I. Field
The present invention relates generally to cryptography, and more specifically to techniques for managing signing privileges for a cryptographic signing service.
II. Background
Cryptography is widely used to provide security for various applications. Cryptography may be used to safeguard confidential and critical information, provide authentication, support secure transactions, protect software and contents, and so on.
As an example, cryptography may be used to control which software releases may be executed by a wireless device (e.g., a cellular phone). The wireless device typically requires software to control the hardware within the device and to support various designed functions. The software may be loaded into a non-volatile memory within the device during manufacturing and/or downloaded onto the device during activation. Regardless of how the software is loaded onto the device, it may be desirable or necessary to (1) ascertain whether or not the loaded software is authorized, (2) allow execution of the software if it is an authorized version, and (3) prevent execution of the software if it is an unauthorized version.
To complicate matters, there may be many different models of wireless devices and many different software releases for each device model. Furthermore, there may be many vendors, and each vendor may have different privileges as to which software releases the vendor may use for each device model. It may thus be challenging to keep track of the privileges of the different vendors and to provide cryptographic services for these vendors in an efficient manner.