公开(公告)号：US10142104B2

公开(公告)日：2018-11-27

申请号：US15619276

申请日：2017-06-09

Applicant: Apple Inc.

Inventor： Dallas Blake De Atley ,  Joshua De Cesare ,  Michael Smith ,  Matthew Reda ,  Shantonu Sen ,  John Andrew Wright

IPC: H04L29/00 ,  H04L9/30 ,  G06F21/51 ,  G06F21/57 ,  G06F21/64 ,  H04L9/32 ,  H04L9/14 ,  H04L29/06 ,  G06F11/14

Abstract: A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a ROM (read only memory) of the portable device based on a public key certification process. A certified code image may be assigned a hash signature to be stored in a storage of the portable device. An operating environment of the portable device may be established after executing the certified code.

公开(公告)号：US10025597B2

公开(公告)日：2018-07-17

申请号：US14992798

申请日：2016-01-11

Applicant: Apple Inc

Inventor： Dallas Blake De Atley ,  Gordon Freedman ,  Thomas Brogan Duffy, Jr. ,  Tahoma Madrone Toelkes ,  Michael John Smith ,  Paul William Chinn ,  David Rahardja

IPC: H04L9/00 ,  G06F9/4401 ,  H04L9/08 ,  H04L9/12 ,  H04L9/32 ,  G06F21/60 ,  H04L9/30 ,  H04W12/04 ,  H04W12/02 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

公开(公告)号：US09680648B2

公开(公告)日：2017-06-13

申请号：US15077794

申请日：2016-03-22

Applicant: Apple Inc.

Inventor： Dallas Blake De Atley ,  Joshua De Cesare ,  Michael Smith ,  Matthew Reda ,  Shantonu Sen ,  John Andrew Wright

IPC: H04L29/00 ,  H04L9/30 ,  G06F21/51 ,  G06F21/57 ,  G06F21/64 ,  H04L9/32 ,  H04L9/14 ,  H04L29/06 ,  G06F11/14

CPC classification number: H04L9/302 ,  G06F11/1417 ,  G06F21/51 ,  G06F21/572 ,  G06F21/575 ,  G06F21/64 ,  H04L9/14 ,  H04L9/3239 ,  H04L9/3247 ,  H04L9/3249 ,  H04L63/06 ,  H04L63/08

Abstract: A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a read only memory (ROM) of the portable device based on a public key certification process. A certified code image may be assigned a hash signature to be stored in a storage of the portable device. An operating environment of the portable device may be established after executing the certified code.

公开(公告)号：US09237016B2

公开(公告)日：2016-01-12

申请号：US14299359

申请日：2014-06-09

Applicant: Apple Inc

Inventor： Dallas Blake De Atley ,  Gordon Freedman ,  Thomas Brogan Duffy, Jr. ,  Tahoma Madrone Toelkes ,  Michael John Smith ,  Paul William Chinn ,  David Rahardja

IPC: H04L9/30 ,  H04L9/12 ,  H04L9/08 ,  G06F11/30 ,  H04L9/32 ,  G06F21/60 ,  G06F9/44 ,  H04W12/04 ,  H04W12/02 ,  H04W12/06

CPC classification number: G06F9/4406 ,  G06F9/4401 ,  G06F21/602 ,  H04L9/0816 ,  H04L9/0891 ,  H04L9/0894 ,  H04L9/12 ,  H04L9/30 ,  H04L9/3226 ,  H04L2209/80 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

公开(公告)号：US10606611B2

公开(公告)日：2020-03-31

申请号：US15817103

申请日：2017-11-17

Applicant: Apple Inc.

Inventor： Louis G. Gerbarg ,  Dallas Blake De Atley ,  Nick Kledzik ,  Peter Cooper

IPC: G06F9/445 ,  G06F16/172 ,  G06F8/60

Abstract: Disclosed herein are techniques for performing dynamic linking at a computing device. According to some embodiments, the techniques can involve receiving a request to perform a dynamic linking of a software application. The request can be issued in conjunction with installing the software application, launching the software application for a first time, and so on. In response to the request, a closure file can be generated based on different properties associated with the software application (e.g., environment variables, object files, etc.). Notably, the closure file is generated “out-of-process” relative to the execution environment of the software application. Additionally, the techniques can involve caching the closure file such that the closure file is accessible to the software application. In turn, the software application can utilize the closure file at launch/execution times to reduce a number of dynamic linking operations that otherwise are required to take place using conventional approaches.

公开(公告)号：US10931451B2

公开(公告)日：2021-02-23

申请号：US16194072

申请日：2018-11-16

Applicant: Apple Inc.

Inventor： Dallas Blake De Atley ,  Joshua De Cesare ,  Michael Smith ,  Matthew Reda ,  Shantonu Sen ,  John Andrew Wright

IPC: H04L29/00 ,  H04L9/30 ,  G06F11/14 ,  G06F21/51 ,  G06F21/57 ,  G06F21/64 ,  H04L9/32 ,  H04L9/14 ,  H04L29/06

Abstract: A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a ROM (read only memory) of the portable device based on a public key certification process. A certified code image may be assigned a hash signature to be stored in a storage of the portable device. An operating environment of the portable device may be established after executing the certified code.

