摘要 |
Systems, methods and machine-readable media for providing a security service are disclosed. The methods include receiving a modification of the application object code to allow the software application to transmit a request for the security service; retrieving the modified application object code corresponding to the software application from memory; receiving, via a processor, the request for the security service from the modified application object code; and providing, via the processor, the security service. The systems and machine-readable media performing operations according to the methods disclosed. |
主权项 |
1. A method for securely transferring a data object from a source application to a destination application on a computing device, the method comprising:
providing a source application and a destination application on a computing device, the source and destination applications each having original, post-compile object code; modifying, using at least one processor operatively coupled with a memory, the original object code of the source application to create first replacement object code for the source application; modifying, using the at least one processor operatively coupled with the memory, the original object code of the destination application to create second replacement object code for the destination application; transferring, from the source application to the destination application, a data object that is encrypted with an object data protection key; requesting, from the first replacement code of the source application to a security manager application on the computing device, a source application key that is associated with the source application; decrypting the source application key using a data protection root key from the security manager application; decrypting, by the first replacement code of the source application, the object data protection key with the decrypted source application key; encrypting, by the first replacement code of the source application, the object data protection key with a data-sharing key or a destination application key, the destination application key associated with the destination application; sharing with the destination application the object data protection key that is encrypted with the data-sharing key or destination application key; decrypting, in the second replacement code of the destination application, the object data protection key that is encrypted with the data-sharing key or destination application key; and decrypting, in the second replacement code of the destination application, the object data using the unencrypted object data protection key. |