公开(公告)号：US20190026117A1

公开(公告)日：2019-01-24

申请号：US16017940

申请日：2018-06-25

Applicant: Apple Inc.

Inventor： Dallas Blake DE ATLEY ,  Gordon FREEDMAN ,  Thomas Brogan DUFFY, JR. ,  Tahoma Madrone TOELKES ,  Michael John SMITH ,  Paul William CHINN ,  David RAHARDJA

IPC: G06F9/4401 ,  H04L9/08

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

公开(公告)号：US20160202998A1

公开(公告)日：2016-07-14

申请号：US14992798

申请日：2016-01-11

Applicant: Apple Inc

Inventor： Dallas Blake DE ATLEY ,  Gordon FREEDMAN ,  Thomas Brogan DUFFY, JR. ,  Tahoma Madrone TOELKES ,  Michael John SMITH ,  Paul William CHINN ,  David RAHARDJA

IPC: G06F9/44 ,  H04L9/08

CPC classification number: G06F9/4406 ,  G06F9/4401 ,  G06F21/602 ,  H04L9/0816 ,  H04L9/0891 ,  H04L9/0894 ,  H04L9/12 ,  H04L9/30 ,  H04L9/3226 ,  H04L2209/80 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

公开(公告)号：US20190182043A1

公开(公告)日：2019-06-13

申请号：US16194072

申请日：2018-11-16

Applicant: Apple Inc.

Inventor： Dallas Blake DE ATLEY ,  Joshua DE CESARE ,  Michael SMITH ,  Matthew REDA ,  Shantonu SEN ,  John Andrew WRIGHT

IPC: H04L9/30 ,  G06F11/14 ,  H04L29/06 ,  H04L9/32 ,  G06F21/51 ,  G06F21/64 ,  G06F21/57 ,  H04L9/14

Abstract: A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a ROM (read only memory) of the portable device based on a public key certification process. A certified code image may be assigned a hash signature to be stored in a storage of the portable device. An operating environment of the portable device may be established after executing the certified code.

公开(公告)号：US20170346631A1

公开(公告)日：2017-11-30

申请号：US15619276

申请日：2017-06-09

Applicant: Apple Inc.

Inventor： Dallas Blake DE ATLEY ,  Joshua DE CESARE ,  Michael SMITH ,  Matthew REDA ,  Shantonu SEN ,  John Andrew WRIGHT

IPC: H04L9/30 ,  H04L9/32 ,  H04L9/14 ,  G06F21/64 ,  G06F21/57 ,  G06F21/51 ,  H04L29/06 ,  G06F11/14

CPC classification number: H04L9/302 ,  G06F11/1417 ,  G06F21/51 ,  G06F21/572 ,  G06F21/575 ,  G06F21/64 ,  H04L9/14 ,  H04L9/3239 ,  H04L9/3247 ,  H04L9/3249 ,  H04L63/06 ,  H04L63/08

Abstract: A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a ROM (read only memory) of the portable device based on a public key certification process. A certified code image may be assigned a hash signature to be stored in a storage of the portable device. An operating environment of the portable device may be established after executing the certified code.

公开(公告)号：US20160277186A1

公开(公告)日：2016-09-22

申请号：US15077794

申请日：2016-03-22

Applicant: Apple Inc.

Inventor： Dallas Blake DE ATLEY ,  Joshua DE CESARE ,  Michael SMITH ,  Matthew REDA ,  Shantonu SEN ,  John Andrew WRIGHT

IPC: H04L9/30 ,  H04L29/06 ,  H04L9/14 ,  H04L9/32

CPC classification number: H04L9/302 ,  G06F11/1417 ,  G06F21/51 ,  G06F21/572 ,  G06F21/575 ,  G06F21/64 ,  H04L9/14 ,  H04L9/3239 ,  H04L9/3247 ,  H04L9/3249 ,  H04L63/06 ,  H04L63/08

Abstract: A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a read only memory (ROM) of the portable device based on a public key certification process. A certified code image may be assigned a hash signature to be stored in a storage of the portable device. An operating environment of the portable device may be established after executing the certified code.

公开(公告)号：US20140351605A1

公开(公告)日：2014-11-27

申请号：US14299359

申请日：2014-06-09

Applicant: Apple Inc

Inventor： Dallas Blake DE ATLEY ,  Gordon FREEDMAN ,  Thomas Brogan DUFFY, JR. ,  Tahoma Madrone TOELKES ,  Michael John SMITH ,  Paul William CHINN ,  David RAHARDJA

IPC: H04L9/30 ,  G06F9/44

CPC classification number: G06F9/4406 ,  G06F9/4401 ,  G06F21/602 ,  H04L9/0816 ,  H04L9/0891 ,  H04L9/0894 ,  H04L9/12 ,  H04L9/30 ,  H04L9/3226 ,  H04L2209/80 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

Abstract translation: 这里公开了用于擦除存储在文件系统中的用户数据的系统，方法和非暂时的计算机可读存储介质。 该方法包括在具有每个文件和每个类基础上加密的文件系统的设备上破坏包含加密密钥的所有密钥袋，擦除和重建与用户数据相关联的文件系统的至少一部分，以及创建新的默认密钥袋， 加密密钥。 本文还公开了一种擦除存储在以每个文件和每个类为基础加密的远程文件系统中的用户数据的方法。 该方法包括向远程设备发送闭塞指令，这导致远程设备破坏包含远程设备上的加密密钥的所有密钥袋，擦除并重建与用户数据相关联的文件系统的至少一部分，并在远程设备上创建 一个包含加密密钥的新的默认密钥袋。