Software code signing system and method
DC CAFCFirst Claim
Patent Images
1. A mobile device containing software instructions which when executed on the mobile device cause the mobile device to perform operations for controlling access to an application platform of the mobile device, the operations comprising:
- storing a plurality of application programming interfaces (APIs) at the mobile device, wherein at least one API comprises a sensitive API to which access is restricted;
receiving, at the mobile device, an indication that a software application on the mobile device is requesting access to the sensitive API stored at the mobile device;
determining, at the mobile device, whether the software application is signed, wherein a signed software application includes a digital signature generated using a private key of a private key-public key pair, wherein the private key is not accessible to the mobile device;
the mobile device using a public key of the private key-public key pair to verify the digital signature of the software application; and
based upon verifying the digital signature at the mobile device, the mobile device allowing the software application access to the sensitive API.
2 Assignments
Litigations
2 Petitions
Accused Products
Abstract
A code signing system and method is provided. The code signing system operates in conjunction with a signed software application having a digital signature and includes an application platform, an application programming interface (API), and a virtual machine. The API is configured to link the software application with the application platform. The virtual machine verifies the authenticity of the digital signature in order to control access to the API by the software application.
48 Citations
144 Claims
-
1. A mobile device containing software instructions which when executed on the mobile device cause the mobile device to perform operations for controlling access to an application platform of the mobile device, the operations comprising:
-
storing a plurality of application programming interfaces (APIs) at the mobile device, wherein at least one API comprises a sensitive API to which access is restricted; receiving, at the mobile device, an indication that a software application on the mobile device is requesting access to the sensitive API stored at the mobile device; determining, at the mobile device, whether the software application is signed, wherein a signed software application includes a digital signature generated using a private key of a private key-public key pair, wherein the private key is not accessible to the mobile device; the mobile device using a public key of the private key-public key pair to verify the digital signature of the software application; and based upon verifying the digital signature at the mobile device, the mobile device allowing the software application access to the sensitive API. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 101, 105, 109, 113, 114, 115, 116, 117, 118, 119, 120)
-
-
26. A system for controlling access to an application platform on a mobile device, comprising:
-
one or more processors; one or more computer-readable storage mediums containing software instructions executable on the one or more processors to cause the one or more processors to perform operations including; storing a plurality of application programming interfaces (APIs) at the mobile device, wherein at least one API comprises a sensitive API to which access is restricted; receiving, at the mobile device, an indication that a software application is requesting access to the sensitive API stored at the mobile device; determining, at the mobile device, whether the software application is signed, wherein a signed software application includes a digital signature generated using a private key of a private key-public key pair, wherein the private key is not accessible to the mobile device; the mobile device using a public key of the private key-public key pair to verify the digital signature of the signed software application; and based upon verifying the digital signature, the mobile device allowing the software application access to the sensitive API. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 102, 106, 110, 121, 122, 123, 124, 125, 126, 127, 128)
-
-
51. A non-transitory computer-readable storage medium encoded with instructions that when executed on one or more processors of a mobile device, cause the mobile device to perform instructions for controlling access to an application platform of the mobile device, the instructions comprising:
-
storing a plurality of application programming interfaces (APIs) at the mobile device, wherein at least one API comprises a sensitive API to which access is restricted; receiving, at the mobile device, an indication that a software application on the mobile device is requesting access to the sensitive API stored at the mobile device; determining, at the mobile device, whether the software application is signed, wherein a signed software application includes a digital signature generated using a private key of a private key-public key pair, wherein the private key is not accessible to the mobile device; the mobile device using the public key of the private key-public key pair to verify the digital signature of the software application; and based upon verifying the digital signature at the mobile device, the mobile device allowing the software application access to the sensitive API. - View Dependent Claims (52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 103, 107, 111, 129, 130, 131, 132, 133, 134, 135, 136)
-
-
76. A method for controlling access to an application platform of a mobile device, comprising:
-
storing a plurality of application programming interfaces (APIs) at the mobile device, wherein at least one API comprises a sensitive API to which access is restricted; receiving, at the mobile device, an indication that a software application on the mobile device is requesting access to the sensitive API stored at the mobile device; determining, at the mobile device, whether the software application is signed, wherein a signed software application includes a digital signature generated using a private key of a private key-public key pair, wherein the private key is not accessible to the mobile device; mobile device using a public key of the private key-public key pair to verify of the digital signature of the software application; and based upon verifying the digital signature at the mobile device, the mobile device allowing the software application access to the sensitive API. - View Dependent Claims (77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 104, 108, 112, 137, 138, 139, 140, 141, 142, 143, 144)
-
Specification