公开(公告)号：US20180337956A1

公开(公告)日：2018-11-22

申请号：US16048934

申请日：2018-07-30

Applicant: Apple Inc.

Inventor： Aaron M. Sigel ,  Andrew R. Whalley ,  Awartika Pandey ,  Robert J. Walsh

IPC: H04L29/06 ,  H04W48/16 ,  H04W12/08 ,  H04W12/02 ,  H04W12/04

Abstract: A wireless device can obtain a network information record from another device operating as a credential source. The network information record can include network access information for a wireless network (e.g., SSID and password) and a usage policy specifying conditions under which the wireless device should search for the wireless network (e.g., temporal and/or spatial conditions). The wireless device can implement the usage policy by searching for the wireless network only when the conditions are satisfied. In some instances, the network access information can include instructions for dynamically generating time-varying network access information, and the wireless device can use the instructions to generate network access information during a search for wireless networks.

公开(公告)号：US10079677B2

公开(公告)日：2018-09-18

申请号：US15173643

申请日：2016-06-04

Applicant: Apple Inc.

Inventor： Wade Benson ,  Libor Sykora ,  Vratislav Kuzela ,  Michael Brouwer ,  Andrew R. Whalley ,  Jerrold V. Hauck ,  David Finkelstein ,  Thomas Mensch

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  H04L9/00 ,  G06F21/32 ,  H04L9/14

CPC classification number: H04L9/0861 ,  G06F13/28 ,  G06F13/4063 ,  G06F21/32 ,  G06F21/72 ,  G06F21/74 ,  G06F21/78 ,  G06F21/79 ,  H04L9/006 ,  H04L9/0877 ,  H04L9/14 ,  H04L9/3231 ,  H04L9/3234 ,  H04L9/3239 ,  H04L9/3247 ,  H04L9/3249 ,  H04L9/3263 ,  H04L9/3268 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/0861 ,  H04L2209/12 ,  H04L2209/127 ,  H04L2463/081

Abstract: Techniques are disclosed relating to relating to a public key infrastructure (PKI). In one embodiment, an integrated circuit is disclosed that includes at least one processor and a secure circuit isolated from access by the processor except through a mailbox mechanism. The secure circuit is configured to generate a key pair having a public key and a private key, and to issue, to a certificate authority (CA), a certificate signing request (CSR) for a certificate corresponding to the key pair. In some embodiments, the secure circuit may be configured to receive, via the mailbox mechanism, a first request from an application executing on the processor to issue a certificate to the application. The secure circuit may also be configured to perform, in response to a second request, a cryptographic operation using a public key circuit included in the secure circuit.

公开(公告)号：US10055634B2

公开(公告)日：2018-08-21

申请号：US15899996

申请日：2018-02-20

Applicant: Apple Inc.

Inventor： Byron Han ,  Matthew E. Shepherd ,  Imran Chaudhri ,  Gregory N. Christie ,  Patrick L. Coffman ,  Craig M. Federighi ,  Matthew H. Gamble ,  Brittany D. Paine ,  Brendan J. Langoulant ,  Craig A. Marciniak ,  Donald W. Pitschel ,  Daniel O. Schimpf ,  Andrew R. Whalley ,  Christopher R. Whitney ,  Jonathan R. Dascola ,  Lawrence Y. Yang

IPC: G06F3/048 ,  G06K9/00 ,  G06F3/0488 ,  G06F3/0481 ,  G06F21/31 ,  G06F21/32 ,  H04W12/06 ,  H04L29/06 ,  H04L9/32 ,  H04W88/02

CPC classification number: G06K9/00033 ,  G06F3/0481 ,  G06F3/04883 ,  G06F21/31 ,  G06F21/32 ,  G06F21/41 ,  G06F2221/2113 ,  G06K9/00073 ,  H04L9/3231 ,  H04L63/0815 ,  H04L63/083 ,  H04L63/0861 ,  H04L63/105 ,  H04W12/00508 ,  H04W12/06 ,  H04W88/02

Abstract: An electronic device with a display and a fingerprint sensor displays a fingerprint enrollment interface and detects, on the fingerprint sensor, a plurality of finger gestures performed with a finger. The device collects fingerprint information from the plurality of finger gestures performed with the finger. After collecting the fingerprint information, the device determines whether the collected fingerprint information is sufficient to enroll a fingerprint of the finger. When the collected fingerprint information for the finger is sufficient to enroll the fingerprint of the finger, the device enrolls the fingerprint of the finger with the device. When the collected fingerprint information for the finger is not sufficient to enroll the fingerprint of the finger, the device displays a message in the fingerprint enrollment interface prompting a user to perform one or more additional finger gestures on the fingerprint sensor with the finger.

公开(公告)号：US20170373843A1

公开(公告)日：2017-12-28

申请号：US15173643

申请日：2016-06-04

Applicant: Apple Inc.

