Android permissions guard activities between applications. From Security perspective, android frame work is as same as an application. To use signature level or permission defined by framework, your application has to be signed using same key.
You can define signature level permission in your application as well. And you can use multiple signing keys to sign your application. Other app would need to be signed using one of signing keys you used so they can use permission enforced by your application. Do you agree with me? For T-Mobile G1, HTC generated 4 keys to sign different groups of APKs. These 4 keys are corresponding to 4 keys in open source: testkey, media, platform and shared. You can search .bks files under build directory.
