Search

US-20260127295-A1 - Device and Method for Securely Communicating Intents Between Applications Running on a Same Computing Device

US20260127295A1US 20260127295 A1US20260127295 A1US 20260127295A1US-20260127295-A1

Abstract

A process for securely communicating intents between applications running on the same computing device. A first application running on a computing device and signed in using a first identity of a first user receives a request to invoke an intent with a second application running on the computing device. The first application generates an intent private key in response to determining that the intent is to be accepted at the second application while the second application is signed in by a first user using a second identity. The first application encrypts and signs a key exchange message encapsulating the intent private key using parameters associated with the first and second identities of the first user. The first application encrypts the intent using the intent private key and securely communicates the intent to the second application.

Inventors

  • Ramu Kandula
  • Raajeev Kuppa
  • RAJENDRA ANTHONY

Assignees

  • MOTOROLA SOLUTIONS, INC.

Dates

Publication Date
20260507
Application Date
20241104

Claims (20)

  1. 1 . A method for securely communicating intents between applications running on a same computing device, the method comprising: receiving, at a first application running on a computing device, a request to invoke an intent with a second application running on the computing device while the first application is operating on behalf of a first user signed in to the first application using a first identity of the first user; determining, at the first application, from a security policy, that the intent to be invoked by the first application is to be accepted at the second application while the second application is operating on behalf of the first user signed in to the second application using a second identity of the first user; generating, based on the determination, an intent private key at a first application running on a computing device; generating, at the first application, a key exchange message encapsulating the intent private key, the key exchange message being encrypted and signed using one or more of a first set of parameters associated with the first identity of the first user and one or more of a second set of parameters associated with the second identity of the first user; transmitting the key exchange message from the first application to the second application to enable the second application, by using one or more of a third set of parameters associated with the first identity of the first user and one or more of a fourth set of parameters associated with the second identity of the first user, to decrypt the key exchange message, verify a signature applied to the key exchange message, and retrieve the intent private key from the key exchange message; and securely communicating the intent from the first application to the second application by encrypting the intent invoked by the first application using the intent private key.
  2. 2 . The method of claim 1 , wherein the computing device is a mobile computing device.
  3. 3 . The method of claim 1 , wherein the first identity of the first user and the second identity of the first user are the same.
  4. 4 . The method of claim 1 , wherein the first application uses an identity based encryption scheme for encrypting and signing the key encryption message.
  5. 5 . The method of claim 1 , wherein: the first set of parameters include (i) a public key of a key management server associated with the first application; (ii) a first private key provisioned for the first identity of the first user at the key management server associated with the first application; and (iii) the first identity of the first user; the second set of parameters include (i) a public key of a key management server associated with the second application; and (ii) the second identity of the first user; the third set of parameters include (i) a public key of a key management server associated with the second application; (ii) a second private key provisioned for the second identity of the first user at the key management server associated with the second application; and (iii) the second identity of the first user; and the fourth set of parameters include (i) a public key of a key management server associated with the first application; and (ii) the first identity of the first user.
  6. 6 . The method of claim 1 , further comprising: retrieving, at the first application, a first user token associated with the first identity of the first user, in response to determining that the first application is intending to invoke an intent with the second application running on the computing device on behalf of the first user; transmitting, from the first application to a key management server associated with the first application, a request including the first user token associated with the first identity of the first user; and receiving, at the first application, from the key management server associated with the first application, a response including a subset of the first set of parameters and a subset of the second set of parameters.
  7. 7 . The method of claim 1 , further comprising: provisioning the first application with information containing the first set of parameters and the second set of parameters.
  8. 8 . The method of claim 1 , wherein the second application uses an identity based encryption scheme to decrypt the key exchange message, verify the signature applied to the key exchange message, and retrieve the intent private key from the key exchange message.
  9. 9 . The method of claim 1 , further comprising: decrypting, at the second application, the key exchange message to retrieve the intent private key; and verifying, at the second application, that the signature applied to the key exchange message by the first application corresponds to the first identity of the first user, wherein the decrypting and the verifying are performed at the second application using one or more of the third set of parameters and one or more of the fourth set of parameters.
  10. 10 . The method of claim 1 , further comprising: retrieving, at the second application, a second user token associated with the second identity of the first user signed in to the second application at the computing device in response to determining that the second application is intending to accept an intent from the first application running on the computing device on behalf of the first user; transmitting, from the second application to a key management server associated with the second application, a request including the user token associated with the second identity of the first user; and receiving, at the second application, from the key management server associated with the second application, a response including the third set of parameters and the fourth set of parameters.
  11. 11 . The method of claim 1 , further comprising: provisioning the second application with information containing the third set of parameters and the fourth set of parameters.
