| CPC G06F 21/602 (2013.01) [G06F 21/54 (2013.01); G06F 21/57 (2013.01)] | 17 Claims |
|
1. A method comprising:
performing a plurality of software build processes including a process of a pre-release version of a software build, and a process of a release version of the software build,
the process of the pre-release version of the software build comprising:
generating a pre-release version of a software build image;
generating a security-sensitive script, a first encryption key, and specified software components;
encrypting the security-sensitive script with the first encryption key, the specified software components being unencrypted;
inserting the security-sensitive script encrypted with the first encryption key, and the unencrypted specified software components, into the pre-release version of the software build image; and
saving and storing the first encryption key to allow decryption of the encrypted security-sensitive script inserted into the pre-release version of the software build image during testing of the pre-release version of the software build image; and
the process of the release version of the software build comprising:
generating a release version of the software build image;
generating a second encryption key, the second encryption key being different from the first encryption key such that each of the pre-release version of the software build image and the release version of the software build image has its own unique encryption key for encrypting the security-sensitive script;
encrypting the security-sensitive script with the second encryption key;
inserting the security-sensitive script encrypted with the second encryption key, and the unencrypted specified software components, into the release version of the software build image; and
securely deleting the second encryption key to prevent decryption of the encrypted security-sensitive script inserted into the release version of the software build image after releasing the release version of the software build image as a final product.
|