中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

24 records (took 0.026 seconds)

    Branch auditing in a computer program
    2.
    发明授权
    Branch auditing in a computer program 有权
    计算机程序中的分支审计

    公开(公告)号:US09047448B2

    公开(公告)日:2015-06-02

    申请号:US13741227

    申请日:2013-01-14

    Applicant: Apple Inc.

    Inventor: Cedric Tessier Daniel Reynaud Jean-Baptiste Aviat Jonathan Gregory McLachlan Julien Lerouge Pierre Betouin

    IPC: G06F7/38 G06F9/00 G06F9/44 H04L9/32 G06F11/30 G06F12/14 G06F21/14 G06F21/51

    CPC classification number: G06F21/14 G06F8/41 G06F9/45545 G06F21/51 G06F2221/2107

    Abstract: A branch auditing system can be automatically injected into a computer program, in one embodiment, in response to a programming call provided in source code by a programmer who has selected a particular branch, in a set of possible branches, for auditing. The branch auditing system can record, in an obfuscated data structure, a path taken at the particular branch and the parameters associated with the branch and later an auditor can determine whether the path taken was valid, and if the path taken was invalid, operations can be performed to protect the program, system and/or user.

    Abstract translation: 在一个实施例中,分支审计系统可以自动地注入到计算机程序中,以响应于在一组可能的分支中选择了特定分支以用于审计的程序员在源代码中提供的编程调用。 分支审计系统可以在模糊数据结构中记录在特定分支处采取的路径和与分支相关联的参数,随后审核员可以确定所采用的路径是否有效,并且如果所采用的路径无效,则操作可以 执行以保护程序,系统和/或用户。

    PREVENTING UNAUTHORIZED CALLS TO A PROTECTED FUNCTION
    3.
    发明申请
    PREVENTING UNAUTHORIZED CALLS TO A PROTECTED FUNCTION 有权
    防止未经授权的呼叫保护功能

    公开(公告)号:US20140344924A1

    公开(公告)日:2014-11-20

    申请号:US13893463

    申请日:2013-05-14

    Applicant: APPLE INC.

    Inventor: Jon McLachlan Julien Lerouge Daniel F. Reynaud Eric D. Laspe

    IPC: G06F21/54

    CPC classification number: G06F21/629 G06F21/125

    Abstract: An obfuscated program can be configured to resist attacks in which an attacker directly calls a non-entry function by verifying that an execution path to the function is an authorized execution path. To detect an unauthorized execution order, a secret value is embedded in each function along an authorized execution path. At runtime, the secrets are combined to generate a runtime representation of the execution path, and the runtime representation is verified against an expected value. To perform the verification, a verification polynomial is evaluated using the runtime representation as input. A verification value result of zero means the execution path is an authorized execution path.

    Abstract translation: 可以配置一个混淆程序,以抵御攻击者通过验证到该功能的执行路径是授权的执行路径直接调用非入口功能的攻击。 为了检测未经授权的执行顺序,秘密值被嵌入在沿着授权的执行路径的每个功能中。 在运行时,组合秘密以生成执行路径的运行时表示,并根据预期值验证运行时间表示。 为了执行验证,使用运行时表示作为输入来评估验证多项式。 验证值结果为零表示执行路径是授权的执行路径。

    METHOD AND APPARATUS FOR DYNAMIC OBFUSCATION OF STATIC DATA
    4.
    发明申请
    METHOD AND APPARATUS FOR DYNAMIC OBFUSCATION OF STATIC DATA 有权
    静态数据动态障碍的方法和装置

    公开(公告)号:US20140165208A1

    公开(公告)日:2014-06-12

    申请号:US13707444

    申请日:2012-12-06

    Applicant: APPLE INC.