  12. 12 . A method for securely communicating intents between applications running on a same computing device, the method comprising: receiving, at a first application running on a computing device, a request to invoke an intent with a second application running on the computing device while the first application is operating on behalf of a first user signed in to the first application using a first identity of the first user; determining, at the first application, from a security policy, that the intent to be invoked by the first application is to be accepted at the second application while the second application is operating on behalf of a second user signed in to the second application using a second identity of the second user; generating, based on the determination, an intent private key at a first application running on a computing device; generating, at the first application, a key exchange message encapsulating the intent private key, the key exchange message being encrypted and signed using one or more of a first set of parameters associated with the first identity of the first user and one or more of a second set of parameters associated with the second identity of the second user; transmitting the key exchange message from the first application to the second application to enable the second application, by using one or more of a third set of parameters associated with the first identity of the first user and one or more of a fourth set of parameters associated with the second identity of the second user, to decrypt the key exchange message, verify a signature applied to the key exchange message, and retrieve the intent private key from the key exchange message; and securely communicating the intent from the first application to the second application by encrypting the intent invoked by the first application using the intent private key.
  13. 13 . The method of claim 12 , wherein the computing device is a mobile computing device.
  14. 14 . The method of claim 12 , wherein the first application uses an identity based encryption scheme for encrypting and signing the key encryption message.
  15. 15 . The method of claim 12 , wherein: the first set of parameters include (i) a public key of a key management server associated with the first application; (ii) a first private key provisioned for the first identity of the first user at the key management server associated with the first application; and (iii) the first identity of the first user; the second set of parameters include (i) a public key of a key management server associated with the second application; and (ii) the second identity of the second user; the third set of parameters include (i) a public key of a key management server associated with the second application; (ii) a second private key provisioned for the second identity of the second user at the key management server associated with the second application; and (iii) the second identity of the second user; and the fourth set of parameters include (i) a public key of a key management server associated with the first application; and (ii) the first identity of the first user.
  16. 16 . The method of claim 12 , further comprising: retrieving, at the first application, a first user token associated with the first identity of the first user, in response to determining that the first application is intending to invoke an intent with the second application running on the computing device on behalf of the first user; transmitting, from the first application to a key management server associated with the first application, a request including the first user token associated with the first identity of the first user; and receiving, at the first application, from the key management server associated with the first application, a response including a subset of the first set of parameters and a subset of the second set of parameters.
  17. 17 . The method of claim 12 , further comprising: provisioning the first application with information containing the first set of parameters and the second set of parameters.
  18. 18 . The method of claim 12 , wherein the second application uses an identity based encryption scheme to decrypt the key exchange message, verify the signature applied to the key exchange message, and retrieve the intent private key from the key exchange message.
  19. 19 . A computing device, comprising: an electronic processor; and a memory communicatively coupled to the electronic processor, the memory storing program instructions that, when executed by the electronic processor, cause a first application running on the computing device to: receive a request to invoke an intent with a second application running on the computing device while the first application is operating on behalf of a first user signed in to the first application using a first identity of the first user; determine, from a security policy, that the intent to be invoked by the first application is to be accepted at the second application while the second application is operating on behalf of the first user signed in to the second application using a second identity of the first user; generate, based on the determination, an intent private key; generate, at the first application, a key exchange message encapsulating the intent private key, the key exchange message being encrypted and signed using one or more of a first set of parameters associated with the first identity of the first user and one or more of a second set of parameters associated with the second identity of the first user; transmit the key exchange message to the second application to enable the second application, by using one or more of a third set of parameters associated with the first identity of the first user and one or more of a fourth set of parameters associated with the second identity of the first user, to decrypt the key exchange message, verify a signature applied to the key exchange message, and retrieve the intent private key from the key exchange message; and securely communicate the intent to the second application by encrypting the intent invoked by the first application using the intent private key.
  20. 20 . The computing device of claim 19 , wherein: the first set of parameters include (i) a public key of a key management server associated with the first application; (ii) a first private key provisioned for the first identity of the first user at the key management server associated with the first application; and (iii) the first identity of the first user; the second set of parameters include (i) a public key of a key management server associated with the second application; and (ii) the second identity of the first user; the third set of parameters include (i) a public key of a key management server associated with the second application; (ii) a second private key provisioned for the second identity of the first user at the key management server associated with the second application; and (iii) the second identity of the first user; and the fourth set of parameters include (i) a public key of a key management server associated with the first application; and (ii) the first identity of the first user.

