公开(公告)号：US11615388B2

公开(公告)日：2023-03-28

申请号：US16698621

申请日：2019-11-27

Applicant: Apple Inc.

Inventor： Augustin J. Farrugia ,  Gianpaolo Fasoli

IPC: G06Q20/12 ,  G06F21/10

Abstract: Some embodiments provide a method for determining whether a subscription for using digital content on a user device has elapsed. The method compares a first collision free image of a first set of entities in the user device with a second collision free image for a second set of entities in the user device at a second instance in time. Based on the comparison, the method determines whether the subscription has elapsed.

公开(公告)号：US11588804B2

公开(公告)日：2023-02-21

申请号：US16726722

申请日：2019-12-24

Applicant: Apple Inc.

Inventor： Rupamay Saha ,  Brandon K. Leventhal ,  Christopher Sharp ,  Vishnu Janardhanan Pillai ,  Gianpaolo Fasoli ,  Augustin J. Farrugia

IPC: H04L29/06 ,  H04L9/40 ,  H04L9/32 ,  H04L9/00 ,  H04L9/30

Abstract: A device implementing a system for using a verified claim of identity includes at least one processor configured to receive a verified claim including information to identify a user of a device, the verified claim being signed by a server based on verification of the information by an identity verification provider separate from the server, the verified claim being specific to the device. The at least one processor is further configured to send, to a service provider, a request for a service provided by the service provider, and receive, from the service provider and in response to the sending, a request for the verified claim. The at least one processor is further configured to send, in response to the receiving, the verified claim to the service provider.

公开(公告)号：US10599873B2

公开(公告)日：2020-03-24

申请号：US15707847

申请日：2017-09-18

Applicant: Apple Inc.

Inventor： Lucas O. Winstrom ,  Eric D. Friedman ,  Ritwik K. Kumar ,  Jeremy M. Stober ,  Amol V. Pattekar ,  Benoit Chevallier-Mames ,  Julien Lerouge ,  Gianpaolo Fasoli ,  Augustin J. Farrugia ,  Mathieu Ciet

IPC: H04L29/06 ,  G06F21/64 ,  G06Q10/10 ,  H04L12/58 ,  H04L9/32 ,  G06F21/55

Abstract: Systems and methods are described for rate-limiting a message-sending client interacting with a message service based on dynamically calculated risk assessments of the probability that the client is, or is not, a sender of a spam messages. The message service sends a proof of work problem to a sending client device with a difficulty level that is related to a risk assessment that the client is a sender of spam messages. The message system limits the rate at which a known or suspected spammer can send messages by giving the known or suspected spammer client harder proof of work problems to solve, while minimizing the burden on normal users of the message system by given them easier proof of work problems to solve that can typically be solved by the client within the time that it takes to type a message.

公开(公告)号：US10002236B2

公开(公告)日：2018-06-19

申请号：US14634405

申请日：2015-02-27

Applicant: Apple Inc.

Inventor： Gianpaolo Fasoli ,  Apoorva Govind ,  Augustin J. Farrugia ,  Raffi T. Khatchadourian

IPC: G06F21/10 ,  G06F17/30 ,  H04L29/06 ,  H04W4/00

Abstract: User accounts can be linked together to form a group of linked user accounts that can access content items assigned to the other user accounts in the group. A user can download content items assigned to their user account, as well as shared content items assigned to one of the other user accounts in the group of linked user accounts. Use of shared content items can be restricted to client devices running specified versions of an operating system. The key ID tagged to a shared content item can be altered such that the key ID no longer correctly identifies the corresponding DRM key that enables use of the shared content item. Client devices authorized to use shared content items can be configured to recognize that a content item is a shared content item and generate the original key ID form the altered key ID.

公开(公告)号：US20160359618A1

公开(公告)日：2016-12-08

申请号：US14866997

申请日：2015-09-27

Applicant: Apple Inc.

Inventor： Bruno Kindarji ,  Benoit Chevallier-Mames ,  Mathieu Ciet ,  Augustin J. Farrugia ,  Thomas Icart

IPC: H04L9/06 ,  H04L29/06 ,  H04L9/14

CPC classification number: H04L9/0618 ,  H04L9/0631 ,  H04L9/14 ,  H04L63/1466 ,  H04L2209/16 ,  H04L2209/24 ,  H04L2209/34

Abstract: Some embodiments provide a method for performing an iterative block cipher. Line rotations and column rotations are combined to have a diversity of representations of the AES state. These protections can be performed either in static mode where the rotations are directly included in the code and the tables or in dynamic mode where the rotations are chosen randomly at execution time, depending on some entropic context variables. The two modes can also be advantageously combined together.

