公开(公告)号：US20240169046A1

公开(公告)日：2024-05-23

申请号：US18521808

申请日：2023-11-28

Applicant: Apple Inc.

Inventor： Deepti S. Prakash ,  Lucia E. Ballard ,  Jerrold V. Hauck ,  Feng Tang ,  Etai Littwin ,  Pavan Kumar Anasosalu Vasu ,  Gideon Littwin ,  Thorsten Gernoth ,  Lucie Kucerova ,  Petr Kostka ,  Steven P. Hotelling ,  Eitan Hirsh ,  Tal Kaitz ,  Jonathan Pokrass ,  Andrei Kolin ,  Moshe Laifenfeld ,  Matthew C. Waldon ,  Thomas P. Mensch ,  Lynn R. Youngs ,  Christopher G. Zeleznik ,  Michael R. Malone ,  Ziv Hendel ,  Ivan Krstic ,  Anup K. Sharma

IPC: G06F21/32 ,  G06F21/83 ,  G06V40/16 ,  G06V40/40 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40 ,  H04W12/06

CPC classification number: G06F21/32 ,  G06F21/83 ,  G06V40/166 ,  G06V40/172 ,  G06V40/40 ,  H04L9/0844 ,  H04L9/085 ,  H04L9/3228 ,  H04L9/3231 ,  H04L9/3234 ,  H04L9/3247 ,  H04L63/0861 ,  H04W12/06

Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.

公开(公告)号：US20220138313A1

公开(公告)日：2022-05-05

申请号：US17348576

申请日：2021-06-15

Applicant: Apple Inc.

Inventor： Filip J. Pizlo ,  Michael L. Saboff ,  Bernard J. Semeria ,  Jacques Fortier ,  Ivan Krstic ,  Yusuke Suzuki ,  Saam J. Barati ,  Yin Zin Mark Lam

IPC: G06F21/53

Abstract: In an embodiment, dynamically-generated code may be supported in the system by ensuring that the code either remains executing within a predefined region of memory or exits to one of a set of valid exit addresses. Software embodiments are described in which the dynamically-generated code is scanned prior to permitting execution of the dynamically-generated code to ensure that various criteria are met including exclusion of certain disallowed instructions and control of branch target addresses. Hardware embodiments are described in which the dynamically-generated code is permitted to executed but is monitored to ensure that the execution criteria are met.

公开(公告)号：US20210049251A1

公开(公告)日：2021-02-18

申请号：US17084172

申请日：2020-10-29

Applicant: Apple Inc.

Inventor： Lucia E. Ballard ,  Jerrold V. Hauck ,  Deepti S. Prakash ,  Jan Cibulka ,  Ivan Krstic

IPC: G06F21/32 ,  G06F21/78 ,  G06F21/62 ,  H04M1/725 ,  H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  H04W12/08 ,  G06F21/34

Abstract: The present disclosure describes techniques for changing a required authentication type based on a request for a particular type of information. For example, consider a situation where a user has asked a virtual assistant “who owns this device?” By default, the device may allow biometric authentication to unlock. In response to identification of the owner by the virtual assistant, however, the device may require one or more other types of authentication (e.g., manual entry of a passcode) to unlock the device. In various embodiments, the disclosed techniques may increase the security of the device by making it more difficult for malicious entities to obtain the sensitive information or to access device functionality once the sensitive information has been disclosed. In various embodiments, this may prevent or reduce unauthorized access to the device.

公开(公告)号：US20170255780A1

公开(公告)日：2017-09-07

申请号：US15275000

申请日：2016-09-23

Applicant: Apple Inc.

Inventor： Gregory D. Hughes ,  Ivan Krstic ,  Oliver J. Hunt

IPC: G06F21/57 ,  G06F12/10 ,  G06F9/45 ,  G06F3/06 ,  G06F9/455 ,  G06F21/53

CPC classification number: G06F21/575 ,  G06F3/0622 ,  G06F3/0631 ,  G06F3/0634 ,  G06F3/065 ,  G06F9/4552 ,  G06F12/10 ,  G06F21/53 ,  G06F2212/1052 ,  G06F2221/033

Abstract: Methods and systems for securely executing untrusted software are described. In one embodiment, two virtual memory mappings are used (one readable/writeable-RW and the other readable/executable-RX). In one embodiment, compiled software is used at run time through pointers to the RX virtual memory space and a compiler causes the storage of the compiled software in the RW virtual memory space through the use of an executable function (e.g. a memory copy like function) stored in an executable only memory region.

