Software code signing system and method

  • US 8,489,868 B2
  • Filed: 09/20/2001
  • Issued: 07/16/2013
  • Est. Priority Date: 09/21/2000
  • Status: Active Grant
First Claim
Patent Images

1. A mobile device containing software instructions which when executed on the mobile device cause the mobile device to perform operations for controlling access to an application platform of the mobile device, the operations comprising:

  • storing a plurality of application programming interfaces (APIs) at the mobile device, wherein at least one API comprises a sensitive API to which access is restricted;

    receiving, at the mobile device, an indication that a software application on the mobile device is requesting access to the sensitive API stored at the mobile device;

    determining, at the mobile device, whether the software application is signed, wherein a signed software application includes a digital signature generated using a private key of a private key-public key pair, wherein the private key is not accessible to the mobile device;

    the mobile device using a public key of the private key-public key pair to verify the digital signature of the software application; and

    based upon verifying the digital signature at the mobile device, the mobile device allowing the software application access to the sensitive API.

View all claims

    Thank you for your feedback