CODE SIGNING SYSTEM AND METHOD
First Claim
Patent Images
1. A method of controlling access to a plurality of sensitive application programming interfaces (APIs) on a device by an application signed with a private key, the method comprising:
- verifying, by a processor of the device, a digital signature of the application using a public key;
after verifying the digital signature of the application using the public key, allowing the application to access a first sensitive API, the first sensitive API being associated with the public key; and
restricting the application from accessing a second sensitive API, the second sensitive API not being associated with the public key.
2 Assignments
0 Petitions
Accused Products
Abstract
A code signing system and method is provided. The code signing system operates in conjunction with a signed software application having a digital signature and includes an application platform, an application programming interface (API), and a virtual machine. The API is configured to link the software application with the application platform. The virtual machine verifies the authenticity of the digital signature in order to control access to the API by the software application.
21 Citations
30 Claims
-
1. A method of controlling access to a plurality of sensitive application programming interfaces (APIs) on a device by an application signed with a private key, the method comprising:
-
verifying, by a processor of the device, a digital signature of the application using a public key; after verifying the digital signature of the application using the public key, allowing the application to access a first sensitive API, the first sensitive API being associated with the public key; and restricting the application from accessing a second sensitive API, the second sensitive API not being associated with the public key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A device capable of controlling access to a plurality of sensitive application programming interfaces (APIs) on the device by an application signed with a private key, the device comprising:
a processor capable of executing machine readable instructions for; verifying a digital signature of the application using a public key; after verifying the digital signature of the application using the public key, allowing the application to access a first sensitive API, the first sensitive API being associated with the public key; and restricting the application from accessing a second sensitive API, the second sensitive API not being associated with the public key.
Specification