| CPC H04L 9/3234 (2013.01) [G06F 21/53 (2013.01); G06F 21/606 (2013.01); H04L 63/061 (2013.01); H04L 63/0853 (2013.01); H04L 63/0876 (2013.01); H04L 67/10 (2013.01)] | 19 Claims |
|
1. A method of providing an execution environment in a computing device, comprising:
loading a plurality of trusted applications into a memory of the computing device;
maintaining, in the memory, a plurality of communication associations;
detecting an attempt to communicate with a recipient application by an originating application, the recipient application being selected from the plurality of trusted applications;
searching through the plurality of communication associations for a communication association comprising an identifier of the recipient application and an identifier of the originating application;
when the communication association comprising the identifier of the recipient application and the identifier of the originating application is not found, disallowing the communication; and
when the communication association comprising the identifier of the recipient application and the identifier of the originating application is found,
identifying a message for transmission between the originating application and the recipient application,
generating a key based on the identifier of the recipient application and a unique file-specific identifier of a file system,
writing the identified message to a file, the contents of the file encrypted using the generated key;
transmitting, using the generated key, the file with the identified message to the recipient application,
receiving the generated key at the recipient application for decrypting the message, and
reading the file and decrypting the message, by the recipient application, using the generated key.
|