Cellular telephony has progressed from a simple voice service to the point where the actual telephony application is no longer the dominant service. With the tremendous advances in the manufacturing process, amply supported by dramatic increases in the levels of integration in the semiconductor industry, coupled with remarkable developments in display technologies, modern cellphones are, more accurately, sophisticated computing appliances. The wireless connectivity means that the delivery of program information to the cellphone, colloquially a smartphone, can be done without much regard for the location of the appliance but this feature creates a new series of concerns in as much as the benefit of an unwired environment lends itself to misuse of the appliances. Application programs can be created and downloaded to the appliance with little in the way of security or privacy, with the risk being hard to mitigate.
Development of applications (Apps) for mobile appliances requires some mechanism for ensuring that the application is legitimate and will not cause harm to either the appliance itself or to the network to which it is connected. The very benefit of having an appliance which is not limited by way of mobility, exposes the appliance to malicious interference including theft of the information carried on the appliance. Service Providers, the wireless carriers, are understandably most concerned about malicious interference with their services, whereas appliance manufacturers are equally concerned for their reputations. An appliance which is easily interfered with rapidly gains user distrust and a manufacturer is left vulnerable to an angry customer base. Examples of abuse may be seen in the rise of malware (malicious software) targeting Android powered appliances and the extensive media commentary on the woes of the manufacturers.
It is therefore clear that one of the essential elements in managing application programs that may be provided to a mobile appliance, such as a smartphone, is an assurance that the program itself is genuine and is free from functionality which would allow either the appliance, or the network to which it may be connected, to be compromised.
General deployment of Applications for broad consumption is normally managed through a proprietary distribution mechanism and individuals may acquire applications by interacting with this on-line store. A seminal example is the Apple iTunes Store which is specifically engineered around the distribution and maintenance of software. In particular, the management of downloaded software and the associated rights management practices are addressed and the model incorporates a mechanism whereby a user may be automatically notified of a change or upgrade to an application which has already been downloaded to the user's appliance.
Distribution of applications in practice requires the user to either download them from a server (the virtual store) directly to the mobile appliance through a wireless network or else download them to a computer and then synchronize the application to the mobile appliance. Any payment due is controlled through this server or store and is tied to an individual's service account, whether a mobile phone account or a direct account set up separately to the on-line store. These processes are known in the art and are primarily aimed at single users.
Corporations which are large usually prefer to customize their software, often to preserve brand and to differentiate from generic software. These customization efforts may be minor or substantial but, as such, the consumer model of an application store is not considered to be appropriate; public availability or even awareness of proprietary software serves little useful purpose for the proprietor and indeed may offer insights that might expose trade secrets. Consequently, there has been significant demand from the larger corporations for the ability to create and maintain their own applications coupled with a strong preference for internal distribution mechanisms.
To support corporate activity, it is important for the appliance vendor to recognize the essential differences between the needs of a consumer and that of a large entity with many employees or associates. For example, Apple has created a license framework that allows corporations which exceed certain user-size thresholds to be treated as a single entity and to build applications that are strictly for internal use. Strategically this may be quite important if appliances like the iPhone and iPad continue to gain acceptance inside corporations. Other manufacturers such as RIM, maker of the Blackberry series of appliances, and Samsung and Motorola, with their cellphone and tablet lines of appliances, have similar needs and concerns. It becomes critical for companies to be able to develop and build their own software applications without unnecessary constraints that may be simply an artifact of a incompletely thought out rule set.
Returning to the example of the Apple license for applications, as part of this process of development and certification a corporation may apply for and receive a digital certificate in conjunction with access to the software tools which will allow it to develop internal applications for its employees. Because this certificate represents an operating authority that permits a user appliance to run associated, downloaded software, an essential condition is that this certificate must be maintained secure and shall not be shared with others. Failure to safeguard this digital authority is punishable by revocation of the authority, with the consequence that the corporation may then no longer use its applications on the mobile devices and appliances which are being used by its associates and employees.
As to the development of an application, a corporation which does not routinely develop software may engage the services of an external contractor to perform these duties and in so doing may permit the external contractor access to their digital certificate for incorporation with the application software during the compilation process. The creation of bespoke software for the corporation is a relatively straightforward process but when software already in commercial service is to be modified, then a concern arises. Commercial software packages commonly have enormous resource invested in their development and are often the jewel in their developer's crown; exposure of the source code, a necessary element when a derivative is to be made that incorporates other information such as an authorization to run on a mobile appliance. This often represents an unacceptable risk to the developer. Normal delivery of a commercial software package is usually limited to an executable object and this developer will almost certainly be unwilling to give the source code to a corporation that wants a bespoke application which is a variant of a commercial package. Source code is generally a man-readable set of instructions and comments that represents the eventual operation of a machine. To create a program that is understandable by the intended machine, the target or object, then the man-readable code is compiled. Compilation parses or “makes sense” of the man-readable instructions and builds a structure and instruction list that the target machine can use to operate within. For example if an instruction implies certain storage needs, then the compiler will allocate this storage so that the machine is not confounded. Comments which are normally written to enable explanation to persons working with the source code are entirely surplus and serve no purpose for the machine so the compiler simply discards these. Eventually after a few runs through the source code, “passes” in the art, the compiler is able to fabricate a set of machine instructions suitable for execution by the target machine. This output program from the compiler is termed “object code” since it runs on the intended object, and is no longer readable by a person.
The corporation may, likewise, be unwilling to trust the developer of the commercial software with their digital certificate in light of the consequent risk of exposure of their brand through inappropriate use. It may be surmised that a transaction of this nature demands extraordinary trust between participants and very careful security provisions to protect the data such that such a transaction to the mutual satisfaction of the partners may, generally, not be possible.