A system and method is provided for providing security to components or assemblies employed by application programs during runtime. The present invention employs digital signature keys to ensure that an assembly name that is published is unique because the assembly is published with a publisher's public key. This prevents others from publishing an updated version of an assembly that claims to be published from the same publisher. The present invention guarantees name uniqueness and prevents name spoofing because the original publisher is the only one with the private key matching the public key related to a published assembly. Due to the fact that the public keys are stored in each reference, the caller can be assured that the assembly that the caller is binding to at runtime comes from the same publisher that owns the private key.