公开(公告)号：US11017109B1

公开(公告)日：2021-05-25

申请号：US16404538

申请日：2019-05-06

Applicant: Apple Inc.

Inventor： Kelly B. Yancey ,  Richard J. Cooper ,  Richard L. Hagy ,  Pierre-Olivier Martel ,  David P. Remahl ,  Jonathan A. Zdziarski

IPC: G06F21/62 ,  G06N20/00 ,  G06F16/16

Abstract: Embodiments described herein provide techniques to limit programmatic access to privacy related user data and system resources for applications that execute outside of a sandbox or other restricted operating environment while enabling a user to grant additional access to those applications via prompts presented to the user via a graphical interface. In a further embodiment, techniques are applied to limit the frequency in which a user is prompted by learning the types of files or resources to which a user is likely to permit or deny access.

公开(公告)号：US10410003B2

公开(公告)日：2019-09-10

申请号：US13913059

申请日：2013-06-07

Applicant: Apple Inc.

Inventor： Kelly B. Yancey ,  Jacques Anthony Vidrine ,  Eric Olaf Carlson ,  Paul William Chinn ,  Simon P. Cooper

IPC: G06F21/53 ,  G06F21/62

Abstract: The disclosed technology addresses the need in the art for assigning multiple containers to a single application. A container can be a specified area of a file system that an assigned application can access to store data, while other applications are restricted access to the container. In some instances, it may be beneficial for multiple applications to share some data, while still maintaining other data in a secure location, thus an application can be assigned to multiple containers, a personal container that can only be accessed by the application, and a shared container that can be accessed by multiple applications. Further, an application can be assigned an alternate container, in addition to the personal container. The alternate container can be used when an alternate user is using the client device, thus restricting the alternate user from accessing any sensitive data stored in the personal container.

公开(公告)号：US20190354705A1

公开(公告)日：2019-11-21

申请号：US16526253

申请日：2019-07-30

Applicant: Apple Inc.

Inventor： Kelly B. Yancey ,  Jacques Anthony Vidrine ,  Eric Olaf Carlson ,  Paul William Chinn ,  Simon P. Cooper

IPC: G06F21/62 ,  G06F21/53

Abstract: The disclosed technology addresses the need in the art for assigning multiple containers to a single application. A container can be a specified area of a file system that an assigned application can access to store data, while other applications are restricted access to the container. In some instances, it may be beneficial for multiple applications to share some data, while still maintaining other data in a secure location, thus an application can be assigned to multiple containers, a personal container that can only be accessed by the applications, and a shared container that can be accessed by multiple applications. Further, an application can be assigned an alternate container, in addition to the personal container. The alternate container can be used when an alternate user is using the client device, thus restricting the alternate user from accessing any sensitive data stored in the personal container.

公开(公告)号：US10430577B2

公开(公告)日：2019-10-01

申请号：US14576692

申请日：2014-12-19

Applicant: Apple Inc.

Inventor： James Michael Magee ,  Russell A. Blaine ,  Vishal Patel ,  Daniel Andreas Steffen ,  Kevin James Van Vechten ,  Jacques Anthony Vidrine ,  Kelly B. Yancey ,  Jainam A. Shah

IPC: G06F21/44 ,  G06F9/50 ,  G06F21/62

Abstract: A method and an apparatus to dynamically distribute privileges among a plurality of processes are described. Each process may have attributes including a privilege to control access to processing resources. A first process may be running with a first privilege prohibited from access to a processing resource. A second process may be running with a second privilege allowed to access the processing resource. The first process may receive a request from the second process to perform a data processing task for the second process. In response, the second privilege may be dynamically transferred to the first process to allow the first process to access the processing resource. The first process may perform operations for the data processing task with the second privilege transferred from the second process.

公开(公告)号：US10592679B2

公开(公告)日：2020-03-17

申请号：US15274724

申请日：2016-09-23

Applicant: Apple Inc.

Inventor： Eric B. Tamura ,  Kelly B. Yancey

IPC: G06F21/62 ,  H04L9/08

Abstract: Representative embodiments set forth herein disclose techniques for modifying encryption classes of files. According to some embodiments, a technique can include receiving a request to update an encryption configuration of a file from a current encryption class to an updated encryption class. In response, the technique involves obtaining (i) a first class key associated with the current encryption class, and (ii) a second class key associated with the updated encryption class. Next, the technique involves identifying file extents of the file, where each file extent is encrypted by a respective extent key that is encrypted by the first class key. Finally, the technique involves, for each file extent of the file: (i) decrypting the respective extent key using the first class key to produce a decrypted respective extent key, and (ii) encrypting the decrypted respective extent key using the second class key to produce an updated respective extent key.

公开(公告)号：US10515209B2

公开(公告)日：2019-12-24

申请号：US15952026

申请日：2018-04-12

Applicant: Apple Inc.

