US Patent 10044716 Authorizing access to an application library

To prevent malicious code from accessing security sensitive functions implemented in a private portion of an application, accesses to the private portion are performed using a secure session established within the application between the private portion and a public portion of the same application. An authorization key can be shared between the public portion and the private portion. When the public portion attempts to invoke a function implemented in the private portion, a secure session is set up by generating a session ID, combining the session ID and the authorization key in a key derivation function to generate a conversation key, and using the conversation key to encrypt the function call from the public portion. The private portion can then decrypt a properly encrypted function call and invoke the appropriate function.