Invention Application
US20150347746A1 METHODS FOR RESTRICTING RESOURCES USED BY AN APPLICATION BASED ON A BASE PROFILE AND AN APPLICATION SPECIFIC PROFILE
有权
基于基本配置文件和应用程序特定配置文件的应用程序限制资源的方法
- Patent Title: METHODS FOR RESTRICTING RESOURCES USED BY AN APPLICATION BASED ON A BASE PROFILE AND AN APPLICATION SPECIFIC PROFILE
- Patent Title (中): 基于基本配置文件和应用程序特定配置文件的应用程序限制资源的方法
-
Application No.: US14292712Application Date: 2014-05-30
-
Publication No.: US20150347746A1Publication Date: 2015-12-03
- Inventor: Pierre-Olivier J. Martel , Kelly B. Yancey , Richard L. Hagy
- Applicant: Apple Inc.
- Applicant Address: US CA Cupertino
- Assignee: Apple Inc.
- Current Assignee: Apple Inc.
- Current Assignee Address: US CA Cupertino
- Main IPC: G06F21/53
- IPC: G06F21/53
Abstract:
In response to a request for launching an application within an operating system of a data processing system, one or more extended entitlements are extracted from the application, where the one or more extended entitlements specify one or more resources the application is entitled to access. One or more security profile extensions corresponding to the one or more extended entitlements are dynamically generated. A security profile specifically for the application is created based on the one or more security profile extensions and a base security profile that has been previously compiled, where the base security profile specifies a list of a plurality of base resources. The application is then launched in a sandboxed operating environment that is configured based on the security profile specifically generated for the application.
Public/Granted literature
Information query
