公开(公告)号：US11164179B2

公开(公告)日：2021-11-02

申请号：US16428724

申请日：2019-05-31

Applicant: Apple Inc.

Inventor： Hubert Greiche ,  Gianpaolo Fasoli ,  Stacey R. Abrams ,  Richard W. Heard

IPC: G06Q20/36 ,  G06Q20/40 ,  H04L9/08 ,  H04L9/32 ,  G06Q20/32

Abstract: Techniques are disclosed relating to securely receiving and storing credentials. In some embodiments, a computing device includes an application executable to supply a credential to an external system. A secure circuit of the computing device is configured to send, to a credential storage, a request for the credential, the request including a first certificate identifying a first public key and a stipulation to perform a user authentication before permitting use of a first private key corresponding to the first public key. The secure circuit receives, from the credential storage, the credential encrypted using the first public key and, based on the stipulation, performs the user authentication prior to decrypting the credential and supplying it to the application. In some embodiments, the secure circuit receives the first certificate by providing information about hardware included in the computing device to a hardware verification service.

公开(公告)号：US20210319418A1

公开(公告)日：2021-10-14

申请号：US17306640

申请日：2021-05-03

Applicant: Apple Inc.

Inventor： Thomas Alsina ,  Augustin J. Farrugia ,  Edward T. Schmidt ,  Gianpaolo Fasoli ,  Sean B. Kelly

IPC: G06Q20/12 ,  H04L29/08 ,  H04L29/06 ,  G06Q20/40 ,  G06Q20/22 ,  G06F21/10 ,  G06Q10/06

Abstract: One or more user accounts can be linked together to form a group of linked user accounts to access content items assigned to the other user accounts in the group of linked user accounts. Prior to completing a purchase for a content item, a requesting user can be alerted that a member of the group of linked user accounts has access to the content item. Content items assigned to a member of a group of linked user accounts can be downloaded by one or more other members of the group of linked user accounts along with a Digital Rights Management (DRM) key that enables use of the content item. The DRM key can represent the group relationship between the downloading user account and the content owner's user account to which the content item is assigned.

公开(公告)号：US20200234283A1

公开(公告)日：2020-07-23

申请号：US16428724

申请日：2019-05-31

Applicant: Apple Inc.

Inventor： Hubert Greiche ,  Gianpaolo Fasoli ,  Stacey R. Abrams ,  Richard W. Heard

IPC: G06Q20/36 ,  G06Q20/40 ,  G06Q20/32 ,  H04L9/08 ,  H04L9/32

Abstract: Techniques are disclosed relating to securely receiving and storing credentials. In some embodiments, a computing device includes an application executable to supply a credential to an external system. A secure circuit of the computing device is configured to send, to a credential storage, a request for the credential, the request including a first certificate identifying a first public key and a stipulation to perform a user authentication before permitting use of a first private key corresponding to the first public key. The secure circuit receives, from the credential storage, the credential encrypted using the first public key and, based on the stipulation, performs the user authentication prior to decrypting the credential and supplying it to the application. In some embodiments, the secure circuit receives the first certificate by providing information about hardware included in the computing device to a hardware verification service.

公开(公告)号：US20190394189A1

公开(公告)日：2019-12-26

申请号：US16147451

申请日：2018-09-28

Applicant: Apple Inc.

Inventor： Gokul P. Thirumalai ,  Daniel B. Pollack ,  Robert D. Butler ,  Ryan W. Baker ,  David G. Knipp ,  Sudhakar N. Mambakkam ,  Jonathon Sodos ,  Hannah S. Story ,  Hervé Sibert ,  Gianpaolo Fasoli

IPC: H04L29/06 ,  H04L9/32 ,  H04W12/06 ,  H04W12/08 ,  H04W4/14

Abstract: Implementations of the subject technology provide for performing, by a device, a request for obtaining information related to a phone authentication certificate (PAC) that was generated for the device, the PAC authenticating that a particular phone number is associated with the device, the request including packets of data. The subject technology receives the information related to the PAC, the information including an indication that the PAC was generated for the device. The subject technology sends, from the device, a request for validating the PAC to a remote server based at least in part on the information related to the PAC. Further, the subject technology receives a confirmation of validating the PAC from the remote server based at least in part on the information related to the PAC.

公开(公告)号：US10423763B2

公开(公告)日：2019-09-24

申请号：US16012388

申请日：2018-06-19

Applicant: Apple Inc.

