公开(公告)号：US11176021B2

公开(公告)日：2021-11-16

申请号：US16425642

申请日：2019-05-29

Applicant: Apple Inc.

Inventor： Eugene Bistolas ,  Ryan Nielsen ,  Pierre J. De Filippis ,  David P. Remahl ,  Cristina Formaini ,  Pierre-Olivier J. Martel ,  Lilynaz Hashemi ,  Stephen Lottermoser

IPC: G06F9/44 ,  G06F11/36 ,  G06F9/48 ,  H04L12/58

Abstract: Improved messaging applications are described that use a first set of software to test rendering of a message, and if the test is successful the message is allowed to be presented. In one embodiment, a first set of software can attempt to test the renderability of a message and if the test is successful, the message can be stored in a message database. In one embodiment, the first set of software operates in a separate sandbox from a sandbox for a messaging application which displays the message. The first set of software can operate in a first process which is different than a process in which the messaging application runs.

公开(公告)号：US11671250B2

公开(公告)日：2023-06-06

申请号：US15965544

申请日：2018-04-27

Applicant: Apple Inc.

Inventor： David C. Donley ,  Per Love Hornquist Astrand ,  Chen Ganir ,  Craig P. Dooley ,  James C. Grandy ,  Julien A. Poumailloux ,  Tyler D. Hawkins ,  David S. Wilser ,  David P. Remahl

IPC: G06F21/00 ,  H04L9/08 ,  H04L9/40 ,  H04L9/14 ,  H04W4/80 ,  H04W12/30 ,  H04W12/041 ,  H04W12/062 ,  H04W12/0471 ,  H04W12/50 ,  H04L9/00

CPC classification number: H04L9/0872 ,  H04L9/0869 ,  H04L9/0891 ,  H04L9/14 ,  H04L63/0428 ,  H04W4/80 ,  H04W12/041 ,  H04W12/0471 ,  H04W12/062 ,  H04W12/35 ,  H04L9/50 ,  H04L2209/80 ,  H04W12/50

Abstract: Migration of a pairing of wearable device to a new companion electronic device is disclosed. In one embodiment, pairing migration is performed by syncing and verifying a migration key in the wearable and new companion device. Pairing migration includes moving settings and pairing data of the wearable to the new companion device in response to detecting the wearable is associated with the migration key, wherein the migration key establishes a validation of trust of the wearable relative to the companion device. The settings and pairing data can include configuration and protected data and one or more keys to establish a trust relationship between the wearable and new companion device. The settings and pairing data can also include device data such that the wearable can be discoverable by the new companion device.

公开(公告)号：US11017109B1

公开(公告)日：2021-05-25

申请号：US16404538

申请日：2019-05-06

Applicant: Apple Inc.

Inventor： Kelly B. Yancey ,  Richard J. Cooper ,  Richard L. Hagy ,  Pierre-Olivier Martel ,  David P. Remahl ,  Jonathan A. Zdziarski

IPC: G06F21/62 ,  G06N20/00 ,  G06F16/16

Abstract: Embodiments described herein provide techniques to limit programmatic access to privacy related user data and system resources for applications that execute outside of a sandbox or other restricted operating environment while enabling a user to grant additional access to those applications via prompts presented to the user via a graphical interface. In a further embodiment, techniques are applied to limit the frequency in which a user is prompted by learning the types of files or resources to which a user is likely to permit or deny access.

公开(公告)号：US12074865B1

公开(公告)日：2024-08-27

申请号：US16252515

申请日：2019-01-18

Applicant: Apple Inc.

Inventor： Max M. Gunther ,  Onar Vikingstad ,  Ramiro Calvo ,  Isabella M. Funke ,  Eric D. Friedman ,  Hervé Sibert ,  David P. Remahl ,  Yannick L. Sierra ,  Frank B. Dancs ,  Sudhakar N. Mambakkam

IPC: H04L29/06 ,  G06F21/71 ,  G06K7/14 ,  G06K19/06 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40 ,  H04L65/1069

CPC classification number: H04L63/0838 ,  G06F21/71 ,  G06K7/1417 ,  G06K19/06037 ,  H04L9/0869 ,  H04L9/3213 ,  H04L9/3228 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/0853 ,  H04L63/0861 ,  H04L63/102 ,  H04L63/108 ,  H04L63/18 ,  H04L65/1069

Abstract: This application relates to establishing a communication session between a host device and a trusted client device. A host device generates a one-time secret (OTS) and transmits the OTS to a trusted client device via an out-of-band communication channel. The trusted client device verifies an identity of a user of the trusted client device utilizing one or more sensors of the trusted client device. Responsive to verifying the identity of the user, the trusted client device negotiates an encryption key with the host device based on the OTS. The trusted client device then establishes a communication session with the host device utilizing the encryption key. The communication session can be utilized to pass credentials in a protected manner from the trusted client device to the host device that enable the host device to access a user account associated with a service.

公开(公告)号：US11861350B2

公开(公告)日：2024-01-02

申请号：US17495699

申请日：2021-10-06

Applicant: Apple Inc.

Inventor： Dallas B. De Atley ,  Bailey E. Basile ,  Venkat V. Memula ,  Thomas P. Mensch ,  Robert M. Marini ,  David P. Remahl ,  Kelsey J. Skillman ,  Edward E. Thomas

IPC: G06F8/65 ,  H04L9/40 ,  G06F21/60

CPC classification number: G06F8/65 ,  G06F21/602 ,  H04L63/08

Abstract: Embodiments described herein provide a system and method for secure delivery of assets to a trusted device. Multiple levels of verification are implemented to enable components of a software update and asset delivery system to verify other components within the system. Furthermore, updates are provided only to client devices that are authorized to receive such updates. In one embodiment, the specific assets provided to a client device during a software update can be tailored to the client device, such that individual client devices can receive updated versions of software asset at a faster or slower rate than mass market devices. For example, developer or beta tester devices can receive pre-release assets, while enterprise devices can receive updates at a slower rate relative to mass market devices.

