software is of a version that is free of known vulnerabilities.
Revocation mechanisms are commonplace in public key infrastructure (PKI) environments. PKI may be used for signing software components. Revocation mechanisms may be used to revoke a signer's certificate. Software signed after a particular point in time is rendered invalid. This is a very coarse and draconian mechanism that can cause significant reconfiguration in the system to adapt to new trust roots and can invalidate unaffected secure software components, such as where the certificate is associated with secure software components as well as insecure components. Licensing mechanisms may allow revocation of individual software licenses using software component certificates, so requires license tracking for all the various platforms and certificates for all software components.
The threat response distribution protocol (TRDP) provides a way to communicate information about network-based threats and responses. This provides a mechanism for communicating actions to take to deal with software vulnerabilities, but leaves network administrators to transcribe and implement the action.