-
公开(公告)号:US09069656B2
公开(公告)日:2015-06-30
申请号:US13631851
申请日:2012-09-28
Applicant: Apple Inc.
Inventor: Jonathan G. McLachlan , Julien Lerouge , Nicholas T. Sullivan
CPC classification number: G06F12/023 , G06F8/41 , G06F21/14 , G06F21/54 , G06F21/79 , G06F2212/1052 , G06F2221/2107
Abstract: In one embodiment, a system wide static global stack pool in a contiguous range of random access memory is generated, a block of memory in the system global pool is assigned to a thread of a running process, and the thread stores local variable information in static global stack pool, such that the local variable is hidden from a stack frame back-trace. In one embodiment, a dynamically allocated data structure in system heap memory is generated, the data structure is locked to ensure atomic access, a block of memory in the data structure is assigned to a thread of a process, the data structure is unlocked, and the thread stores local variable information in static global stack pool, such that the local variable is hidden from a stack frame back-trace.
Abstract translation: 在一个实施例中,生成在随机访问存储器的连续范围内的系统范围的静态全局堆栈池,系统全局池中的存储器块被分配给运行进程的线程,并且线程将局部变量信息存储在静态 全局堆栈池,使局部变量从堆栈框架的后跟踪中隐藏。 在一个实施例中,生成系统堆存储器中的动态分配的数据结构,数据结构被锁定以确保原子访问,数据结构中的存储器块被分配给进程的线程,数据结构被解锁,以及 该线程将局部变量信息存储在静态全局堆栈池中,从而使局部变量从堆栈帧后跟中隐藏起来。
-
公开(公告)号:US09268677B2
公开(公告)日:2016-02-23
申请号:US13659878
申请日:2012-10-24
Applicant: Apple Inc.
Inventor: Jonathan G. McLachlan , Julien Lerouge , Daniel F. Reynaud
CPC classification number: G06F12/02 , G06F9/50 , G06F9/5016 , G06F21/14 , G06F2221/2125
Abstract: Techniques, methods, systems, and computer-readable media for allocating and managing dynamically obfuscated heap memory allocations are described. In one embodiment a memory manager in a data processing system contains an addressor, to determine a first address of a program object in a first memory address space, and one or more encoders, to abstract memory access to the program object using the first address such that layout of the object data in the first address space differs from the layout of the object in a second address space. In one embodiment, a runtime system modifies object code of an executable file to include encoder routines to abstract memory accesses to data in an obfuscated heap. In one embodiment, a compiler system using an intermediate representation of a high level program generates an intermediate representation of a high level program capable of performing memory writes and memory reads using obfuscation encoder routines.
Abstract translation: 描述了用于分配和管理动态混淆堆存储器分配的技术,方法,系统和计算机可读介质。 在一个实施例中,数据处理系统中的存储器管理器包含寻址器,用于确定第一存储器地址空间中的程序对象的第一地址和一个或多个编码器,以使用第一地址抽象存储器访问程序对象 第一地址空间中的对象数据的布局与第二地址空间中对象的布局不同。 在一个实施例中,运行时系统修改可执行文件的目标代码以包括编码器例程以抽象对混淆堆中的数据的存储器访问。 在一个实施例中,使用高级程序的中间表示的编译器系统生成能够使用模糊编码器例程执行存储器写入和存储器读取的高级程序的中间表示。
-
公开(公告)号:US09043887B2
公开(公告)日:2015-05-26
申请号:US13731935
申请日:2012-12-31
Applicant: Apple Inc.
Inventor: Jonathan G. McLachlan , Augustin J. Farrugia , Nicholas T. Sullivan
CPC classification number: G06Q20/4014 , G06F21/31 , G06F2221/2101 , G06F2221/2103 , H04L63/08
Abstract: An authentication challenge system for performing secondary authentication for an account associated with an online store is described. In one embodiment, the authentication challenge system includes a question generation engine, which can derive a series of questions based upon activity associated with a user account of an online store; a network interface, which can transport the series of one or more questions derived by the question generation engine to authenticate the user to the online store; a confidence engine, which can determine a required confidence level for a successful authentication, and can compute a confidence score of the user identity; and a quality engine, which can adjust the question generation engine and the confidence engine based upon an analysis of question and answer metrics across multiple accounts of the online store. The online store can include digital media, such as music, movies, books or applications for electronic computing devices.