Inventor： Kelly B. Yancey ,  Pierre-Olivier J. Martel

IPC: H04L29/06 ,  G06F21/00 ,  G06F21/53 ,  G06F21/62

Abstract: A method and apparatus of a device for security management by sandboxing third-party components is described. The device can determine whether a third-party component supports network access. If the third-party component supports network access, the device can request a user input regarding whether to restrict the network access of the component. The device can receive a user input to restrict network access of the third-party component. Upon receiving the user input to restrict network access, the device can construct a sandbox for the third-party component to restrict network access of the component and prevent the component from performing data exfiltration. Other embodiments are also described and claimed.

公开(公告)号：US20180012017A1

公开(公告)日：2018-01-11

申请号：US15663432

申请日：2017-07-28

Applicant: Apple Inc.

Inventor： Pierre-Olivier J. Martel ,  Kelly B. Yancey ,  Richard L. Hagy

IPC: G06F21/53 ,  G06F21/62

CPC classification number: G06F21/53 ,  G06F21/6218 ,  G06F2221/03 ,  G06F2221/034

Abstract: In response to a request for launching an application within an operating system of a data processing system, one or more extended entitlements are extracted from the application, where the one or more extended entitlements specify one or more resources the application is entitled to access. One or more security profile extensions corresponding to the one or more extended entitlements are dynamically generated. A security profile specifically for the application is created based on the one or more security profile extensions and a base security profile that has been previously compiled, where the base security profile specifies a list of a plurality of base resources. The application is then launched in a sandboxed operating environment that is configured based on the security profile specifically generated for the application.

公开(公告)号：US20150347747A1

公开(公告)日：2015-12-03

申请号：US14483543

申请日：2014-09-11

Applicant: Apple Inc.

Inventor： Kelly B. Yancey ,  Pierre-Olivier J. Martel

IPC: G06F21/53

CPC classification number: G06F21/53 ,  G06F21/62 ,  H04L63/145

Abstract: A method and apparatus of a device for security management by sandboxing third-party components is described. The device can determine whether a third-party component supports network access. If the third-party component supports network access, the device can request a user input regarding whether to restrict the network access of the component. The device can receive a user input to restrict network access of the third-party component. Upon receiving the user input to restrict network access, the device can construct a sandbox for the third-party component to restrict network access of the component and prevent the component from performing data exfiltration. Other embodiments are also described and claimed.

Abstract translation: 描述了通过沙箱化第三方组件进行安全管理的设备的方法和装置。 设备可以确定第三方组件是否支持网络访问。 如果第三方组件支持网络访问，则设备可以请求用户输入是否限制组件的网络访问。 设备可以接收用户输入以限制第三方组件的网络访问。 当接收到用户输入以限制网络访问时，设备可以构建用于第三方组件的沙盒，以限制组件的网络访问，并防止组件执行数据exfiltration。 还描述和要求保护其他实施例。

公开(公告)号：US20150347743A1

公开(公告)日：2015-12-03

申请号：US14576692

申请日：2014-12-19

Applicant: Apple Inc.

Inventor： James Michael Magee ,  Russell A. Blaine ,  Vishal Patel ,  Daniel Andreas Steffen ,  Kevin James Van Vechten ,  Jacques Anthony Vidrine ,  Kelly B. Yancey ,  Jainam A. Shah

IPC: G06F21/44 ,  G06F9/50

CPC classification number: G06F21/44 ,  G06F9/468 ,  G06F21/62

Abstract: A method and an apparatus to dynamically distribute privileges among a plurality of processes are described. Each process may have attributes including a privilege to control access to processing resources. A first process may be running with a first privilege prohibited from access to a processing resource. A second process may be running with a second privilege allowed to access the processing resource. The first process may receive a request from the second process to perform a data processing task for the second process. In response, the second privilege may be dynamically transferred to the first process to allow the first process to access the processing resource. The first process may perform operations for the data processing task with the second privilege transferred from the second process.

Abstract translation: 描述了在多个处理之间动态分配特权的方法和装置。 每个进程可以具有包括控制对处理资源的访问的特权的属性。 第一进程可以以禁止访问处理资源的第一权限运行。 第二个进程可能正在运行，允许访问处理资源的第二个权限。 第一进程可以从第二进程接收对第二进程执行数据处理任务的请求。 作为响应，第二权限可以被动态地转移到第一进程以允许第一进程访问处理资源。 第一进程可以执行具有从第二进程传送的第二特权的数据处理任务的操作。

公开(公告)号：US11514157B2

公开(公告)日：2022-11-29

申请号：US16853608

申请日：2020-04-20

Applicant: Apple Inc.

Inventor： Andrew S. Terry ,  Kelly B. Yancey ,  Pierre-Olivier J. Martel ,  Richard L. Hagy ,  Timothy P. Hannon ,  Alastair K. Fettes

IPC: G06F21/53 ,  G06F21/00 ,  G06F16/18 ,  G06F21/62

Abstract: Some embodiments provide a method for a device having multiple users. The method identifies a process installed on the device that requires an isolated storage in a file system of the device. For each of a set of the users of the electronic device, the method assigns at least one container for use by the process within a user-specific section of the file system. The containers assigned to the process in a section of the file system specific to a particular user are only accessible by the process when the particular user is logged into the device. The method assigns at least one container for use by the process within a non-user-specific section of the file system. The containers assigned to the process within the non-user-specific section of the file system are accessible by the process irrespective of which user is logged into the device.