Users of mobile stations are increasingly using their mobile stations in multiple distinct contexts. For example, a mobile station may be used for both work and personal activities, as well as other purposes. A mobile station stores applications and user data, including sensitive data (e.g., personal or confidential data) for use in one or more specific contexts. For example, the mobile station may store applications used exclusively for work purposes, and store other applications used exclusively for personal purposes. The mobile station may further store password or other authentication credential for exclusive work-related use, and the mobile station may store payment or other personal information for exclusive personal use. A work-related remote-access application (e.g., a virtual private networking (VPN) application) running on the mobile station may therefore use a work-related authentication credential to access the network service, while a personal payment application running on the mobile station may use the payment or other personal information (e.g., a credit card number) to make personal purchases.
Sensitive data stored on the mobile station, however, is readily accessible to these applications regardless of each application's context. As a result, personal sensitive data may be accessible by a work-related application, while work-related sensitive data may be accessible by a personal application. A need therefore exists to enable users to securely store sensitive data, and limit access to the secure data such that only those applications authenticated for the data can access the data.