Abstract translation: 描述用于对与在线商店相关联的帐户执行辅助认证的认证挑战系统。 在一个实施例中,认证挑战系统包括问题生成引擎,其可以基于与在线商店的用户帐户相关联的活动而导出一系列问题; 网络接口,其可以传送由问题生成引擎导出的一系列一个或多个问题以将用户认证到在线商店; 置信引擎,其可以确定成功验证所需的置信水平,并且可以计算用户身份的置信度得分; 以及质量引擎,其可以基于对在线商店的多个帐户的问答指标的分析来调整问题生成引擎和置信引擎。 在线商店可以包括诸如音乐,电影,书籍或电子计算设备的应用的数字媒体。
-
公开(公告)号:US20140165208A1
公开(公告)日:2014-06-12
申请号:US13707444
申请日:2012-12-06
Applicant: APPLE INC.
Inventor: Benoit Chevallier-Mames , Daniel F. Reynaud , Jonathan G. McLachlan , Julien Lerouge , Mathieu Ciet , Thomas Icart
IPC: G06F21/60
Abstract: A method and an apparatus that provide rewriting code to dynamically mask program data statically embedded in a first code are described. The program data can be used in multiple instructions in the first code. A code location (e.g. an optimal code location) in the first code can be determined for injecting the rewriting code. The code location may be included in two or more execution paths of first code. Each execution path can have at least one of the instructions using the program data. A second code may be generated based on the first code inserted with the rewriting code at the optimal code location. The second code can include instructions using the program data dynamically masked by the rewriting code. When executed by a processor, the first code and the second code can generate identical results.
Abstract translation: 描述提供重写代码来动态地屏蔽静态嵌入在第一代码中的程序数据的方法和装置。 程序数据可以在第一个代码中的多个指令中使用。 可以确定第一代码中的代码位置(例如,最佳代码位置)用于注入重写代码。 代码位置可以被包括在第一代码的两个或多个执行路径中。 每个执行路径可以具有使用程序数据的指令中的至少一个。 可以基于在最佳代码位置插入重写代码的第一代码来生成第二代码。 第二代码可以包括使用由重写代码动态屏蔽的程序数据的指令。 当由处理器执行时,第一代码和第二代码可以产生相同的结果。
-
Patent Agency Ranking
公开(公告)号:US09530133B2
公开(公告)日:2016-12-27
申请号:US14685429
申请日:2015-04-13
Applicant: Apple Inc.
Inventor: Jonathan G. McLachlan , Augustin J. Farrugia , Nicholas T. Sullivan
CPC classification number: G06Q20/4014 , G06F21/31 , G06F2221/2101 , G06F2221/2103 , H04L63/08
Abstract: An authentication challenge system for performing secondary authentication for an account associated with an online store is described. In one embodiment, the authentication challenge system includes a question generation engine, which can derive a series of questions based upon activity associated with a user account of an online store; a network interface, which can transport the series of one or more questions derived by the question generation engine to authenticate the user to the online store; a confidence engine, which can determine a required confidence level for a successful authentication, and can compute a confidence score of the user identity; and a quality engine, which can adjust the question generation engine and the confidence engine based upon an analysis of question and answer metrics across multiple accounts of the online store. The online store can include digital media, such as music, movies, books or applications for electronic computing devices.
-
公开(公告)号:US09336370B2
公开(公告)日:2016-05-10
申请号:US13707444
申请日:2012-12-06
Applicant: Apple Inc.
Inventor: Benoit Chevallier-Mames , Daniel F. Reynaud , Jonathan G. McLachlan , Julien Lerouge , Mathieu Ciet , Thomas Icart
Abstract: A method and an apparatus that provide rewriting code to dynamically mask program data statically embedded in a first code are described. The program data can be used in multiple instructions in the first code. A code location (e.g. an optimal code location) in the first code can be determined for injecting the rewriting code. The code location may be included in two or more execution paths of first code. Each execution path can have at least one of the instructions using the program data. A second code may be generated based on the first code inserted with the rewriting code at the optimal code location. The second code can include instructions using the program data dynamically masked by the rewriting code. When executed by a processor, the first code and the second code can generate identical results.
Abstract translation: 描述提供重写代码来动态地屏蔽静态嵌入在第一代码中的程序数据的方法和装置。 程序数据可以在第一个代码中的多个指令中使用。 可以确定第一代码中的代码位置(例如,最佳代码位置)用于注入重写代码。 代码位置可以被包括在第一代码的两个或多个执行路径中。 每个执行路径可以具有使用程序数据的指令中的至少一个。 可以基于在最佳代码位置插入重写代码的第一代码来生成第二代码。 第二代码可以包括使用由重写代码动态屏蔽的程序数据的指令。 当由处理器执行时,第一代码和第二代码可以产生相同的结果。
-
公开(公告)号:US20150220926A1
公开(公告)日:2015-08-06
申请号:US14685429
申请日:2015-04-13
Applicant: Apple Inc.