公开(公告)号：US09536080B2

公开(公告)日：2017-01-03

申请号：US14726292

申请日：2015-05-29

Applicant: Apple Inc.

Inventor： Gregory I. Kerr ,  Pierre-Olivier J. Martel ,  Love Hornquist Astrand ,  Peter Kiehtreiber ,  Ivan Krstic

IPC: G06F21/51 ,  G06F21/52 ,  G06F21/64

CPC classification number: G06F21/52 ,  G06F21/51 ,  G06F21/64 ,  G06F2221/033

Abstract: According to one embodiment, in response to a request received from an application by a launch module hosted by an operating system and executed by a processor to dynamically load a library, a library validation module hosted by the operating system extracts a first team identifier (ID) from the application, where the first team ID identifies an application provider that provides the application. The library validation module extracts a second team ID from the library, where the second team ID identifies a library provider that provides the library. The first team ID and the second team ID are compared to determine whether the first team ID matches the second team ID. In response to determining that the first team ID matches the second team ID, the launch module launches the library to allow the application communicate with the library; otherwise, the request is denied.

Abstract translation: 根据一个实施例，响应于由操作系统托管并由处理器执行并由处理器执行以动态加载库的从应用程序接收到的请求，由操作系统托管的库验证模块提取第一团队标识符（ID ），其中第一个团队ID标识提供应用程序的应用程序提供程序。 库验证模块从库中提取第二个团队ID，其中第二个团队ID标识提供该库的库提供程序。 比较第一个团队ID和第二个团队ID，以确定第一个团队ID是否与第二个团队ID相匹配。 为了响应确定第一个团队ID与第二个团队ID相匹配，启动模块启动该库以允许应用程序与库通信; 否则，请求被拒绝。

公开(公告)号：US20150347741A1

公开(公告)日：2015-12-03

申请号：US14292711

申请日：2014-05-30

Applicant: Apple Inc.

Inventor： Ivan Krstic ,  Pierre-Olivier J. Martel ,  Gregory Daniel Hughes

IPC: G06F21/36 ,  G06F21/31

CPC classification number: G06F21/32 ,  G06F2221/2133

Abstract: Techniques for managing security of a data processing system are described herein. According to one embodiment, in response to a request for modifying a security settings of a data processing system, a message is displayed on a display of the data processing system to request a user who operates the data processing system to perform a physical action to prove that the user was physically present to issue the request for modifying the security settings. It is verified whether a user action physically performed by the user conforms to the requested physical action. The security settings of the data processing system is modified, in response to determining that the user action conforms to the requested physical action.

Abstract translation: 本文描述了用于管理数据处理系统的安全性的技术。 根据一个实施例，响应于修改数据处理系统的安全设置的请求，在数据处理系统的显示器上显示消息以请求操作数据处理系统的用户执行物理动作以证明 用户实际存在以发出修改安全设置的请求。 验证用户物理地执行的用户动作是否符合所请求的物理动作。 响应于确定用户动作符合所请求的物理动作，修改数据处理系统的安全设置。

公开(公告)号：US09003427B2

公开(公告)日：2015-04-07

申请号：US14273309

申请日：2014-05-08

Applicant: Apple Inc.

Inventor： Philip J. Holland ,  Ivan Krstic ,  Pierre-Oliver J. Martel

IPC: G06F13/00 ,  H04L29/06 ,  G06F3/0481

CPC classification number: H04L63/10 ,  G06F3/048 ,  G06F3/0481 ,  G06F9/451 ,  G06F21/53 ,  G06F21/6281 ,  G06F2209/545

Abstract: According to one aspect, a graphics management system receives a first message from a first process for granting one or more rights to a second process for accessing a GUI element owned by the first process. In response, the graphics management system transmits a second message to the second process, the second message offering the one or more rights to the second process. The graphics management system receives a third message from the second process indicating an acceptance of the offer. Thereafter, the graphics management system restricts access of the GUI element by the second process based on the one or more rights accepted by the second process.

