摘要 |
A computing device is provided with a key manager which provides a mechanism for distinguishing between authorised use and unauthorized use of a cryptographic key by identifying an owning application for each key, which is authorised by the key manager to freely use a particular key, and is also trusted to ask for explicit confirmation from the user when considered appropriate, such as when the key is used in a signing operation. To allow for sharing of keys between applications, the owning application may be enabled to designate a list of other applications which are also trusted to use the key. |