公开(公告)号：US20190171465A1

公开(公告)日：2019-06-06

申请号：US16264478

申请日：2019-01-31

Applicant: Apple Inc.

Inventor： Wade BENSON ,  Marc J. KROCHMAL ,  Alexander R. LEDWITH ,  John IAROCCI ,  Jerrold V. HAUCK ,  Michael BROUWER ,  Mitchell D. ADLER ,  Yannick L. SIERRA

IPC: G06F9/445 ,  H04L29/06 ,  H04L9/08 ,  H04W12/08 ,  H04L9/14 ,  H04L9/32 ,  H04W12/06 ,  H04W12/04

Abstract: Some embodiments of the invention provide a method for a trusted (or originator) device to modify the security state of a target device (e.g., unlocking the device) based on a securing ranging operation (e.g., determining a distance, proximity, etc.). The method of some embodiments exchanges messages as a part of a ranging operation in order to determine whether the trusted and target devices are within a specified range of each other before allowing the trusted device to modify the security state of the target device. In some embodiments, the messages are derived by both devices based on a shared secret and are used to verify the source of ranging signals used for the ranging operation. In some embodiments, the method is performed using multiple different frequency bands.

公开(公告)号：US20180276367A1

公开(公告)日：2018-09-27

申请号：US15996413

申请日：2018-06-01

Applicant: Apple Inc.

Inventor： Wade BENSON ,  Alexander R. LEDWITH ,  Marc J. KROCHMAL ,  John J. IAROCCI ,  Jerrold V. HAUCK ,  Michael BROUWER ,  Mitchell D. ADLER ,  Yannick L. SIERRA ,  Libor SYKORA

IPC: G06F21/36 ,  G06F21/34 ,  H04W4/02 ,  H04W4/80 ,  H04W12/06

CPC classification number: G06F21/36 ,  G06F21/34 ,  H04W4/02 ,  H04W4/80 ,  H04W12/00503 ,  H04W12/06 ,  H04W12/0802

Abstract: In some embodiments, a first device performs ranging operations to allow a user to access the first device under one of several user accounts without providing device-access credentials. For example, when a second device is within a first distance of the first device, the first device determines that the second device is associated with a first user account under which a user can access (e.g., can log into) the first device. In response to the determination, the first device enables at least one substitute interaction (e.g., a password-less UI interaction) to allow the first device to be accessed without receiving access credentials through a user interface. In response to detecting an occurrence of the substitute interaction, the user is allowed to access the first device under the first user account. In some embodiments, the substitute interaction occurs while the first device is logged into under a second user account.

公开(公告)号：US20190272101A1

公开(公告)日：2019-09-05

申请号：US16250890

申请日：2019-01-17

Applicant: Apple Inc.

Inventor： Mitchell D. ADLER ,  Michael BROUWER ,  Andrew R. WHALLEY ,  John C. HURLEY ,  Richard F. MURPHY ,  David P. FINKELSTEIN

IPC: G06F3/06 ,  G06Q90/00 ,  H04L9/32 ,  G06Q10/10 ,  G06Q10/06 ,  H04W4/08 ,  H04L29/08

Abstract: Some embodiments provide a method for a first device to synchronize a set of data items with a second device. The method receives a request to synchronize the set of data items stored on the first device with the second device. The method determines a subset of the synchronization data items stored on the first device that belong to at least one synchronization sub-group in which the second device participates. Participation in at least one of the synchronization sub-groups is defined based on membership in at least one verification sub-group. The first and second devices are part of a set of related devices with several different verification sub-groups. The method sends only the subset of the synchronization data items that belong to at least one synchronization sub-group in which the second device participates to the second device using a secure channel.

公开(公告)号：US20230259276A1

公开(公告)日：2023-08-17

申请号：US18304309

申请日：2023-04-20

Applicant: Apple Inc.

