Security solutions such as, for example, a version of SE for Android may provide signature or system based permissions check to identify a caller of APIs and methods. It also may use UID (User Identity) and PID (Process Identity) to identify the caller at run time. The disadvantage of the mechanism is that the caller for a signature or system based permissions check may be limited by two groups: system service or system app, and the signature should be the same with the service.
The UID cannot unique identify the application caller, since a single app on a different devices has different UID, thus cannot be used in pre-configured policy.
The PID will be changed at run-time, and it is not a strong credential to be used for authorization.
The above information is presented as background information only to assist with an understanding of the present disclosure. No determination has been made, and no assertion is made, as to whether any of the above might be applicable as prior art with regard to the present disclosure.