This cooperation is expected to include Citrix Systems software measurements in the SignaCert Global Trust Repository (GTR). This collaboration will provide objective, third-party validation of Citrix-built software for IT security, compliance and systems management of virtual infrastructures, enabling Citrix customers and partners to explore innovative uses for Citrix desktop and server virtualization products such as XenDesktop™, XenApp™ and XenServer™, including dynamically managing applications and packages in workloads. Additionally, SignaCert will license the Data Exchange Format (DEF) to customers at no charge to help them leverage the whitelist data method for custom uses in their Citrix environments.

The SignaCert Global Trust Repository uses known-provenance and vendor-independent software measurements, or whitelists, to enable new enterprise IT security methods.  These whitelists provide a standardized way to enforce security and compliance of third-party software for enterprise computing environments, as well as more advanced uses such as software attestation in high-assurance platforms. The technology permits virtual machines (VM) and their applications to be securely authenticated, so that when a VM is moved – between the enterprise data center and a cloud, for example – the user can be confident that the workload originated with their enterprise customer and it has not been altered outside of policy in any way, and that there have been no file and structure changes, additions or deletions to the application stack.

Source: http://citrix.com/English/NE/news/news.asp?newsID=1857472