公开(公告)号：US20240372855A1

公开(公告)日：2024-11-07

申请号：US18777443

申请日：2024-07-18

Applicant: Apple Inc.

Inventor： Max M. GUNTHER ,  Onar VIKINGSTAD ,  Ramiro CALVO ,  Isabella M. FUNKE ,  Eric D. FRIEDMAN ,  Hervé SIBERT ,  David P. REMAHL ,  Yannick L. SIERRA ,  Frank B. DANCS ,  Sudhakar N. MAMBAKKAM

IPC: H04L9/40 ,  G06F21/71 ,  G06K7/14 ,  G06K19/06 ,  H04L9/08 ,  H04L9/32 ,  H04L65/1069

Abstract: This application relates to establishing a communication session between a host device and a trusted client device. A host device generates a one-time secret (OTS) and transmits the OTS to a trusted client device via an out-of-band communication channel. The trusted client device verifies an identity of a user of the trusted client device utilizing one or more sensors of the trusted client device. Responsive to verifying the identity of the user, the trusted client device negotiates an encryption key with the host device based on the OTS. The trusted client device then establishes a communication session with the host device utilizing the encryption key. The communication session can be utilized to pass credentials in a protected manner from the trusted client device to the host device that enable the host device to access a user account associated with a service.

公开(公告)号：US20240380735A1

公开(公告)日：2024-11-14

申请号：US18783400

申请日：2024-07-24

Applicant: Apple Inc.

Inventor： Ivan KRSTIC ,  Damien P. SORRESSO ,  David P. REMAHL ,  Elliot C. LISKIN ,  Justin S. HOGG ,  Kevin J. LINDEMAN ,  Lucia E. BALLARD ,  Nicholas J. CIRCOSTA ,  Richard J. COOPER ,  Ryan A. WILLIAMS ,  Steven C. VITTITOE ,  Zachariah J. RIGGLE ,  Patrick R. METCALFE ,  Andrew T. WHITEHEAD

IPC: H04L9/40 ,  H04L51/212

Abstract: The subject disclosure provides systems and methods for application-specific network data filtering. Application-specific network data filtering may be performed by a sandboxed process prior to providing the network data to an application to which the network data is directed. Any malicious or otherwise potentially harmful data that is included in the network data may be removed by the application-specific network data filter or may be allowed to corrupt the application specific network data filtering operations within the sandbox, thereby preventing the malicious or harmful data from affecting the application or other portions of an electronic device. In one or more implementations, a first process such as an application-specific network data filtering process may request allocation of memory for the first process from second process, such as an application, that is separate from a memory manager of the electronic device.