Abstract translation: 根据一个方面，图形管理系统从第一进程接收第一消息，用于向用于访问由第一进程所拥有的GUI元素的第二进程授予一个或多个权限。 作为响应，图形管理系统向第二进程发送第二消息，第二消息向第二进程提供一个或多个权限。 图形管理系统从第二进程接收到第三个消息，指示接受该要约。 此后，图形管理系统基于第二处理所接受的一个或多个权限，限制GUI元素的访问。

公开(公告)号：US20140229958A1

公开(公告)日：2014-08-14

申请号：US14179966

申请日：2014-02-13

Applicant: Apple Inc.

Inventor： Kevin J. Van Vechten ,  Damien Pascal Sorresso ,  Richard L. Hagy ,  Ivan Krstic

IPC: G06F9/54

CPC classification number: G06F21/629 ,  G06F9/44521 ,  G06F9/468 ,  G06F9/541 ,  G06F9/542 ,  G06F21/52

Abstract: When an application is launched, a framework scanning module scans a plurality of frameworks linked against by the application to generate a list of available services. When the application makes a request of a particular service, a service verification module compares the requested service to the list of available services and if the requested service is found in the list of available services, sends a signal to the application, the signal allowing access to the requested service for the application. Otherwise, access to the requested service is denied.

Abstract translation: 当启动应用程序时，框架扫描模块扫描由应用程序链接的多个框架以生成可用服务的列表。 当应用程序请求特定服务时，服务验证模块将所请求的服务与可用服务的列表进行比较，并且如果在可用服务的列表中找到所请求的服务，则向应用发送信号，允许访问的信号 到应用程序的请求服务。 否则，拒绝对请求的服务的访问。

公开(公告)号：US20130139064A1

公开(公告)日：2013-05-30

申请号：US13748145

申请日：2013-01-23

Applicant: Apple Inc.

Inventor： Philip J. Holland ,  Ivan Krstic ,  Pierre-Olivier J. Martel

IPC: G06F3/048

CPC classification number: H04L63/10 ,  G06F3/048 ,  G06F3/0481 ,  G06F9/451 ,  G06F21/53 ,  G06F21/6281 ,  G06F2209/545

Abstract: According to one aspect, a graphics management system receives a first message from a first process for granting one or more rights to a second process for accessing a GUI element owned by the first process. In response, the graphics management system transmits a second message to the second process, the second message offering the one or more rights to the second process. The graphics management system receives a third message from the second process indicating an acceptance of the offer. Thereafter, the graphics management system restricts access of the GUI element by the second process based on the one or more rights accepted by the second process.

Abstract translation: 根据一个方面，图形管理系统从第一进程接收第一消息，用于向用于访问由第一进程所拥有的GUI元素的第二进程授予一个或多个权限。 作为响应，图形管理系统向第二进程发送第二消息，第二消息向第二进程提供一个或多个权限。 图形管理系统从第二进程接收到第三个消息，指示接受该要约。 此后，图形管理系统基于第二处理所接受的一个或多个权限，限制GUI元素的访问。

公开(公告)号：US11868455B2

公开(公告)日：2024-01-09

申请号：US17182076

申请日：2021-02-22

Applicant: Apple Inc.

Inventor： Deepti S. Prakash ,  Lucia E. Ballard ,  Jerrold V. Hauck ,  Feng Tang ,  Etai Littwin ,  Pavan Kumar Anasosalu Vasu ,  Gideon Littwin ,  Thorsten Gernoth ,  Lucie Kucerova ,  Petr Kostka ,  Steven P. Hotelling ,  Eitan Hirsh ,  Tal Kaitz ,  Jonathan Pokrass ,  Andrei Kolin ,  Moshe Laifenfeld ,  Matthew C. Waldon ,  Thomas P. Mensch ,  Lynn R. Youngs ,  Christopher G. Zeleznik ,  Michael R. Malone ,  Ziv Hendel ,  Ivan Krstic ,  Anup K. Sharma

IPC: G06F21/32 ,  H04L9/32 ,  H04W12/06 ,  H04L9/40 ,  G06F21/83 ,  G06V40/40 ,  G06V40/16 ,  H04L9/08

CPC classification number: G06F21/32 ,  G06F21/83 ,  G06V40/166 ,  G06V40/172 ,  G06V40/40 ,  H04L9/085 ,  H04L9/0844 ,  H04L9/3228 ,  H04L9/3231 ,  H04L9/3234 ,  H04L9/3247 ,  H04L63/0861 ,  H04W12/06

Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.