公开(公告)号：US20190227784A1

公开(公告)日：2019-07-25

申请号：US16147295

申请日：2018-09-28

Applicant: Apple Inc.

Inventor： Dallas B. De Atley ,  Bailey E. Basile ,  Venkat V. Memula ,  Thomas P. Mensch ,  Robert M. Marini ,  David P. Remahl ,  Kelsey J. Skillman ,  Edward E. Thomas

IPC: G06F8/65 ,  G06F21/60 ,  H04L29/06

Abstract: Embodiments described herein provide a system and method for secure delivery of assets to a trusted device. Multiple levels of verification are implemented to enable components of a software update and asset delivery system to verify other components within the system. Furthermore, updates are provided only to client devices that are authorized to receive such updates. In one embodiment, the specific assets provided to a client device during a software update can be tailored to the client device, such that individual client devices can receive updated versions of software asset at a faster or slower rate than mass market devices. For example, developer or beta tester devices can receive pre-release assets, while enterprise devices can receive updates at a slower rate relative to mass market devices.

公开(公告)号：US20190042718A1

公开(公告)日：2019-02-07

申请号：US16050021

申请日：2018-07-31

Applicant: Apple Inc.

Inventor： Deepti S. Prakash ,  Lucia E. Ballard ,  Jerrold V. Hauck ,  Feng Tang ,  Etai Littwin ,  Pavan Kumar Ansosalu Vasu ,  Gideon Littwin ,  Thorsten Gernoth ,  Lucie Kucerova ,  Petr Kostka ,  Steven P. Hotelling ,  Eitan Hirsh ,  Tal Kaitz ,  Jonathan Pokrass ,  Andrei Kolin ,  Moshe Laifenfeld ,  Matthew C. Waldon ,  Thomas P. Mensch ,  Lynn R. Youngs ,  Christopher G. Zeleznik ,  Michael R. Malone ,  Ziv Hendel ,  Ivan Krstic ,  Anup K. Sharma ,  Kelsey Y. Ho

IPC: G06F21/32 ,  G06K9/00

Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.

公开(公告)号：US20170185794A1

公开(公告)日：2017-06-29

申请号：US15400765

申请日：2017-01-06

Applicant: Apple Inc.

Inventor： Thomas P. Mensch ,  Jason D. Gosnell ,  Jerrold V. Hauck ,  Muralidhar S. Vempaty ,  Dallas B. De Atley

IPC: G06F21/62 ,  H04L9/32 ,  G06F21/60 ,  H04L29/06

CPC classification number: G06F21/6218 ,  G06F21/57 ,  G06F21/572 ,  G06F21/577 ,  G06F21/602 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/083 ,  H04L63/0876

Abstract: In various embodiments, methods, devices and systems for securely generating, sealing, and restoring factory-generated calibration and provisioning data for an electronic device are described, in which calibration and provisioning data for an electronic device are generated in a distributed manner and stored on a storage system. The calibration data can be retrieved from the storage system during device assembly and finalized calibration and provisioning data for each electronic device can be stored to the storage system. In one embodiment, a sealing server, to attest to the authenticity of the factory generated data, seals the finalized calibration data. In one embodiment, an electronic device can access a data store containing the factory-generated data and can update or restore calibration or provisioning data for the device from the data store.

公开(公告)号：US11790119B2

公开(公告)日：2023-10-17

申请号：US16683233

申请日：2019-11-13

Applicant: Apple Inc.

Inventor： Hervé Sibert ,  Eric D. Friedman ,  Erik C. Neuenschwander ,  Jerrold V. Hauck ,  Thomas P. Mensch ,  Julien F. Freudiger ,  Alan W. Yu

IPC: G06F21/64 ,  H04L9/14 ,  H04L9/32

CPC classification number: G06F21/64 ,  H04L9/14 ,  H04L9/3236 ,  H04L9/3263 ,  H04L9/3271

Abstract: Techniques are disclosed relating to application verification. In various embodiments, a computing device includes a secure circuit configured to maintain a plurality of cryptographic keys of the computing device. In such an embodiment, the computing device receives, from an application, a request for an attestation usable to confirm an integrity of the application, instructs the secure circuit to use one of the plurality of cryptographic keys to supply the attestation for the application, and provides the attestation to a remote computing system in communication with the application. In some embodiments, the secure circuit is configured to verify received metadata pertaining to the identity of the application and use the cryptographic key to generate the attestation indicative of the identity of the application.

公开(公告)号：US11151235B2

公开(公告)日：2021-10-19

申请号：US16050021

申请日：2018-07-31

Applicant: Apple Inc.

Inventor： Deepti S. Prakash ,  Lucia E. Ballard ,  Jerrold V. Hauck ,  Feng Tang ,  Etai Littwin ,  Pavan Kumar Anasosalu Vasu ,  Gideon Littwin ,  Thorsten Gernoth ,  Lucie Kucerova ,  Petr Kostka ,  Steven P. Hotelling ,  Eitan Hirsh ,  Tal Kaitz ,  Jonathan Pokrass ,  Andrei Kolin ,  Moshe Laifenfeld ,  Matthew C. Waldon ,  Thomas P. Mensch ,  Lynn R. Youngs ,  Christopher G. Zeleznik ,  Michael R. Malone ,  Ziv Hendel ,  Ivan Krstic ,  Anup K. Sharma ,  Kelsey Y. Ho

IPC: G06F21/32 ,  G06K9/00 ,  H04L9/32 ,  H04W12/06 ,  H04L29/06 ,  G06F21/83 ,  H04L9/08

Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.