Inventor： Wade Benson ,  Libor Sykora ,  Vratislav Kuzela ,  Michael Brouwer ,  Andrew R. Whalley ,  Jerrold V. Hauck ,  David Finkelstein ,  Thomas Mensch

IPC: H04L9/08 ,  H04L9/00 ,  H04L9/14 ,  H04L9/32 ,  G06F21/32

CPC classification number: H04L9/0861 ,  G06F21/32 ,  G06F21/74 ,  H04L9/006 ,  H04L9/0877 ,  H04L9/14 ,  H04L9/3231 ,  H04L9/3234 ,  H04L9/3239 ,  H04L9/3247 ,  H04L9/3249 ,  H04L9/3263 ,  H04L9/3268 ,  H04L2209/12 ,  H04L2209/127

Abstract: Techniques are disclosed relating to relating to a public key infrastructure (PKI). In one embodiment, an integrated circuit is disclosed that includes at least one processor and a secure circuit isolated from access by the processor except through a mailbox mechanism. The secure circuit is configured to generate a key pair having a public key and a private key, and to issue, to a certificate authority (CA), a certificate signing request (CSR) for a certificate corresponding to the key pair. In some embodiments, the secure circuit may be configured to receive, via the mailbox mechanism, a first request from an application executing on the processor to issue a certificate to the application. The secure circuit may also be configured to perform, in response to a second request, a cryptographic operation using a public key circuit included in the secure circuit.

公开(公告)号：US09684501B2

公开(公告)日：2017-06-20

申请号：US14732612

申请日：2015-06-05

Applicant: Apple Inc.

Inventor： Steven J. Falkenburg ,  Christopher S. Linn ,  Maciej Stachowiak ,  Jonathan Grynspan ,  Andrew R. Whalley ,  Robert Bradley ,  Samuel M. Weinig

IPC: G06F9/445 ,  G06F17/30 ,  H04L29/08

CPC classification number: G06F8/61 ,  G06F17/30876 ,  H04L67/06

Abstract: Methods and systems for associating, in a secure manner, a link between web sites (or other network resources) and installed applications. In one embodiment, a signed list of one or more URLs is downloaded and validated to establish an association, which is stored in a data structure, between a first application and a second application. In response to receiving a selection of a URL in the second application, comparing the selected URL to URLs in the data structure and displaying, in the first application, content of the selected URL in response to determining that at least a prefix portion of the selected URL matches one of the URL associated with the first application in the data structure.

公开(公告)号：US20160357537A1

公开(公告)日：2016-12-08

申请号：US14732612

申请日：2015-06-05

Applicant: Apple Inc.

Inventor： Steven J. Falkenburg ,  Christopher S. Linn ,  Maciej Stachowiak ,  Jonathan Grynspan ,  Andrew R. Whalley ,  Robert Bradley ,  Samuel M. Weinig

IPC: G06F9/445 ,  H04L29/08

CPC classification number: G06F8/61 ,  G06F17/30876 ,  H04L67/06

Abstract: Methods and systems for associating, in a secure manner, a link between web sites (or other network resources) and installed applications. In one embodiment, a signed list of one or more URLs is downloaded and validated to establish an association, which is stored in a data structure, between a first application and a second application. In response to receiving a selection of a URL in the second application, comparing the selected URL to URLs in the data structure and displaying, in the first application, content of the selected URL in response to determining that at least a prefix portion of the selected URL matches one of the URL associated with the first application in the data structure.

Abstract translation: 用于以安全的方式关联网站（或其他网络资源）和已安装应用程序之间的链接的方法和系统。 在一个实施例中，下载并验证一个或多个URL的签名列表，以在第一应用和第二应用之间建立存储在数据结构中的关联。 响应于在第二应用中接收到URL的选择，将所选择的URL与数据结构中的URL进行比较，并且响应于确定所选择的URL的至少前缀部分在第一应用中显示所选择的URL的内容 URL与数据结构中与第一个应用程序相关联的URL之一匹配。

公开(公告)号：US20160094548A1

公开(公告)日：2016-03-31

申请号：US14502960

申请日：2014-09-30

Applicant: Apple Inc.

Inventor： Jeffrey C. Lee ,  Andrew R. Whalley ,  Craig A. Marciniak

IPC: H04L29/06

CPC classification number: H04L63/0861 ,  H04W12/04 ,  H04W12/08 ,  H04W88/02

Abstract: Systems and methods are disclosed for securely injecting one or more key values into an electronic device by reading with a fingerprint sensor a manufactured key device having a key value. A secure communication channel between a fingerprint sensor and a secure processing system enables the reading, processing, and storing of the fingerprint sensor data from the key device. The key device includes a conductive substantially planar substrate (“substrate”) with raised conductive portions configured to encode a key value. The substrate can be made from a non-conductive material and have conductive material applied to the substrate to encode the key value. The substrate can be covered with an opaque, conductive layer so that the encoding cannot be visually perceived. The encoding scheme can be a QR code, a bar code, an image, an alphanumeric string, or other encoding. One or more electronic device access policies can be associated with a key value to control how an electronic device can be used when the electronic device is accessed with the manufactured key device.

Abstract translation: 公开了用于通过用指纹传感器读取具有键值的制造的键装置来将一个或多个键值安全地注入到电子设备中的系统和方法。 指纹传感器和安全处理系统之间的安全通信通道使得能够从密钥设备读取，处理和存储指纹传感器数据。 关键装置包括具有凸起的导电部分的导电的基本平坦的基板（“基板”），该导电部分配置成编码键值。 衬底可以由非导电材料制成并且具有施加到衬底的导电材料以对键值进行编码。 衬底可以用不透明的导电层覆盖，使得编码不能被视觉上察觉。 编码方案可以是QR码，条形码，图像，字母数字串或其他编码。 一个或多个电子设备访问策略可以与键值相关联，以控制当使用所制造的关键设备访问电子设备时如何使用电子设备。