diff --git a/interfaces/innerkits/code_sign_attr_utils/BUILD.gn b/interfaces/innerkits/code_sign_attr_utils/BUILD.gn
index 5a53cfb6afd9e9ee4de47a9929b94a97f07bc607..cdac4be899c5f83c773be8ec8c58b24a11d73ee2 100755
--- a/interfaces/innerkits/code_sign_attr_utils/BUILD.gn
+++ b/interfaces/innerkits/code_sign_attr_utils/BUILD.gn
@@ -19,7 +19,10 @@ config("public_attr_utils_configs") {
 }
 
 ohos_static_library("libcode_sign_attr_utils") {
-  sources = [ "src/code_sign_attr_utils.c" ]
+  sources = [
+    "src/code_sign_attr_utils.c",
+    "src/ownerid_utils.cpp",
+  ]
 
   configs = [
     ":public_attr_utils_configs",
@@ -32,6 +35,7 @@ ohos_static_library("libcode_sign_attr_utils") {
   external_deps = [
     "c_utils:utils",
     "hilog:libhilog",
+    "init:libbegetutil",
   ]
 
   part_name = "code_signature"
diff --git a/interfaces/innerkits/code_sign_attr_utils/include/ownerid_utils.h b/interfaces/innerkits/code_sign_attr_utils/include/ownerid_utils.h
new file mode 100644
index 0000000000000000000000000000000000000000..e992eff86e74c5aa28b9a36fb0fdeb61c2ad9033
--- /dev/null
+++ b/interfaces/innerkits/code_sign_attr_utils/include/ownerid_utils.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef OWNERID_UTILS_H
+#define OWNERID_UTILS_H
+#include <stdint.h>
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+uint32_t ConvertIdType(int idType, const char *ownerId);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
\ No newline at end of file
diff --git a/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c b/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c
index c518d9583da131853285f0f871c281d761f7469e..04a39fbacd9bae3309c3dd66d965e6dd27ed6e24 100755
--- a/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c
+++ b/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c
@@ -14,6 +14,7 @@
  */
 
 #include "code_sign_attr_utils.h"
+#include "ownerid_utils.h"
 
 #include <fcntl.h>
 #include <unistd.h>
@@ -86,6 +87,7 @@ int InitXpm(int enableJitFort, uint32_t idType, const char *ownerId)
     // set owner id
     int ret = CS_SUCCESS;
     if (idType != PROCESS_OWNERID_UNINIT) {
+        idType = ConvertIdType(idType, ownerId);
         ret = DoSetXpmOwnerId(fd, idType, ownerId);
     }
 
diff --git a/interfaces/innerkits/code_sign_attr_utils/src/ownerid_utils.cpp b/interfaces/innerkits/code_sign_attr_utils/src/ownerid_utils.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..bcc58c423ddf35a12685a14fac3c059850ca3755
--- /dev/null
+++ b/interfaces/innerkits/code_sign_attr_utils/src/ownerid_utils.cpp
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "ownerid_utils.h"
+#include "code_sign_attr_utils.h"
+#include "parameter.h"
+#include "log.h"
+
+#include <string>
+#include <unordered_set>
+
+#define SECURE_SHIELD_MODE_KEY "ohos.boot.advsecmode.state"
+#define VALUE_MAX_LEN 32
+
+// the list will be removed before 930
+static const std::unordered_set<std::string> g_tempAllowList;
+
+static const std::unordered_set<std::string> g_secureShieldAllowList;
+
+static uint32_t IsSecureShieldModeOn()
+{
+    char secureShieldModeValue[VALUE_MAX_LEN] = {0};
+    (void)GetParameter(SECURE_SHIELD_MODE_KEY, "0", secureShieldModeValue, VALUE_MAX_LEN - 1);
+    return (strcmp(secureShieldModeValue, "0") != 0);
+}
+
+uint32_t ConvertIdType(int idType, const char *ownerId)
+{
+    if (ownerId == nullptr) {
+        return idType;
+    }
+    if ((idType != PROCESS_OWNERID_APP) && (idType != PROCESS_OWNERID_APP_TEMP_ALLOW)) {
+        return idType;
+    }
+    idType = PROCESS_OWNERID_APP;
+    std::string ownerIdStr(ownerId);
+    // check different list on secure shield mode or normal mode
+    if (IsSecureShieldModeOn()) {
+        if (g_secureShieldAllowList.count(ownerIdStr) != 0) {
+            LOG_INFO("Xpm: app in secure shield allow list");
+            return PROCESS_OWNERID_APP_TEMP_ALLOW;
+        }
+    } else {
+        if (g_tempAllowList.count(ownerIdStr) != 0) {
+            LOG_INFO("Xpm: app in temporary allow list");
+            return PROCESS_OWNERID_APP_TEMP_ALLOW;
+        }
+    }
+    return idType;
+}
\ No newline at end of file