Abstract translation: 一些实施例提供了一种用于执行迭代块密码的方法。 线旋转和列旋转被组合以具有多种AES状态的表示。 这些保护可以在静止模式下执行，其中旋转被直接包括在代码和表中，或者在动态模式中，其中根据一些熵上下文变量在执行时随机选择旋转。 两种模式也可以有利地组合在一起。

公开(公告)号：US20160261405A1

公开(公告)日：2016-09-08

申请号：US14639026

申请日：2015-03-04

Applicant: APPLE INC.

Inventor： Benoit Chevallier-Mames ,  Bruno Kindarji ,  Thomas Icart ,  Augustin J. Farrugia ,  Mathieu Ciet

IPC: H04L9/06 ,  H04L9/14

CPC classification number: H04L9/0631 ,  H04L9/002 ,  H04L2209/046 ,  H04L2209/16 ,  H04L2209/24 ,  H04L2209/60

Abstract: Some embodiments provide a method for performing a cryptographic process. The method receives first and second cipher keys. The method generates a set of subkeys corresponding to each of the first and second cipher keys. The set of subkeys for the first cipher key is dependent on the first cipher key and the second cipher key. The method performs the cryptographic process by using the generated sets of subkeys.

Abstract translation: 一些实施例提供了用于执行密码处理的方法。 该方法接收第一和第二密码密钥。 该方法生成与第一和第二密码密钥中的每一个对应的一组子密钥。 用于第一密码密钥的子密钥集合取决于第一密码密钥和第二密码密钥。 该方法通过使用生成的子项集执行加密处理。

公开(公告)号：US20150073998A1

公开(公告)日：2015-03-12

申请号：US14022104

申请日：2013-09-09

Applicant: Apple Inc.

Inventor： Thomas Alsina ,  Dallas B. De Atley ,  Augustin J. Farrugia ,  Byron B. Han ,  Sean B. Kelly ,  Craig A. Marciniak ,  Maxim Khutornenko ,  Raymond N. Walsh

IPC: G06Q20/40 ,  G06Q20/36 ,  G06Q20/04 ,  G06Q20/38 ,  G06Q30/06

CPC classification number: G06Q30/0609 ,  G06F21/32 ,  G06Q20/04 ,  G06Q20/12 ,  G06Q20/32 ,  G06Q20/322 ,  G06Q20/3674 ,  G06Q20/3821 ,  G06Q20/40145 ,  H04L63/083 ,  H04L63/0861

Abstract: An online store can transmit an online account token to an electronic device or to a biometric sensing device after a user successfully enters his or her account password. The electronic device or the biometric sensing device can countersign the online account token when the one or more biometric images match reference biometric images and the account password matches user identifier data stored in the electronic device or in the biometric sensing device. The countersigned online account token can then be transmitted to the online store. The user can then make one or more purchases after the online store receives the countersigned online account token.

Abstract translation: 在用户成功输入他或她的帐户密码之后，在线商店可以将在线帐户令牌传送到电子设备或生物测定传感设备。 当一个或多个生物测定图像与参考生物图像匹配并且帐户密码与存储在电子设备中或生物测定传感设备中的用户标识符数据匹配时，电子设备或生物特征感测设备可以对准在线帐户令牌。 然后可以将签署的在线帐户令牌发送到在线商店。 然后，用户可以在网上商店收到签署的在线帐户令牌之后进行一次或多次购买。

公开(公告)号：US08949935B2

公开(公告)日：2015-02-03

申请号：US13732056

申请日：2012-12-31

Applicant: Apple Inc.