Inventor： Gianpaolo Fasoli ,  Apoorva Govind ,  Augustin J. Farrugia ,  Raffi T. Khatchadourian

IPC: G06F21/10 ,  H04W4/60 ,  G06F16/22 ,  H04L29/06 ,  H04N21/254 ,  H04N21/6334

Abstract: User accounts can be linked together to form a group of linked user accounts that can access content items assigned to the other user accounts in the group. A user can download content items assigned to their user account, as well as shared content items assigned to one of the other user accounts in the group of linked user accounts. Use of shared content items can be restricted to client devices running specified versions of an operating system. The key ID tagged to a shared content item can be altered such that the key ID no longer correctly identifies the corresponding DRM key that enables use of the shared content item. Client devices authorized to use shared content items can be configured to recognize that a content item is a shared content item and generate the original key ID form the altered key ID.

公开(公告)号：US20180089465A1

公开(公告)日：2018-03-29

申请号：US15707847

申请日：2017-09-18

Applicant: Apple Inc.

Inventor： Lucas O. Winstrom ,  Eric D. Friedman ,  Ritwik K. Kumar ,  Jeremy M. Stober ,  Amol V. Pattekar ,  Benoit Chevallier-Mames ,  Julien Lerouge ,  Gianpaolo Fasoli ,  Augustin J. Farrugia ,  Mathieu Ciet

IPC: G06F21/64 ,  G06Q10/10 ,  H04L9/32 ,  H04L12/58 ,  H04L29/06

CPC classification number: G06F21/64 ,  G06F21/55 ,  G06Q10/107 ,  H04L9/3247 ,  H04L51/12 ,  H04L51/22 ,  H04L63/1441 ,  H04L2463/144

Abstract: Systems and methods are described for rate-limiting a message-sending client interacting with a message service based on dynamically calculated risk assessments of the probability that the client is, or is not, a sender of a spam messages. The message service sends a proof of work problem to a sending client device with a difficulty level that is related to a risk assessment that the client is a sender of spam messages. The message system limits the rate at which a known or suspected spammer can send messages by giving the known or suspected spammer client harder proof of work problems to solve, while minimizing the burden on normal users of the message system by given them easier proof of work problems to solve that can typically be solved by the client within the time that it takes to type a message.

公开(公告)号：US20180069871A1

公开(公告)日：2018-03-08

申请号：US15256959

申请日：2016-09-06

Applicant: Apple Inc.

Inventor： Gianpaolo Fasoli ,  Matthew C. Byington ,  Christopher Sharp ,  Anton K. Diederich ,  Nicholas J. Shearer ,  Roberto G. Yepez ,  Petr Kostka ,  Gianluca Barbieri ,  Abhinav Gupta

IPC: H04L29/06

CPC classification number: H04L63/123 ,  G06F21/74 ,  G06F21/84 ,  H04L63/166 ,  H04L67/10

Abstract: A content request communication, e.g., generated using a first processor of a device, can be transmitted to a web server. A response communication including content identifying a first value can be received from the web server. The first processor can facilitate presentation of the content on a first display of the device. A communication can be received at a second processor of the device from a remote server. The communication can include data representing a second value and can be generated at the remote server using information received from the web server. Further, the second processor can produce a secure verification output that can be presented on a separate, second display, representing at least the second value. The presentation on first display can at least partially overlap in time with the presentation on the second display.

公开(公告)号：US08645693B2

公开(公告)日：2014-02-04

申请号：US13802508

申请日：2013-03-13

Applicant: Apple Inc.

Inventor： Augustin J. Farrugia ,  Bertrand Mollinier Toublet ,  Gianpaolo Fasoli ,  Mathieu Ciet ,  Jill Surdzial

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/321 ,  H04L9/3218 ,  H04L9/3242 ,  H04L2209/603 ,  H04L2209/80

Abstract: In the fields of data security and system reliability and qualification, this disclosure is of a method, system and apparatus for verifying or authenticating a device to a host using a zero-knowledge based authentication technique which includes a keyed message authentication code such as an HMAC or keyed cipher function and which operates on secret information shared between the host and the device. This is useful both for security purposes and also to make sure that a device such as a computer peripheral or accessory or component is qualified to be interoperable with the host.

Abstract translation: 在数据安全性和系统可靠性和资格认证领域中，本公开是一种用于使用基于零知识的认证技术来验证或认证到主机的设备的方法，系统和装置，其包括诸如HMAC之类的密钥化消息认证码 或密钥密码函数，并且操作在主机和设备之间共享的秘密信息。 这对于安全目的也是有用的，并且还确保诸如计算机外围设备或附件或组件的设备有资格与主机互操作。