    Inventor: Benoit Chevallier-Mames Daniel F. Reynaud Jonathan G. McLachlan Julien Lerouge Mathieu Ciet Thomas Icart

    IPC: G06F21/60

    CPC classification number: G06F21/14 G06F8/30

    Abstract: A method and an apparatus that provide rewriting code to dynamically mask program data statically embedded in a first code are described. The program data can be used in multiple instructions in the first code. A code location (e.g. an optimal code location) in the first code can be determined for injecting the rewriting code. The code location may be included in two or more execution paths of first code. Each execution path can have at least one of the instructions using the program data. A second code may be generated based on the first code inserted with the rewriting code at the optimal code location. The second code can include instructions using the program data dynamically masked by the rewriting code. When executed by a processor, the first code and the second code can generate identical results.

    Abstract translation: 描述提供重写代码来动态地屏蔽静态嵌入在第一代码中的程序数据的方法和装置。 程序数据可以在第一个代码中的多个指令中使用。 可以确定第一代码中的代码位置(例如,最佳代码位置)用于注入重写代码。 代码位置可以被包括在第一代码的两个或多个执行路径中。 每个执行路径可以具有使用程序数据的指令中的至少一个。 可以基于在最佳代码位置插入重写代码的第一代码来生成第二代码。 第二代码可以包括使用由重写代码动态屏蔽的程序数据的指令。 当由处理器执行时,第一代码和第二代码可以产生相同的结果。

    CREDENTIAL DELEGATION
    6.
    发明申请
    CREDENTIAL DELEGATION 审中-公开

    公开(公告)号:US20180337924A1

    公开(公告)日:2018-11-22

    申请号:US15970622

    申请日:2018-05-03

    Applicant: Apple Inc.

    Inventor: David C. Graham Taylor G. Carrigan Nicholas J. Paulson Johannes P. Schmidt Thomas Alsina Bob Bradley Haishan Ye James C. Grandy Pierre De Lastic Julien Lerouge

    IPC: H04L29/06

    Abstract: In some implementations, a computing system can be configured so that a first user device can delegate a first user's media account credentials to second user device corresponding to a second user. For example, a playback device may be configured with the second user's media account credentials for accessing media items through a network media service. A first user may wish to play media items associated with the first user's media account credentials on the playback device. To do so, the first user device can request a device identifier for the playback device, request and obtain a delegate token for the device identifier from the media service, and provide the delegate token along with media item information to the playback device. The playback device can then use the delegate token to request the media item associated with the first user's media access account.

    Dynamic obfuscation of heap memory allocations
    7.
    发明授权
    Dynamic obfuscation of heap memory allocations 有权
    堆内存分配的动态混淆

    公开(公告)号:US09268677B2

    公开(公告)日:2016-02-23

    申请号:US13659878

    申请日:2012-10-24

    Applicant: Apple Inc.

    Inventor: Jonathan G. McLachlan Julien Lerouge Daniel F. Reynaud

    IPC: G06F12/00 G06F12/02 G06F9/50

    CPC classification number: G06F12/02 G06F9/50 G06F9/5016 G06F21/14 G06F2221/2125

    Abstract: Techniques, methods, systems, and computer-readable media for allocating and managing dynamically obfuscated heap memory allocations are described. In one embodiment a memory manager in a data processing system contains an addressor, to determine a first address of a program object in a first memory address space, and one or more encoders, to abstract memory access to the program object using the first address such that layout of the object data in the first address space differs from the layout of the object in a second address space. In one embodiment, a runtime system modifies object code of an executable file to include encoder routines to abstract memory accesses to data in an obfuscated heap. In one embodiment, a compiler system using an intermediate representation of a high level program generates an intermediate representation of a high level program capable of performing memory writes and memory reads using obfuscation encoder routines.