Inventor： Thomas Alsina ,  Michael K. Chu ,  Augustin J. Farrugia ,  Gianpaolo Fasoli ,  Sean B. Kelly ,  Delfin Jorge Rojas ,  Nicholas T. Sullivan ,  Zhiyuan Zhao

IPC: H04L9/32 ,  H04L9/00 ,  H04L29/06

CPC classification number: H04L63/08 ,  H04L29/06 ,  H04L63/0807 ,  H04L63/126

Abstract: In one embodiment, non-transitory computer-readable medium stores instructions for establishing a trusted two-way communications session for account creation for an online store, which include instructions for causing a processor to perform operations comprising retrieving and verifying a signed configuration file from a server, requesting a communication session using the configuration file, receiving a payload of account creation forms from a network client, signing the payload according to the server configuration file, and sending the signed payload containing account creation information to the server. In one embodiment, a computer-implemented method comprises analyzing timestamps for requests for data forms for supplying account creation information for evidence of automated account creation activity and rejecting the request for the locator of the second account creation form if evidence of automated account creation activity is detected. Methods for secure account authentication and asset purchase are also disclosed.

Abstract translation: 在一个实施例中，非暂时性计算机可读介质存储用于建立用于在线商店的帐户创建的可信双向通信会话的指令，其包括用于使处理器执行操作的指令，所述指令包括从以下操作检索和验证签名配置文件： 服务器，使用配置文件请求通信会话，从网络客户端接收帐户创建表单的有效载荷，根据服务器配置文件签名有效载荷，以及将包含帐户创建信息的签名的有效载荷发送到服务器。 在一个实施例中，计算机实现的方法包括分析用于数据表单的请求的时间戳，用于提供用于创建自动化帐户的活动的证据的帐户创建信息，并且如果自动帐户创建活动的证据是拒绝第二帐户创建表单的定位者的请求， 检测到。 还披露了安全帐户认证和资产购买的方法。

公开(公告)号：US20140025521A1

公开(公告)日：2014-01-23

申请号：US13668109

申请日：2012-11-02

Applicant: APPLE INC.

Inventor： Thomas Matthieu Alsina ,  Scott T. Boyd ,  Michael Kuohao Chu ,  Augustin J. Farrugia ,  Gianpaolo Fasoli ,  Patrice O. Gautier ,  Sean B. Kelly ,  Payam Mirrashidi ,  Pedraum Pardehpoosh ,  Conrad Sauerwald ,  Kenneth W. Scott ,  Rajit Shinh ,  Braden Jacob Thomas ,  Andrew R. Whalley

IPC: G06Q30/06

Abstract: In one embodiment, a unique (or quasi unique) identifier can be received by an application store, or other on-line store, and the store can create a signed receipt that includes data desired from the unique identifier. This signed receipt is then transmitted to a device that is running the application obtained from the on-line store and the device can verify the receipt by deriving the unique (or quasi-unique) identifier from the signed receipt and comparing the derived identifier with the device identifier stored on the device, or the vendor identifier assigned to the application vendor.

Abstract translation: 在一个实施例中，唯一的（或准唯一的）标识符可以由应用商店或其他在线商店接收，并且商店可以创建包括从唯一标识符所期望的数据的签名收据。 然后将该签名的收据发送到运行从在线商店获取的应用的设备，并且设备可以通过从签名的收据导出唯一（或准唯一）标识符来验证收据，并将导出的标识符与 存储在设备上的设备标识符或分配给应用供应商的供应商标识符。

公开(公告)号：US20130205137A1

公开(公告)日：2013-08-08

申请号：US13802508

申请日：2013-03-13

Applicant: APPLE INC.

Inventor： Augustin J. Farrugia ,  Bertrand Mollinier Toublet ,  Gianpaolo Fasoli ,  Mathieu Ciet ,  Jill Surdzial

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/321 ,  H04L9/3218 ,  H04L9/3242 ,  H04L2209/603 ,  H04L2209/80

Abstract: In the fields of data security and system reliability and qualification, this disclosure is of a method, system and apparatus for verifying or authenticating a device to a host using a zero-knowledge based authentication technique which includes a keyed message authentication code such as an HMAC or keyed cipher function and which operates on secret information shared between the host and the device. This is useful both for security purposes and also to make sure that a device such as a computer peripheral or accessory or component is qualified to be interoperable with the host.

Abstract translation: 在数据安全性和系统可靠性和资格认证领域中，本公开是一种用于使用基于零知识的认证技术来验证或认证到主机的设备的方法，系统和装置，其包括诸如HMAC之类的密钥化消息认证码 或密钥密码函数，并且操作在主机和设备之间共享的秘密信息。 这对于安全目的也是有用的，并且还确保诸如计算机外围设备或附件或组件的设备有资格与主机互操作。