公开(公告)号：US20130339715A1

公开(公告)日：2013-12-19

申请号：US13941373

申请日：2013-07-12

Applicant: Apple Inc.

Inventor： Dallas Blake De Atley ,  Gordon Freedman ,  Thomas Brogan Duffy, Jr. ,  Tahoma Madrone Toelkes ,  Michael John Smith ,  Paul William Chinn ,  David Rahardja

IPC: G06F21/60

CPC classification number: G06F9/4406 ,  G06F9/4401 ,  G06F21/602 ,  H04L9/0816 ,  H04L9/0891 ,  H04L9/0894 ,  H04L9/12 ,  H04L9/30 ,  H04L9/3226 ,  H04L2209/80 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

Abstract translation: 这里公开了用于擦除存储在文件系统中的用户数据的系统，方法和非暂时的计算机可读存储介质。 该方法包括在具有每个文件和每个类基础上加密的文件系统的设备上破坏包含加密密钥的所有密钥袋，擦除和重建与用户数据相关联的文件系统的至少一部分，以及创建新的默认密钥袋， 加密密钥。 本文还公开了一种擦除存储在以每个文件和每个类为基础加密的远程文件系统中的用户数据的方法。 该方法包括向远程设备发送闭塞指令，这导致远程设备破坏包含远程设备上的加密密钥的所有密钥袋，擦除并重建与用户数据相关联的文件系统的至少一部分，并在远程设备上创建 一个包含加密密钥的新的默认密钥袋。

公开(公告)号：US11263020B2

公开(公告)日：2022-03-01

申请号：US16017940

申请日：2018-06-25

Applicant: Apple Inc.

Inventor： Dallas Blake De Atley ,  Gordon Freedman ,  Thomas Brogan Duffy, Jr. ,  Tahoma Madrone Toelkes ,  Michael John Smith ,  Paul William Chinn ,  David Rahardja

IPC: G06F9/4401 ,  H04L9/08 ,  H04W12/04 ,  H04L9/12 ,  H04L9/32 ,  H04W12/082 ,  G06F21/60 ,  H04L9/30 ,  H04W12/02 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

公开(公告)号：US20180349156A1

公开(公告)日：2018-12-06

申请号：US15817103

申请日：2017-11-17

Applicant: Apple Inc.

Inventor： Louis G. Gerbarg ,  Dallas Blake De Atley ,  Nick Kledzik ,  Peter Cooper

IPC: G06F9/445 ,  G06F8/60 ,  G06F17/30

Abstract: Disclosed herein are techniques for performing dynamic linking at a computing device. According to some embodiments, the techniques can involve receiving a request to perform a dynamic linking of a software application. The request can be issued in conjunction with installing the software application, launching the software application for a first time, and so on. In response to the request, a closure file can be generated based on different properties associated with the software application (e.g., environment variables, object files, etc.). Notably, the closure file is generated “out-of-process” relative to the execution environment of the software application. Additionally, the techniques can involve caching the closure file such that the closure file is accessible to the software application. In turn, the software application can utilize the closure file at launch/execution times to reduce a number of dynamic linking operations that otherwise are required to take place using conventional approaches.

公开(公告)号：US08756419B2

公开(公告)日：2014-06-17

申请号：US13941373

申请日：2013-07-12

Applicant: Apple Inc.

Inventor： Dallas Blake De Atley ,  Gordon Freedman ,  Thomas Brogan Duffy, Jr. ,  Tahoma Madrone Toelkes ,  Michael John Smith ,  Paul William Chinn ,  David Rahardja

IPC: H04L29/06 ,  G06F11/30 ,  G06F7/04

CPC classification number: G06F9/4406 ,  G06F9/4401 ,  G06F21/602 ,  H04L9/0816 ,  H04L9/0891 ,  H04L9/0894 ,  H04L9/12 ,  H04L9/30 ,  H04L9/3226 ,  H04L2209/80 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

Abstract translation: 这里公开了用于擦除存储在文件系统中的用户数据的系统，方法和非暂时的计算机可读存储介质。 该方法包括在具有每个文件和每个类基础上加密的文件系统的设备上破坏包含加密密钥的所有密钥袋，擦除和重建与用户数据相关联的文件系统的至少一部分，以及创建新的默认密钥袋， 加密密钥。 本文还公开了一种擦除存储在以每个文件和每个类为基础加密的远程文件系统中的用户数据的方法。 该方法包括向远程设备发送闭塞指令，这导致远程设备破坏包含远程设备上的加密密钥的所有密钥袋，擦除并重建与用户数据相关联的文件系统的至少一部分，并在远程设备上创建 一个包含加密密钥的新的默认密钥袋。