diff --git a/app/controllers/api/v1/repositories_controller.rb b/app/controllers/api/v1/repositories_controller.rb
index 9a7d4e195..bc8a3a057 100644
--- a/app/controllers/api/v1/repositories_controller.rb
+++ b/app/controllers/api/v1/repositories_controller.rb
@@ -97,7 +97,7 @@ class Api::V1::RepositoriesController < Api::V1::BaseController
   def signatures
     key_pair = @repository.key_pair
     key_pair.destroy if key_pair
-    key_pair = @repository.build_key_pair(params[:repository])
+    key_pair = @repository.build_key_pair subject_params(Repository, KeyPair)
     key_pair.user_id = current_user.id
     if key_pair.save
       render_json_response @repository, 'Signatures have been updated for repository successfully'
diff --git a/app/models/key_pair.rb b/app/models/key_pair.rb
index 9ff3139bf..1967885bf 100644
--- a/app/models/key_pair.rb
+++ b/app/models/key_pair.rb
@@ -4,7 +4,6 @@ class KeyPair < ActiveRecord::Base
   belongs_to :user
 
   attr_accessor :fingerprint
-  # attr_accessible :public, :secret, :repository_id
   attr_encrypted :secret, key: APP_CONFIG['keys']['key_pair_secret_key']
 
   validates :repository, :user, presence: true
diff --git a/app/models/repository.rb b/app/models/repository.rb
index 535f023c4..b78400299 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -36,13 +36,6 @@ class Repository < ActiveRecord::Base
 
   before_destroy  :detele_directory
 
-  # attr_accessible :name,
-  #                 :description,
-  #                 :publish_without_qa,
-  #                 :synchronizing_publications,
-  #                 :publish_builds_only_from_branch,
-  #                 :build_for_platform_id
-
   attr_readonly :name, :platform_id
   attr_accessor :projects_list, :build_for_platform_id
 
diff --git a/app/policies/key_pair_policy.rb b/app/policies/key_pair_policy.rb
index d7ed34f40..5f52679f4 100644
--- a/app/policies/key_pair_policy.rb
+++ b/app/policies/key_pair_policy.rb
@@ -6,4 +6,11 @@ class KeyPairPolicy < ApplicationPolicy
   end
   alias_method :destroy?, :create?
 
+  # Public: Get list of parameters that the user is allowed to alter.
+  #
+  # Returns Array
+  def permitted_attributes
+    %i(public secret)
+  end
+
 end
diff --git a/app/policies/repository_policy.rb b/app/policies/repository_policy.rb
index 2835f6671..9331d2d15 100644
--- a/app/policies/repository_policy.rb
+++ b/app/policies/repository_policy.rb
@@ -54,6 +54,20 @@ class RepositoryPolicy < ApplicationPolicy
   end
   alias_method :remove_repo_lock_file?, :add_repo_lock_file?
 
+  # Public: Get list of parameters that the user is allowed to alter.
+  #
+  # Returns Array
+  def permitted_attributes
+    %i(
+      name
+      description
+      publish_without_qa
+      synchronizing_publications
+      publish_builds_only_from_branch
+      build_for_platform_id
+    )
+  end
+
 private
 
   # Public: Get user ids of repository.