公开(公告)号：US20240103840A1

公开(公告)日：2024-03-28

申请号：US18515689

申请日：2023-11-21

Applicant: Apple Inc.

Inventor： Dallas B. De Atley ,  Bailey E. Basile ,  Venkat V. Memula ,  Thomas P. Mensch ,  Robert M. Marini ,  David P. Remahl ,  Kelsey J. Skillman ,  Edward E. Thomas

IPC: G06F8/65 ,  G06F21/60 ,  H04L9/40

CPC classification number: G06F8/65 ,  G06F21/602 ,  H04L63/08

Abstract: Embodiments described herein provide a system and method for secure delivery of assets to a trusted device. Multiple levels of verification are implemented to enable components of a software update and asset delivery system to verify other components within the system. Furthermore, updates are provided only to client devices that are authorized to receive such updates. In one embodiment, the specific assets provided to a client device during a software update can be tailored to the client device, such that individual client devices can receive updated versions of software asset at a faster or slower rate than mass market devices. For example, developer or beta tester devices can receive pre-release assets, while enterprise devices can receive updates at a slower rate relative to mass market devices.

公开(公告)号：US20230393888A1

公开(公告)日：2023-12-07

申请号：US18327553

申请日：2023-06-01

Applicant: Apple Inc.

Inventor： David P. Remahl ,  Kyle C. Brogle ,  Robert J. Kendall-Kuppe ,  Pavlo Malynin ,  Geoffrey McCormack

IPC: G06F9/48 ,  G06F12/14

CPC classification number: G06F9/485 ,  G06F12/14

Abstract: A kernel of an operating system receives a request from a parent process (e.g., an exec or spawn system call) to launch a child process that executes a binary. The kernel identifies a process-specific launch constraint, which is a precondition for launching the child process. The kernel evaluates the constraint, which can match against any type of system state or variable, including the process's location on disk, protection on disk, and how the process is to be launched. The kernel can then determine whether to launch the child process, thus permitting the child process to be scheduled for execution by the operating system. Launch constraints can be used both for a child process to impose preconditions on the parent process, and vice versa. Launch constraints can be included in the launch request, embedded in the binary, or located elsewhere, such as in a trust cache in kernel memory.

公开(公告)号：US20190227784A1

公开(公告)日：2019-07-25

申请号：US16147295

申请日：2018-09-28

Applicant: Apple Inc.

Inventor： Dallas B. De Atley ,  Bailey E. Basile ,  Venkat V. Memula ,  Thomas P. Mensch ,  Robert M. Marini ,  David P. Remahl ,  Kelsey J. Skillman ,  Edward E. Thomas

IPC: G06F8/65 ,  G06F21/60 ,  H04L29/06

Abstract: Embodiments described herein provide a system and method for secure delivery of assets to a trusted device. Multiple levels of verification are implemented to enable components of a software update and asset delivery system to verify other components within the system. Furthermore, updates are provided only to client devices that are authorized to receive such updates. In one embodiment, the specific assets provided to a client device during a software update can be tailored to the client device, such that individual client devices can receive updated versions of software asset at a faster or slower rate than mass market devices. For example, developer or beta tester devices can receive pre-release assets, while enterprise devices can receive updates at a slower rate relative to mass market devices.

公开(公告)号：US11144297B2

公开(公告)日：2021-10-12

申请号：US16147295

申请日：2018-09-28

Applicant: Apple Inc.

Inventor： Dallas B. De Atley ,  Bailey E. Basile ,  Venkat V. Memula ,  Thomas P. Mensch ,  Robert M. Marini ,  David P. Remahl ,  Kelsey J. Skillman ,  Edward E. Thomas

IPC: G06F8/65 ,  H04L29/06 ,  G06F21/60

Abstract: Embodiments described herein provide a system and method for secure delivery of assets to a trusted device. Multiple levels of verification are implemented to enable components of a software update and asset delivery system to verify other components within the system. Furthermore, updates are provided only to client devices that are authorized to receive such updates. In one embodiment, the specific assets provided to a client device during a software update can be tailored to the client device, such that individual client devices can receive updated versions of software asset at a faster or slower rate than mass market devices. For example, developer or beta tester devices can receive pre-release assets, while enterprise devices can receive updates at a slower rate relative to mass market devices.

公开(公告)号：US20180352435A1

公开(公告)日：2018-12-06

申请号：US15965544

申请日：2018-04-27

Applicant: Apple Inc.

Inventor： David C. Donley ,  Per Love Hornquist Astrand ,  Chen Ganir ,  Craig P. Dooley ,  James C. Grandy ,  Julien A. Poumailloux ,  Tyler D. Hawkins ,  David S. Wilser ,  David P. Remahl

IPC: H04W12/06 ,  H04W12/04 ,  H04L9/08 ,  H04L29/06

Abstract: Migration of a pairing of wearable device to a new companion electronic device is disclosed. In one embodiment, pairing migration is performed by syncing and verifying a migration key in the wearable and new companion device. Pairing migration includes moving settings and pairing data of the wearable to the new companion device in response to detecting the wearable is associated with the migration key, wherein the migration key establishes a validation of trust of the wearable relative to the companion device. The settings and pairing data can include configuration and protected data and one or more keys to establish a trust relationship between the wearable and new companion device. The settings and pairing data can also include device data such that the wearable can be discoverable by the new companion device.