| 摘要 |
A computing device stores a plurality of cryptographic keys in encrypted form in a keystore. Each key is associated with an application. The applications are said to "own" respective keys. The applications need access to the keys, for example to use them to sign data. The computing device allows a key to be used by an application if that application owns the respective key. The owning application can assign other applications as trusted users. The computing device allows such other applications to use the key also. This application authentication method reduces the need for user authentication. However in one embodiment the invention is combined with user password entry. Sub-parts of an application, such as processes, could each have an associated key. |
