Security concerns for all types of processor-based electronic devices, and particularly for computing devices, have become significant. While some concerns may relate to detrimental actions which may be undertaken by defective code implemented by such devices, the greater concerns relate to the ramifications of various types of attacks made upon such devices through malicious code, including code conventionally known in the field by a number of names, such as “viruses”, “worms”, “Trojan horses”, “spyware”, “malware”, and others. Many of these attacks are directed at computing devices, such as workstations, servers, desktop computers, notebook and handheld computers, and other similar devices. Many of these computing devices can run one or more application programs which a user may operate to perform a set of desired functions.
A number of methodologies have been used in an attempt to reduce or eliminate both the attacks and influence of malicious or defective code. Generally, these methodologies include detection, prevention, and mitigation. Specifically, these methodologies range from attempts to scan, identify, isolate, and possibly delete malicious code before it is introduced to the system or before it does harm (such as is the objective of anti-virus software, and the like), to restricting or containing the actions which may be taken by processes affected by malicious or defective code.
One method to protect a computing system is to sandbox a computer program to protect a computing system from a potentially malicious program. A sandbox is a mechanism utilized to separate a running computer program from other programs and/or computing resources. Some secure computing systems execute untrusted programs, or programs distributed by untrusted parties, in sandboxes. Sandbox restrictions limit the resources a computer program may access. An example of a sandbox environment is an applet that runs in a virtual machine or interpreter.
A virtual keyboard is a software application (e.g., a keyboard application) that allows a user to enter characters. A virtual keyboard can usually be operated with multiple input devices, which may include a touchscreen and a computer mouse. A component is a software package or module that can provide services to one or more applications. A system-wide component is a software package or module that can provide services to different applications in the system. For example, a keyboard application can be a system-wide component because it may be used by many different applications on a device. A first-party is an entity that provides the operating system, or an entity that provides the device hardware and the operating system. A third-party is an entity other than the provider of the operating system that creates an application program to run on the operating system. A third-party component is an application program that is provided by a third-party. A third-party component may not be trusted because it may increase the risk of security breaches. Furthermore, a third-party component may cause the user's privacy to be ignored or compromised, e.g. by conducting data mining on collected user data for commercial purposes.