公开(公告)号：US10410003B2

公开(公告)日：2019-09-10

申请号：US13913059

申请日：2013-06-07

Applicant: Apple Inc.

Inventor： Kelly B. Yancey ,  Jacques Anthony Vidrine ,  Eric Olaf Carlson ,  Paul William Chinn ,  Simon P. Cooper

IPC: G06F21/53 ,  G06F21/62

Abstract: The disclosed technology addresses the need in the art for assigning multiple containers to a single application. A container can be a specified area of a file system that an assigned application can access to store data, while other applications are restricted access to the container. In some instances, it may be beneficial for multiple applications to share some data, while still maintaining other data in a secure location, thus an application can be assigned to multiple containers, a personal container that can only be accessed by the application, and a shared container that can be accessed by multiple applications. Further, an application can be assigned an alternate container, in addition to the personal container. The alternate container can be used when an alternate user is using the client device, thus restricting the alternate user from accessing any sensitive data stored in the personal container.

公开(公告)号：US20170024559A1

公开(公告)日：2017-01-26

申请号：US14807609

申请日：2015-07-23

Applicant: Apple Inc.

Inventor： Gregory D. Hughes ,  Conrado Blasco ,  Gerard R. Williams, III ,  Jacques Anthony Vidrine ,  Jeffry E. Gonion ,  Timothy R. Paaske ,  Tristan F. Schaap

IPC: G06F21/54

CPC classification number: G06F21/54

Abstract: Systems, apparatuses, methods, and computer-readable mediums for preventing return oriented programming (ROP) attacks. A compiler may insert landing pads adjacent to valid return targets in an instruction sequence. When a return instruction is executed, the processor may treat the return as suspicious if the target of the return instruction does not have an adjacent landing pad. Additionally, each landing pad may be encoded with a color, and a colored launch pad may be inserted into the instruction stream next to each return instruction. When a return instruction is executed, the processor may determine if the target of the return has a landing pad with the same color as the launch pad of the return instruction. Return-target pairs with color mismatches may be treated as suspicious and the offending process may be killed.

Abstract translation: 用于防止返回定向编程（ROP）攻击的系统，装置，方法和计算机可读介质。 编译器可以在指令序列中插入与有效返回目标相邻的着陆焊盘。 当执行返回指令时，如果返回指令的目标没有相邻的着陆垫，则处理器可以将返回值视为可疑。 此外，每个着陆垫可以用颜色编码，并且彩色的发射板可以插入每个返回指令旁边的指令流中。 当执行返回指令时，处理器可以确定返回目标是否具有与返回指令的发射台相同颜色的着陆键盘。 具有颜色不匹配的返回目标对可能被视为可疑的，并且违规进程可能被杀死。

公开(公告)号：US20150347743A1

公开(公告)日：2015-12-03

申请号：US14576692

申请日：2014-12-19

Applicant: Apple Inc.

Inventor： James Michael Magee ,  Russell A. Blaine ,  Vishal Patel ,  Daniel Andreas Steffen ,  Kevin James Van Vechten ,  Jacques Anthony Vidrine ,  Kelly B. Yancey ,  Jainam A. Shah

IPC: G06F21/44 ,  G06F9/50

CPC classification number: G06F21/44 ,  G06F9/468 ,  G06F21/62

Abstract: A method and an apparatus to dynamically distribute privileges among a plurality of processes are described. Each process may have attributes including a privilege to control access to processing resources. A first process may be running with a first privilege prohibited from access to a processing resource. A second process may be running with a second privilege allowed to access the processing resource. The first process may receive a request from the second process to perform a data processing task for the second process. In response, the second privilege may be dynamically transferred to the first process to allow the first process to access the processing resource. The first process may perform operations for the data processing task with the second privilege transferred from the second process.

