Invention Grant
US09361454B2 Methods for restricting resources used by an application based on a base profile and an application specific profile
有权
基于基本配置文件和应用程序特定配置文件限制应用程序使用的资源的方法
- Patent Title: Methods for restricting resources used by an application based on a base profile and an application specific profile
- Patent Title (中): 基于基本配置文件和应用程序特定配置文件限制应用程序使用的资源的方法
-
Application No.: US14292712Application Date: 2014-05-30
-
Publication No.: US09361454B2Publication Date: 2016-06-07
- Inventor: Pierre-Olivier J. Martel , Kelly B. Yancey , Richard L. Hagy
- Applicant: Apple Inc.
- Applicant Address: US CA Cupertino
- Assignee: Apple Inc.
- Current Assignee: Apple Inc.
- Current Assignee Address: US CA Cupertino
- Agency: Blakely, Sokoloff, Taylor Zafman LLP
- Main IPC: G06F17/00
- IPC: G06F17/00 ; H04L29/06 ; G06F21/53
Abstract:
In response to a request for launching an application within an operating system of a data processing system, one or more extended entitlements are extracted from the application, where the one or more extended entitlements specify one or more resources the application is entitled to access. One or more security profile extensions corresponding to the one or more extended entitlements are dynamically generated. A security profile specifically for the application is created based on the one or more security profile extensions and a base security profile that has been previously compiled, where the base security profile specifies a list of a plurality of base resources. The application is then launched in a sandboxed operating environment that is configured based on the security profile specifically generated for the application.
Public/Granted literature
Information query
