Technical Field
Embodiments of the present disclosure generally relate to application platforms, and more particularly, to methods and systems for providing flexible permissioning for application platforms.
Related Art
Existing application platforms allow an application developer to develop applications that may be used for various purposes in various contexts. In this regard, an application programming interface (API) is made available to application developers to develop applications for a specific application platform. The applications may be developed or sold by the manufacturer of a mobile device or by third party application developers. A consumer may load applications on the mobile device, which may run the applications after the mobile device has been manufactured and purchased.
An API is an interface that a software program implements to allow other software to interact with it. APIs may be implemented by applications, libraries and operating systems to define how other software can make calls to or request services from them. An API determines the vocabulary and calling conventions the application developer should employ to use the services. It may include specifications for routines, data structures, object classes, and protocols used to communicate between the application developer and the provider of the API.
Some companies make their APIs and related features freely available. For example, Microsoft makes the Microsoft Windows API public and Apple releases APIs such as Carbon and Cocoa so that software can be written for their platform. Other companies may protect information on their APIs from the general public. For example, Sony used to make its official PlayStation 2 API available only to licensed PlayStation developers. This enabled Sony to control who wrote PlayStation 2 games. Such control can have quality control benefits and potential license revenue.
However, making API features available to application developers may have a number of shortcomings related to security or confidentiality. For example, application developers may have different resources, preferences or policies for different types of security mechanisms, some preferring security mechanisms that are low in cost or easier to implement but not as reliable.
As such, providing application developers (licensed or not) with full access and use of all features of APIs may pose a risk that may be due at least in part, for example, to substandard security policies or practices of application developers using the APIs.