Abstract translation: 描述了在多个处理之间动态分配特权的方法和装置。 每个进程可以具有包括控制对处理资源的访问的特权的属性。 第一进程可以以禁止访问处理资源的第一权限运行。 第二个进程可能正在运行，允许访问处理资源的第二个权限。 第一进程可以从第二进程接收对第二进程执行数据处理任务的请求。 作为响应，第二权限可以被动态地转移到第一进程以允许第一进程访问处理资源。 第一进程可以执行具有从第二进程传送的第二特权的数据处理任务的操作。

公开(公告)号：US20140366157A1

公开(公告)日：2014-12-11

申请号：US13913059

申请日：2013-06-07

Applicant: Apple Inc.

Inventor： Kelly B. Yancey ,  Jacques Anthony Vidrine ,  Eric Olaf Carlson ,  Paul William Chinn ,  Simon P. Cooper

IPC: G06F21/62 ,  G06F21/53

CPC classification number: G06F21/62 ,  G06F21/53 ,  G06F21/6245

Abstract: The disclosed technology addresses the need in the art for assigning multiple containers to a single application. A container can be a specified area of a file system that an assigned application can access to store data, while other applications are restricted access to the container. In some instances, it may be beneficial for multiple applications to share some data, while still maintaining other data in a secure location, thus an application can be assigned to multiple containers, a personal container that can only be accessed by the application, and a shared container that can be accessed by multiple applications. Further, an application can be assigned an alternate container, in addition to the personal container. The alternate container can be used when an alternate user is using the client device, thus restricting the alternate user from accessing any sensitive data stored in the personal container.

Abstract translation: 所公开的技术解决了本领域对单个应用分配多个容器的需要。 容器可以是分配的应用程序可以访问以存储数据的文件系统的指定区域，而其他应用程序被限制访问容器。 在某些情况下，多个应用程序共享一些数据可能是有益的，同时仍然将其他数据保持在安全位置，因此应用程序可以分配给多个容器，只能由应用程序访问的个人容器，以及 可以由多个应用程序访问的共享容器。 此外，除了个人容器之外，还可以为应用分配备用容器。 当替代用户使用客户端设备时，可以使用备用容器，从而限制备用用户访问存储在个人容器中的任何敏感数据。

公开(公告)号：US20190354705A1

公开(公告)日：2019-11-21

申请号：US16526253

申请日：2019-07-30

Applicant: Apple Inc.

Inventor： Kelly B. Yancey ,  Jacques Anthony Vidrine ,  Eric Olaf Carlson ,  Paul William Chinn ,  Simon P. Cooper

IPC: G06F21/62 ,  G06F21/53

Abstract: The disclosed technology addresses the need in the art for assigning multiple containers to a single application. A container can be a specified area of a file system that an assigned application can access to store data, while other applications are restricted access to the container. In some instances, it may be beneficial for multiple applications to share some data, while still maintaining other data in a secure location, thus an application can be assigned to multiple containers, a personal container that can only be accessed by the applications, and a shared container that can be accessed by multiple applications. Further, an application can be assigned an alternate container, in addition to the personal container. The alternate container can be used when an alternate user is using the client device, thus restricting the alternate user from accessing any sensitive data stored in the personal container.

公开(公告)号：US10430577B2

公开(公告)日：2019-10-01

申请号：US14576692

申请日：2014-12-19

Applicant: Apple Inc.

Inventor： James Michael Magee ,  Russell A. Blaine ,  Vishal Patel ,  Daniel Andreas Steffen ,  Kevin James Van Vechten ,  Jacques Anthony Vidrine ,  Kelly B. Yancey ,  Jainam A. Shah

IPC: G06F21/44 ,  G06F9/50 ,  G06F21/62

Abstract: A method and an apparatus to dynamically distribute privileges among a plurality of processes are described. Each process may have attributes including a privilege to control access to processing resources. A first process may be running with a first privilege prohibited from access to a processing resource. A second process may be running with a second privilege allowed to access the processing resource. The first process may receive a request from the second process to perform a data processing task for the second process. In response, the second privilege may be dynamically transferred to the first process to allow the first process to access the processing resource. The first process may perform operations for the data processing task with the second privilege transferred from the second process.