This paper gives the concept of a program identity, proposes a program identification system which can actively and efficiently prevent malicious codes such as network worms and computer viruses from starting and running, and analyzes the advantage of the program identification system. The system consists of four modules which are respectively designed, and intended for key management, identity confection, dynamic monitoring, and identity verification. A program identity is an asymmetric identity which is involved with the private key of a software producer and the basic characteristic of a program, confected by a lightweight digital signing scheme, and stored at the main filename of the program itself. When a program such as an executable file, a page script file, or a dynamic link library file is started, its identity is first intercepted by the monitoring module, and then sent to the united identity verification platform which runs the identity verification module, and reserves the public key of every software producer. If the result returned indicates that the identity is illegal, the monitoring module will terminate the launch process of the program, and moreover report the file name of the program to the user for deletion; otherwise allows the program launch to go on.