Field
This application relates to controlling execution of software code.
Description of the Related Technology
Computing devices may be configured to require that code executed on the computer system be authorized by a trusted party. For example, such authorization may be used to help ensure that the integrity of the computing device is not compromised by malicious or unauthorized code. In some cases computing devices may be configured to require that code be digitally signed by the trusted party and verified in order to be executed on the computing device and/or to control execution of software that accesses particular resources or services of the device. Verification of the digital signature helps to ensure that the underlying application code has not been modified since it was digitally signed by trusted authority 102. However, this security scheme presents challenges in allowing multiple entities to implement their policies on the device.
For example, during development, a software developer will frequently modify their code on a computer system and may attempt to test it on that system. Each time the code may be modified, the digital signature becomes invalid. Therefore, in order to execute any new or modified code, the software developer must have that code signed again by trusted authority 102. This process can be cumbersome and time consuming.