公开(公告)号：US09342689B2

公开(公告)日：2016-05-17

申请号：US14605085

申请日：2015-01-26

Applicant: Apple Inc.

Inventor： Ivan Krstić ,  Love Hörnquist Åstrand

IPC: G06F11/30 ,  G06F12/14 ,  G06F17/30 ,  G06F21/53 ,  H04L29/06

CPC classification number: G06F21/53 ,  G06F17/30082 ,  G06F17/30887 ,  G06F2221/034 ,  H04L63/08 ,  H04L63/10

Abstract: Methods, systems, and machine-readable storage medium are described wherein identifiers are used to allow access to files or folders in a restricted operating environment. One embodiment provides a process comprising receiving a selection of a resource managed by a restricted operating environment; requesting from a resource manager of the restricted operating environment, in response to the selection, a location identifier associated with the resource; receiving, in response to the request, a bookmark and a digest, wherein the digest is a cryptographically derived version of the bookmark and the bookmark is to enable retrieval of the resource on a storage device; and storing the bookmark and the digest in the restricted operating environment to indicate trust of the resource.

Abstract translation: 描述了方法，系统和机器可读存储介质，其中使用标识符来允许在受限制的操作环境中访问文件或文件夹。 一个实施例提供了一种过程，包括接收由受限操作环境管理的资源的选择; 响应于所述选择，从资源管理器向所述受限操作环境请求与所述资源相关联的位置标识符; 响应于所述请求接收书签和摘要，其中所述摘要是所述书签的加密派生版本，并且所述书签是为了能够在存储设备上检索所述资源; 并将书签和摘要存储在受限操作环境中以指示资源的信任。

公开(公告)号：US11709675B2

公开(公告)日：2023-07-25

申请号：US17348576

申请日：2021-06-15

Applicant: Apple Inc.

Inventor： Filip J. Pizlo ,  Michael L. Saboff ,  Bernard J. Semeria ,  Jacques Fortier ,  Ivan Krstić ,  Yusuke Suzuki ,  Saam J. Barati ,  Yin Zin Mark Lam

IPC: G06F21/00 ,  G06F9/30 ,  G06F9/455 ,  H04L9/08 ,  G06F21/53

CPC classification number: G06F9/30054 ,  G06F9/45516 ,  G06F21/53 ,  H04L9/0894 ,  G06F2221/033

Abstract: In an embodiment, dynamically-generated code may be supported in the system by ensuring that the code either remains executing within a predefined region of memory or exits to one of a set of valid exit addresses. Software embodiments are described in which the dynamically-generated code is scanned prior to permitting execution of the dynamically-generated code to ensure that various criteria are met including exclusion of certain disallowed instructions and control of branch target addresses. Hardware embodiments are described in which the dynamically-generated code is permitted to executed but is monitored to ensure that the execution criteria are met.

公开(公告)号：US08943550B2

公开(公告)日：2015-01-27

申请号：US13631715

申请日：2012-09-28

Applicant: Apple Inc.

Inventor： Ivan Krstić ,  Love Hörnquist Astrand

IPC: G06F17/30 ,  G06F7/04 ,  G06F11/30

CPC classification number: G06F21/53 ,  G06F17/30082 ,  G06F17/30887 ,  G06F2221/034 ,  H04L63/08 ,  H04L63/10

Abstract: Methods, systems, and machine-readable storage medium are described wherein, in one embodiment, identifiers, such as bookmarks, are used to allow access to files or folders in a sandboxed environment. One or more applications are restricted by an access control system, which can be, for example, a trusted software component of an operating system. In one embodiment, the bookmarks or other identifiers allow an application to have access to a file even if the file is renamed or moved by a user while the application has been terminated. In one embodiment, a resource manager, or other trusted access control system, can interact with an application to allow for the use of bookmarks in an environment in which a sandbox application controls access to the files such that each application must make a request to the sandbox application in order to obtain access to a particular file or folder.

Abstract translation: 描述了方法，系统和机器可读存储介质，其中在一个实施例中，诸如书签的标识符被用于允许访问沙盒环境中的文件或文件夹。 访问控制系统限制一个或多个应用程序，访问控制系统可以是例如操作系统的可信软件组件。 在一个实施例中，书签或其他标识符允许应用程序访问文件，即使在应用程序已被终止时，用户重命名或移动该文件。 在一个实施例中，资源管理器或其他受信任的访问控制系统可以与应用程序交互以允许在沙盒应用程序控制对文件的访问的环境中使用书签，使得每个应用程序必须向 沙箱应用程序，以获取访问特定的文件或文件夹。

公开(公告)号：US09280644B2

公开(公告)日：2016-03-08

申请号：US13922188

申请日：2013-06-19

Applicant: Apple Inc.

Inventor： Ivan Krstić ,  Austin G. Jennings ,  Richard L. Hagy

IPC: G06F9/46 ,  G06F9/455 ,  G06F21/10 ,  G06F21/51 ,  G06F21/53 ,  G06F21/62

CPC classification number: G06F21/6281 ,  G06F21/10 ,  G06F21/51 ,  G06F21/53 ,  G06F21/629 ,  G06F2221/033 ,  G06F2221/0735

Abstract: In response to a request for launching a program, a list of one or more application frameworks to be accessed by the program during execution of the program is determined. Zero or more entitlements representing one or more resources entitled by the program during the execution are determined. A set of one or more rules based on the entitlements of the program is obtained from at least one of the application frameworks. The set of one or more rules specifies one or more constraints of resources associated with the at least one application framework. A security profile is dynamically compiled for the program based on the set of one or more rules associated with the at least one application framework. The compiled security profile is used to restrict the program from accessing at least one resource of the at least one application frameworks during the execution of the program.

Abstract translation: 响应于启动程序的请求，确定在程序执行期间由程序访问的一个或多个应用程序框架的列表。 确定在执行期间表示由程序授权的一个或多个资源的零个或多个授权。 从应用程序框架中的至少一个获得基于程序的权利的一组或多个规则。 所述一个或多个规则的集合指定与所述至少一个应用框架相关联的资源的一个或多个约束。 基于与所述至少一个应用框架相关联的一个或多个规则的集合，为所述程序动态地编译安全简档。 编译的安全简档用于在程序执行期间限制程序访问至少一个应用程序框架的至少一个资源。