Description

BACKGROUND Computing devices such as smartphones and radios operate through operating systems and applications to manage tasks and provide communication services. Operating systems use messages to facilitate communications between applications installed on a device. For instance, the Android™ operating system relies on messaging objects called “intents” for sending and receiving data, initiating actions, or triggering processes between applications. As an example, a messaging application may use an intent to request a map application to launch a navigation service corresponding to an address displayed on a text message. As another example, the mapping application may use an intent to request the messaging application to send the location of a user with the user's contact stored in the messaging application. BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS In the accompanying figures similar or the same reference numerals may be repeated to indicate corresponding or analogous elements. These figures, together with the detailed description, below are incorporated in and form part of the specification and serve to further illustrate various embodiments of concepts that include the claimed invention, and to explain various principles and advantages of those embodiments. FIG. 1 is a block diagram of a system in accordance with some embodiments. FIG. 2 is a block diagram of a computing device shown in FIG. 1 in accordance with some embodiments. FIG. 3 is a block diagram of a key management server shown in FIG. 1 in accordance with some embodiments. FIG. 4 illustrates a flowchart of a process for securely communicating intents between applications running on a same computing device in accordance with some embodiments. FIG. 5 is a message flow diagram illustrating the process shown in FIG. 4 in accordance with some embodiments. FIG. 6 illustrates a flowchart of another process for securely communicating intents between applications running on a same computing device in accordance with some embodiments. Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help improve understanding of embodiments of the present disclosure. The apparatus and method components have been represented where appropriate by conventional symbols in the drawings, showing only those specific details that are pertinent to understanding the embodiments of the present disclosure so as not to obscure the disclosure with details that will be readily apparent to those of ordinary skill in the art having the benefit of the description herein. DETAILED DESCRIPTION OF THE INVENTION As described above, intents are useful to facilitate seamless communication between applications. However, the information exchanged by means of intents is not secure as it is visible to entities having access to the device's operating system environment. Devices are sometimes shared by multiple users and an application residing on the device may handle data and services for multiple users. For example, a first application running on a particular computing device may share sensitive information about a first user to a second application running on the same computing device by invoking an intent. The second application may store information corresponding to the first user while executing the intent invoked by the first application. In this case, a second user having access to the second application on the same computing device may be able to access the information stored by the second application corresponding to the first user even though the second user is not otherwise authorized to access the information shared corresponding to the user. Accordingly, there is a need for a technological solution that provides for secure communications of intents between applications running on a computing device. A first embodiment provides a method for securely communicating intents between applications running on a same computing device. The method comprises: receiving, at a first application running on a computing device, a request to invoke an intent with a second application running on the computing device while the first application is operating on behalf of a first user signed in to the first application using a first identity of the first user; determining, at the first application, from a security policy, that the intent to be invoked by the first application is to be accepted at the second application while the second application is operating on behalf of the first user signed in to the second application using a second identity of the first user; generating, based on the determination, an intent private key at a first application running on a computing device; generating, at the first application, a key exchange message encapsulating the intent private key, the