An Android application, which may purposely call another application, has advantages that an action of the Android application may be easily extended and an application service may be rapidly developed. However, when an application calls another application, in order to maintain security, a calling application (hereinafter, referred to as a master application) needs to authenticate a called application (hereinafter, referred to as a slave application) and the slave application needs to authenticate the master application.
Examples of a method of authenticating an application of the related art include a method of exchanging a certificate of authentication through a Certificate Authority (CA) and a method of exchanging a public key. However, the method of exchanging a certificate of authentication has a drawback in that since the CA intervenes, costs are high. The method of exchanging a public key has a problem that both slave and master applications have to have a private key and a public key as a pair and, since each application has to protect the private key by itself, it is difficult to manage the private key and maintain security.
Therefore, a need exists for a method and an apparatus for accurately performing authentication between applications at low costs.
The above information is presented as background information only to assist with an understanding of the present disclosure. No determination has been made, and no assertion is made, as to whether any of the above might be applicable as prior art with regard to the present disclosure.