Inventor： Mitchell D. ADLER ,  Michael BROUWER ,  Andrew R. WHALLEY ,  John C. HURLEY ,  Richard F. MURPHY ,  David P. FINKELSTEIN

IPC: G06F3/06 ,  H04L67/1095 ,  H04W4/08 ,  H04L9/32 ,  G06Q90/00 ,  G06Q10/06 ,  G06Q10/10

CPC classification number: G06F3/0604 ,  H04L67/1095 ,  H04W4/08 ,  H04L9/3268 ,  G06Q90/00 ,  G06Q10/06 ,  G06Q10/10 ,  G06F3/065 ,  G06F3/0683 ,  H04L67/1044

Abstract: Some embodiments provide a method for a first device that identifies definitions of different groups of devices, each of which is defined by a set of properties required for a device to be a member. The method monitors properties of the first device to determine when the device is eligible for membership in a group. When the first device is eligible for membership in a first group of which the device is not a member, the method sends an application for membership in the first group signed with at least a private key of the device to at least one other device that is a member of the first group. When the first device becomes ineligible for membership in a second group of which the first device is a member, the method removes the device from the second group and notifies other devices that are members of the second group.

公开(公告)号：US20190318074A1

公开(公告)日：2019-10-17

申请号：US16388831

申请日：2019-04-18

Applicant: Apple Inc.

Inventor： Alexander R. LEDWITH ,  Wade BENSON ,  Marc J. KROCHMAL ,  John J. IAROCCI ,  Jerrold V. HAUCK ,  Michael BROUWER ,  Mitchell D. ADLER ,  Yannick L. SIERRA ,  Libor SYKORA ,  Jiri MARGARITOV

IPC: G06F21/34 ,  H04W12/00 ,  G06F1/16

Abstract: In some embodiments, a first device performs ranging operations to allow a user to perform one or more operations on the first device without providing device-access credentials. For example, when a second device is within a first distance of the first device, the first device determines that the second device is associated with a first user account that is authorized to perform operations on the first device. In response to the determination, the first device enables at least one substitute interaction (e.g., a password-less UI interaction) to allow the operations to be performed on the first device to be accessed without receiving access credentials through a user interface. In response to detecting an occurrence of the substitute interaction, the operation is authorized on the first device.

公开(公告)号：US20230300122A1

公开(公告)日：2023-09-21

申请号：US18107982

申请日：2023-02-09

Applicant: Apple Inc.

Inventor： Wade BENSON ,  Marc J. KROCHMAL ,  Alexander R. LEDWITH ,  John IAROCCI ,  Jerrold V. HAUCK ,  Michael BROUWER ,  Mitchell D. ADLER ,  Yannick L. SIERRA

IPC: H04L9/40 ,  H04W12/041 ,  H04W12/086 ,  H04W12/0431 ,  G06F9/445 ,  H04W12/06 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32

CPC classification number: H04L63/08 ,  H04L63/107 ,  H04L63/1466 ,  H04W12/041 ,  H04W12/086 ,  H04W12/0431 ,  G06F9/44505 ,  H04L63/06 ,  H04L63/083 ,  H04W12/06 ,  H04L9/0822 ,  H04L9/085 ,  H04L9/0894 ,  H04L9/14 ,  H04L9/3226 ,  H04L63/0428 ,  H04L63/108 ,  H04L2209/80

Abstract: Some embodiments of the invention provide a method for a trusted (or originator) device to modify the security state of a target device (e.g., unlocking the device) based on a securing ranging operation (e.g., determining a distance, proximity, etc.). The method of some embodiments exchanges messages as a part of a ranging operation in order to to determine whether the trusted and target devices are within a specified range of each other before allowing the trusted device to modify the security state of the target device. In some embodiments, the messages are derived by both devices based on a shared secret and are used to verify the source of ranging signals used for the ranging operation. In some embodiments, the method is performed using multiple different frequency bands.

公开(公告)号：US20190273729A1

公开(公告)日：2019-09-05

申请号：US16184952

申请日：2018-11-08

Applicant: Apple Inc.

Inventor： Mitchell D. ADLER ,  Michael BROUWER ,  Dallas DE ATLEY

IPC: H04L29/06 ,  H04L12/44 ,  G06F16/178 ,  H04W84/18 ,  H04L29/08

Abstract: Some embodiments provide non-transitory machine-readable medium that stores a program which when executed by at least one processing unit of a device synchronizes a set of keychains stored on the device with a set of other devices. The device and the set of other devices are communicatively coupled to one another through a peer-to-peer (P2P) network. The program receives a modification to a keychain in the set of keychains stored on the device. The program generates an update request for each device in the set of other devices in order to synchronize the set of keychains stored on device with the set of other devices. The program transmits through the P2P network the set of update requests to the set of other devices over a set of separate, secure communication channels.