Abstract: A method for preventing unauthorized software activity in an operating system environment including the steps of (1) intercepting a call to a requested application by a calling application running on the operating system environment; (2) determining whether the calling application is authorized or unauthorized to make the call; (3) determining whether the requested application is authorized or unauthorized; (4) processing the call only if the calling application is authorized to make the call and the requested application is authorized; and (5) rejecting the call if the calling application is unauthorized to make the call or the requested application is unauthorized.