Trust Levels in Application Whitelisting

Application Whitelisting tags a trust level to all applications and executable so that untrusted or not whitelisted application will not be able to run on your computer. This is to minimize the chances of unauthorized malware from damaging user’s system.

Definition of Trust Levels

In Application Whitelisting, there are three levels of trust for applications and are summarized in the table below:

Trust Level	Explanation
Not Trusted (0)	The application is not allowed to be executed at all. Any files that are created by this application will not be trusted as well.
Trusted Application (1)	The application is allowed to be executed, but all the files that are created by a Trusted Application will be Not Trusted.
Trusted Installer (2)	A Trusted Installer is allowed to be executed, and all files that are created or renamed by a Trusted Installer will be automatically set as Trusted Application. For example, Installer, uninstaller, and updater applications usually fall into this category. There is a special exception for the update process. When a Trusted Installer found that the file has already existed, and the trust level has been set as Trusted Installer, Trusted Installer will not downgrade the file as a Trusted Application but instead, it will keep the trust level as it is. In the newer version of SecureAPlus, non-trusted user account is allowed to run Trusted Installer as it is, but only the trusted account can set the file as a trusted installer. Unlike trusted account users, for non-trusted account users, an application will never be promoted to a trusted installer, even though if the digital signature Is trusted. More on Trusted Groups and Trusted Users

Trust Level

Explanation

Not Trusted (0)

The application is not allowed to be executed at all. Any files that are created by this application will not be trusted as well.

Trusted Application (1)

The application is allowed to be executed, but all the files that are created by a Trusted Application will be Not Trusted.

Trusted Installer (2)

A Trusted Installer is allowed to be executed, and all files that are created or renamed by a Trusted Installer will be automatically set as Trusted Application.

For example, Installer, uninstaller, and updater applications usually fall into this category.

There is a special exception for the update process.

When a Trusted Installer found that the file has already existed, and the trust level has been set as Trusted Installer, Trusted Installer will not downgrade the file as a Trusted Application but instead, it will keep the trust level as it is.

In the newer version of SecureAPlus, non-trusted user account is allowed to run Trusted Installer as it is, but only the trusted account can set the file as a trusted installer.

Unlike trusted account users, for non-trusted account users, an application will never be promoted to a trusted installer, even though if the digital signature Is trusted.

More on Trusted Groups and Trusted Users

This page was last updated: December 13, 2023

Support and feedback

Should you encounter any issues using SecureAPlus with any of the mentioned or missed requirements above, you can always write to us a docs@secureage.com.