公开(公告)号：US11144297B2

公开(公告)日：2021-10-12

申请号：US16147295

申请日：2018-09-28

Applicant: Apple Inc.

Inventor： Dallas B. De Atley ,  Bailey E. Basile ,  Venkat V. Memula ,  Thomas P. Mensch ,  Robert M. Marini ,  David P. Remahl ,  Kelsey J. Skillman ,  Edward E. Thomas

IPC: G06F8/65 ,  H04L29/06 ,  G06F21/60

Abstract: Embodiments described herein provide a system and method for secure delivery of assets to a trusted device. Multiple levels of verification are implemented to enable components of a software update and asset delivery system to verify other components within the system. Furthermore, updates are provided only to client devices that are authorized to receive such updates. In one embodiment, the specific assets provided to a client device during a software update can be tailored to the client device, such that individual client devices can receive updated versions of software asset at a faster or slower rate than mass market devices. For example, developer or beta tester devices can receive pre-release assets, while enterprise devices can receive updates at a slower rate relative to mass market devices.

公开(公告)号：US20210286865A1

公开(公告)日：2021-09-16

申请号：US17182076

申请日：2021-02-22

Applicant: Apple Inc.

Inventor： Deepti S. Prakash ,  Lucia E. Ballard ,  Jerrold V. Hauck ,  Feng Tang ,  Etai Littwin ,  Pavan Kumar Ansosalu Vasu ,  Gideon Littwin ,  Thorsten Gernoth ,  Lucie Kucerova ,  Petr Kostka ,  Steven P. Hotelling ,  Eitan Hirsh ,  Tal Kaitz ,  Jonathan Pokrass ,  Andrei Kolin ,  Moshe Laifenfeld ,  Matthew C. Waldon ,  Thomas P. Mensch ,  Lynn R. Youngs ,  Christopher G. Zeleznik ,  Michael R. Malone ,  Ziv Hendel ,  Ivan Krstic ,  Anup K. Sharma

IPC: G06F21/32 ,  G06K9/00 ,  H04L9/32 ,  H04W12/06 ,  H04L29/06 ,  G06F21/83 ,  H04L9/08

Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.

公开(公告)号：US10372932B2

公开(公告)日：2019-08-06

申请号：US15400765

申请日：2017-01-06

Applicant: Apple Inc.

Inventor： Thomas P. Mensch ,  Jason D. Gosnell ,  Jerrold V. Hauck ,  Muralidhar S. Vempaty ,  Dallas B. De Atley

IPC: G06F21/57 ,  G06F21/62 ,  G06F21/60 ,  H04L9/32 ,  H04L29/06

Abstract: In various embodiments, methods, devices and systems for securely generating, sealing, and restoring factory-generated calibration and provisioning data for an electronic device are described, in which calibration and provisioning data for an electronic device are generated in a distributed manner and stored on a storage system. The calibration data can be retrieved from the storage system during device assembly and finalized calibration and provisioning data for each electronic device can be stored to the storage system. In one embodiment, a sealing server, to attest to the authenticity of the factory generated data, seals the finalized calibration data. In one embodiment, an electronic device can access a data store containing the factory-generated data and can update or restore calibration or provisioning data for the device from the data store.

公开(公告)号：US20180352042A1

公开(公告)日：2018-12-06

申请号：US15721541

申请日：2017-09-29

Applicant: Apple Inc.

Inventor： Erik C. Neuenschwander ,  Hamid M. Osman ,  Solomon Reda ,  Dmytro V. Bilov ,  James C. Wilson ,  Eric Daniel Friedman ,  Thomas P. Mensch ,  Alan W. Yu

IPC: H04L29/08 ,  H04L9/30 ,  G06Q20/38 ,  H04L9/32

Abstract: Some embodiments provide a method of providing information to a third-party service. From the third-party service, the method receives a request for information regarding a particular device that is transacting with the third-party service. The request includes data encrypted by the particular device that is inaccessible to the third-party service. The method accesses the encrypted data to determine a unique identifier of the particular device. The method uses the unique identifier to determine the requested information. The method provides the requested information to the third-party service without providing an identity of the device to the third-party service.

公开(公告)号：US11868455B2

公开(公告)日：2024-01-09

申请号：US17182076

申请日：2021-02-22

Applicant: Apple Inc.

Inventor： Deepti S. Prakash ,  Lucia E. Ballard ,  Jerrold V. Hauck ,  Feng Tang ,  Etai Littwin ,  Pavan Kumar Anasosalu Vasu ,  Gideon Littwin ,  Thorsten Gernoth ,  Lucie Kucerova ,  Petr Kostka ,  Steven P. Hotelling ,  Eitan Hirsh ,  Tal Kaitz ,  Jonathan Pokrass ,  Andrei Kolin ,  Moshe Laifenfeld ,  Matthew C. Waldon ,  Thomas P. Mensch ,  Lynn R. Youngs ,  Christopher G. Zeleznik ,  Michael R. Malone ,  Ziv Hendel ,  Ivan Krstic ,  Anup K. Sharma

IPC: G06F21/32 ,  H04L9/32 ,  H04W12/06 ,  H04L9/40 ,  G06F21/83 ,  G06V40/40 ,  G06V40/16 ,  H04L9/08

CPC classification number: G06F21/32 ,  G06F21/83 ,  G06V40/166 ,  G06V40/172 ,  G06V40/40 ,  H04L9/085 ,  H04L9/0844 ,  H04L9/3228 ,  H04L9/3231 ,  H04L9/3234 ,  H04L9/3247 ,  H04L63/0861 ,  H04W12/06

Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.