Controlling access by code
First Claim
1. A method of controlling access by code to one or more application programming interfaces (APIs) of a mobile device, the method comprising:
- determining whether the code is signed with an authentic digital signature indicating authorization for the code to access one or more sensitive APIs of the mobile device, wherein the mobile device includes at least one sensitive API and at least one non-sensitive API, wherein access to the at least one sensitive API is further restricted relative to the at least one non-sensitive API, wherein the authentic digital signature is generated by a code signing authority that issues authentic digital signatures external to the mobile device; and
controlling access by the code to the one or more sensitive APIs depending on whether the code is signed with the authentic digital signature.
0 Assignments
0 Petitions
Accused Products
Abstract
A novel code signing system, computer readable media, and method are provided. The code signing method includes receiving a code signing request from a requestor in order to gain access to one or more specific application programming interfaces (APIs). A digital signature is provided to the requestor. The digital signature indicates authorization by a code signing authority for code of the requestor to access the one or more specific APIs. In one example, the digital signature is provided by the code signing authority or a delegate thereof. In another example, the code signing request may include one or more of the following: code, an application, a hash of an application, an abridged version of the application, a transformed version of an application, a command, a command argument, and a library.
-
Citations
30 Claims
-
1. A method of controlling access by code to one or more application programming interfaces (APIs) of a mobile device, the method comprising:
-
determining whether the code is signed with an authentic digital signature indicating authorization for the code to access one or more sensitive APIs of the mobile device, wherein the mobile device includes at least one sensitive API and at least one non-sensitive API, wherein access to the at least one sensitive API is further restricted relative to the at least one non-sensitive API, wherein the authentic digital signature is generated by a code signing authority that issues authentic digital signatures external to the mobile device; and controlling access by the code to the one or more sensitive APIs depending on whether the code is signed with the authentic digital signature. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A mobile device comprising:
-
one or more hardware processors enabled to determine whether code is signed with an authentic digital signature indicating authorization for the code to access one or more sensitive APIs of the mobile device, wherein the mobile device includes at least one sensitive API and at least one non-sensitive API, wherein access to the at least one sensitive API is further restricted relative to the at least one non-sensitive API, wherein the authentic digital signature is generated by a code signing authority that issues authentic digital signatures external to the mobile device; and the one or more hardware processors being further enabled to control access by the code to the one or more sensitive APIs depending on whether the code is signed with the authentic digital signature. - View Dependent Claims (7, 8, 9, 10)
-
-
11. One or more non-transitory computer readable memories comprising instructions that when executed by one or more processors of a mobile device cause the one or more processors to perform instructions comprising:
-
determining whether code is signed with an authentic digital signature indicating authorization for the code to access one or more sensitive APIs of the mobile device, wherein the mobile device includes at least one sensitive API and at least one non-sensitive API, wherein access to the at least one sensitive API is further restricted relative to the at least one non-sensitive API, wherein the authentic digital signature is generated by a code signing authority that issues authentic digital signatures external to the mobile device; and controlling access by the code to the one or more sensitive APIs depending on whether the code is signed with the authentic digital signature. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A method of controlling access by code to one or more application programming interfaces (APIs) of a mobile device, the method comprising:
-
determining whether the code is signed with an authentic digital signature indicating authorization for the code to access one or more sensitive APIs of the mobile device, wherein the authentic digital signature is generated by a code signing authority that issues authentic digital signatures external to the mobile device, wherein the mobile device includes at least one sensitive API and at least one non-sensitive API, wherein access to the at least one sensitive API is further restricted relative to the at least one non-sensitive API, wherein the code signing authority includes any one or more of a manufacturer of the mobile device, an author of the one or more sensitive APIs, an author of the code, a representative of the manufacturer of the mobile device, a representative of an author of the one or more sensitive APIs, or a representative of the author of the code; and controlling access by the code to the one or more sensitive APIs based on whether the code is signed with the authentic digital signature. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A mobile device comprising:
-
one or more hardware processors enabled to determine whether code is signed with an authentic digital signature indicating authorization for the code to access one or more sensitive APIs of the mobile device, wherein the mobile device includes at least one sensitive API and at least one non-sensitive API, wherein access to the at least one sensitive API is further restricted relative to the at least one non-sensitive API, wherein the authentic digital signature is generated by a code signing authority that issues authentic digital signatures external to the mobile device, wherein the code signing authority includes any one or more of a manufacturer of the mobile device, an author of the one or more sensitive APIs, an author of the code, a representative of the manufacturer of the mobile device, a representative of an author of the one or more sensitive APIs, or a representative of the author of the code; and the one or more hardware processors being further enabled to control access by the code to the one or more sensitive APIs based on whether the code is signed with the authentic digital signature. - View Dependent Claims (22, 23, 24, 25)
-
-
26. One or more non-transitory computer readable memories comprising instructions that when executed by one or more processors of a mobile device cause the one or more processors to perform instructions comprising:
-
determining whether code is signed with an authentic digital signature indicating authorization for the code to access one or more sensitive APIs of the mobile device, wherein the mobile device includes at least one sensitive API and at least one non-sensitive API, wherein access to the at least one sensitive API is further restricted relative to the at least one non-sensitive API, wherein the authentic digital signature is generated by a code signing authority that issues authentic digital signatures external to the mobile device, wherein the code signing authority includes any one or more of a manufacturer of the mobile device, an author of the one or more sensitive APIs, an author of the code, a representative of the manufacturer of the mobile device, a representative of an author of the one or more sensitive APIs, or a representative of the author of the code; and controlling access by the code to the one or more sensitive APIs based on whether the code is signed with the authentic digital signature. - View Dependent Claims (27, 28, 29, 30)
-
Specification