Inventor: Jonathan G. McLachlan , Augustin J. Farrugia , Nicholas T. Sullivan
IPC: G06Q20/40
CPC classification number: G06Q20/4014 , G06F21/31 , G06F2221/2101 , G06F2221/2103 , H04L63/08
Abstract: An authentication challenge system for performing secondary authentication for an account associated with an online store is described. In one embodiment, the authentication challenge system includes a question generation engine, which can derive a series of questions based upon activity associated with a user account of an online store; a network interface, which can transport the series of one or more questions derived by the question generation engine to authenticate the user to the online store; a confidence engine, which can determine a required confidence level for a successful authentication, and can compute a confidence score of the user identity; and a quality engine, which can adjust the question generation engine and the confidence engine based upon an analysis of question and answer metrics across multiple accounts of the online store. The online store can include digital media, such as music, movies, books or applications for electronic computing devices.
Abstract translation: 描述用于对与在线商店相关联的帐户执行辅助认证的认证挑战系统。 在一个实施例中,认证挑战系统包括问题生成引擎,其可以基于与在线商店的用户帐户相关联的活动而导出一系列问题; 网络接口,其可以传送由问题生成引擎导出的一系列一个或多个问题以将用户认证到在线商店; 置信引擎,其可以确定成功验证所需的置信水平,并且可以计算用户身份的置信度得分; 以及质量引擎,其可以基于对在线商店的多个帐户的问答指标的分析来调整问题生成引擎和置信引擎。 在线商店可以包括诸如音乐,电影,书籍或电子计算设备的应用的数字媒体。
-
公开(公告)号:US20140189829A1
公开(公告)日:2014-07-03
申请号:US13731935
申请日:2012-12-31
Applicant: APPLE INC.
Inventor: Jonathan G. McLachlan , Augustin J. Farrugia , Nicholas T. Sullivan
IPC: H04L29/06
CPC classification number: G06Q20/4014 , G06F21/31 , G06F2221/2101 , G06F2221/2103 , H04L63/08
Abstract: An authentication challenge system for performing secondary authentication for an account associated with an online store is described. In one embodiment, the authentication challenge system includes a question generation engine, which can derive a series of questions based upon activity associated with a user account of an online store; a network interface, which can transport the series of one or more questions derived by the question generation engine to authenticate the user to the online store; a confidence engine, which can determine a required confidence level for a successful authentication, and can compute a confidence score of the user identity; and a quality engine, which can adjust the question generation engine and the confidence engine based upon an analysis of question and answer metrics across multiple accounts of the online store. The online store can include digital media, such as music, movies, books or applications for electronic computing devices.
Abstract translation: 描述用于对与在线商店相关联的帐户执行辅助认证的认证挑战系统。 在一个实施例中,认证挑战系统包括问题生成引擎,其可以基于与在线商店的用户帐户相关联的活动而导出一系列问题; 网络接口,其可以传送由问题生成引擎导出的一系列一个或多个问题以将用户认证到在线商店; 置信引擎,其可以确定成功验证所需的置信水平,并且可以计算用户身份的置信度得分; 以及质量引擎,其可以基于对在线商店的多个帐户的问答指标的分析来调整问题生成引擎和置信引擎。 在线商店可以包括诸如音乐,电影,书籍或电子计算设备的应用的数字媒体。
-
公开(公告)号:US08756435B2
公开(公告)日:2014-06-17
申请号:US13656379
申请日:2012-10-19
Applicant: Apple Inc
Inventor: Julien Lerouge , Jonathan G. McLachlan , Daniel F. Reynaud
Abstract: Methods, media and systems that obfuscate control flow in software programs. The obfuscation can impede or prevent static flow analysis of a software program's control flow. In one embodiment, a method, performed by a data processing system, identifies each branch point in a set of branch points in a first version of software and replaces, in each branch point in the set, a representation of a target of the branch point with a computed value that depends upon at least one prior computed value in a stream of instructions in the first version of software. Other embodiments are also described.
Abstract translation: 在软件程序中混淆控制流的方法,媒体和系统。 混淆可能阻碍或防止软件程序控制流的静态流分析。 在一个实施例中,由数据处理系统执行的方法识别软件的第一版本中的一组分支点中的每个分支点,并在组中的每个分支点中替换分支点的目标的表示 具有取决于软件的第一版本中的指令流中的至少一个先前计算值的计算值。 还描述了其它实施例。
-
-
-
-
-
-
-
-
Search Results
9
records
(took 0.016 seconds)