    Abstract translation: 描述了用于分配和管理动态混淆堆存储器分配的技术,方法,系统和计算机可读介质。 在一个实施例中,数据处理系统中的存储器管理器包含寻址器,用于确定第一存储器地址空间中的程序对象的第一地址和一个或多个编码器,以使用第一地址抽象存储器访问程序对象 第一地址空间中的对象数据的布局与第二地址空间中对象的布局不同。 在一个实施例中,运行时系统修改可执行文件的目标代码以包括编码器例程以抽象对混淆堆中的数据的存储器访问。 在一个实施例中,使用高级程序的中间表示的编译器系统生成能够使用模糊编码器例程执行存储器写入和存储器读取的高级程序的中间表示。

    DYNAMIC OBFUSCATION OF HEAP MEMORY ALLOCATIONS
    8.
    发明申请
    DYNAMIC OBFUSCATION OF HEAP MEMORY ALLOCATIONS 有权
    动态记忆分配的动态障碍

    公开(公告)号:US20140115292A1

    公开(公告)日:2014-04-24

    申请号:US13659878

    申请日:2012-10-24

    Applicant: APPLE INC.

    Inventor: JONATHAN G. MCLACHLAN Julien Lerouge Daniel F. Reynaud

    IPC: G06F12/02

    CPC classification number: G06F12/02 G06F9/50 G06F9/5016 G06F21/14 G06F2221/2125

    Abstract: Techniques, methods, systems, and computer-readable media for allocating and managing dynamically obfuscated heap memory allocations are described. In one embodiment a memory manager in a data processing system contains an addressor, to determine a first address of a program object in a first memory address space, and one or more encoders, to abstract memory access to the program object using the first address such that layout of the object data in the first address space differs from the layout of the object in a second address space. In one embodiment, a runtime system modifies object code of an executable file to include encoder routines to abstract memory accesses to data in an obfuscated heap. In one embodiment, a compiler system using an intermediate representation of a high level program generates an intermediate representation of a high level program capable of performing memory writes and memory reads using obfuscation encoder routines.

    Abstract translation: 描述了用于分配和管理动态混淆堆存储器分配的技术,方法,系统和计算机可读介质。 在一个实施例中,数据处理系统中的存储器管理器包含寻址器,用于确定第一存储器地址空间中的程序对象的第一地址和一个或多个编码器,以使用第一地址抽象存储器访问程序对象 第一地址空间中的对象数据的布局与第二地址空间中对象的布局不同。 在一个实施例中,运行时系统修改可执行文件的目标代码以包括编码器例程以抽象对混淆堆中的数据的存储器访问。 在一个实施例中,使用高级程序的中间表示的编译器系统生成能够使用模糊编码器例程执行存储器写入和存储器读取的高级程序的中间表示。

    OBFUSCATION OF CONTROL FLOW OF SOFTWARE
    9.
    发明申请
    OBFUSCATION OF CONTROL FLOW OF SOFTWARE 有权
    软件控制流的障碍

    公开(公告)号:US20130232323A1

    公开(公告)日:2013-09-05

    申请号:US13656379

    申请日:2012-10-19

    Applicant: APPLE INC

    Inventor: Julien Lerouge Jonathan Gregory McLachlan Daniel F. Reynaud

    IPC: G06F9/38

    CPC classification number: G06F21/14 G06F21/54

    Abstract: Methods, media and systems that obfuscate control flow in software programs. The obfuscation can impede or prevent static flow analysis of a software program's control flow. In one embodiment, a method, performed by a data processing system, identifies each branch point in a set of branch points in a first version of software and replaces, in each branch point in the set, a representation of a target of the branch point with a computed value that depends upon at least one prior computed value in a stream of instructions in the first version of software. Other embodiments are also described.

    Abstract translation: 在软件程序中混淆控制流的方法,媒体和系统。 混淆可能阻碍或防止软件程序控制流的静态流分析。 在一个实施例中,由数据处理系统执行的方法识别软件的第一版本中的一组分支点中的每个分支点,并在组中的每个分支点中替换分支点的目标的表示 具有取决于软件的第一版本中的指令流中的至少一个先前计算值的计算值。 还描述了其它实施例。

Patent Agency Ranking