公开(公告)号：US10025597B2

公开(公告)日：2018-07-17

申请号：US14992798

申请日：2016-01-11

Applicant: Apple Inc

Inventor： Dallas Blake De Atley ,  Gordon Freedman ,  Thomas Brogan Duffy, Jr. ,  Tahoma Madrone Toelkes ,  Michael John Smith ,  Paul William Chinn ,  David Rahardja

IPC: H04L9/00 ,  G06F9/4401 ,  H04L9/08 ,  H04L9/12 ,  H04L9/32 ,  G06F21/60 ,  H04L9/30 ,  H04W12/04 ,  H04W12/02 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

公开(公告)号：US09811381B2

公开(公告)日：2017-11-07

申请号：US15219052

申请日：2016-07-25

Applicant: Apple Inc.

Inventor： Jussi-Pekka Mantere, III ,  Alexander Tony Maluta ,  John William Scalo ,  Eugene Ray Tyacke ,  Bruce Gaya ,  Michael John Smith ,  Peter Kiehtreiber ,  Simon P. Cooper

IPC: H04L29/00 ,  G06F9/50 ,  H04L29/06 ,  G06F21/60 ,  G06F9/54 ,  G06F21/44

CPC classification number: G06F9/5005 ,  G06F9/54 ,  G06F21/44 ,  G06F21/602 ,  H04L63/104

Abstract: Resource restrictions are associated with a user identifier. A resource restriction agent receives operating system calls related for resources and provides resource request data to a resource agent. The resource agent determines whether the resource is restricted based on the resource request data and resource restriction data and generates access data based on the determination. The resource restriction agent grants or denies the system call based on the access data.

公开(公告)号：US20170083370A1

公开(公告)日：2017-03-23

申请号：US15219052

申请日：2016-07-25

Applicant: Apple Inc.

Inventor： Jussi-Pekka Mantere, III ,  Alexander Tony Maluta ,  John William Scalo ,  Eugene Ray Tyacke ,  Bruce Gaya ,  Michael John Smith ,  Peter Kiehtreiber ,  Simon P. Cooper

IPC: G06F9/50 ,  G06F9/54 ,  G06F21/44

CPC classification number: G06F9/5005 ,  G06F9/54 ,  G06F21/44 ,  G06F21/602 ,  H04L63/104

Abstract: Resource restrictions are associated with a user identifier. A resource restriction agent receives operating system calls related for resources and provides resource request data to a resource agent. The resource agent determines whether the resource is restricted based on the resource request data and resource restriction data and generates access data based on the determination. The resource restriction agent grants or denies the system call based on the access data.

公开(公告)号：US09400688B2

公开(公告)日：2016-07-26

申请号：US14491970

申请日：2014-09-19

Applicant: Apple Inc.

Inventor： Jussi-Pekka Mantere, III ,  Alexander Tony Maluta ,  John William Scalo ,  Eugene Ray Tyacke ,  Bruce Gaya ,  Michael John Smith ,  Peter Kiehtreiber ,  Simon P. Cooper

IPC: H04L29/00 ,  G06F9/50 ,  H04L29/06 ,  G06F21/60 ,  G06F9/54

CPC classification number: G06F9/5005 ,  G06F9/54 ,  G06F21/44 ,  G06F21/602 ,  H04L63/104

Abstract: Resource restrictions are associated with a user identifier. A resource restriction agent receives operating system calls related for resources and provides resource request data to a resource agent. The resource agent determines whether the resource is restricted based on the resource request data and resource restriction data and generates access data based on the determination. The resource restriction agent grants or denies the system call based on the access data.

公开(公告)号：US09237016B2

公开(公告)日：2016-01-12

申请号：US14299359

申请日：2014-06-09

Applicant: Apple Inc

Inventor： Dallas Blake De Atley ,  Gordon Freedman ,  Thomas Brogan Duffy, Jr. ,  Tahoma Madrone Toelkes ,  Michael John Smith ,  Paul William Chinn ,  David Rahardja

IPC: H04L9/30 ,  H04L9/12 ,  H04L9/08 ,  G06F11/30 ,  H04L9/32 ,  G06F21/60 ,  G06F9/44 ,  H04W12/04 ,  H04W12/02 ,  H04W12/06

CPC classification number: G06F9/4406 ,  G06F9/4401 ,  G06F21/602 ,  H04L9/0816 ,  H04L9/0891 ,  H04L9/0894 ,  H04L9/12 ,  H04L9/30 ,  H04L9/3226 ,  H04L2209/80 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

公开(公告)号：US08874905B2

公开(公告)日：2014-10-28

申请号：US13729014

申请日：2012-12-27

Applicant: Apple Inc.

Inventor： Jussi-Pekka Mantere, III ,  Alexander Tony Maluta ,  John William Scalo ,  Eugene Ray Tyacke ,  Bruce Gaya ,  Michael John Smith ,  Peter Kiehtreiber ,  Simon P. Cooper

IPC: H04L29/00 ,  H04L29/06 ,  G06F21/60

CPC classification number: G06F9/5005 ,  G06F9/54 ,  G06F21/44 ,  G06F21/602 ,  H04L63/104

Abstract: Resource restrictions are associated with a user identifier. A resource restriction agent receives operating system calls related for resources and provides resource request data to a resource agent. The resource agent determines whether the resource is restricted based on the resource request data and resource restriction data and generates access data based on the determination. The resource restriction agent grants or denies the system call based on the access data.

Abstract translation: 资源限制与用户标识符相关联。 资源限制代理接收与资源相关的操作系统调用，并向资源代理提供资源请求数据。 资源代理基于资源请求数据和资源限制数据确定资源是否被限制，并且基于该确定生成访问数据。 资源限制代理根据访问数据授予或拒绝系统调用。

公开(公告)号：US20140164661A1

公开(公告)日：2014-06-12

申请号：US14159705

申请日：2014-01-21

Applicant: Apple Inc.

Inventor： Joshua P. de Cesare ,  Bernard Joseph Semeria ,  Michael John Smith

IPC: G06F1/32 ,  G06F13/24

CPC classification number: G06F1/3287 ,  G06F9/4825 ,  G06F13/24 ,  G06F13/36 ,  Y02D10/14 ,  Y02D10/24

Abstract: Data processing systems with interrupts and methods for operating such data processing systems and machine readable media for causing such methods and containing executable program instructions. In one embodiment, an exemplary data processing system includes a processing system, an interrupt controller coupled to the processing system and a timer circuit which is coupled to the interrupt controller. The interrupt controller is configured to provide a first interrupt signal and a second interrupt signal to the processing system. The processing system is configured to maintain a data structure (such as, e.g., a list) of time-related events for a plurality of processes, and the processing system is configured to calise the entry of a value, representing a period of time, into the timer circuit. The timer circuit is configured to cause an assertion of the first interrupt signal in response to an expiration of the time period.

Abstract translation: 具有中断的数据处理系统和用于操作这种数据处理系统的方法和用于引起这种方法并包含可执行程序指令的机器可读介质。 在一个实施例中，示例性数据处理系统包括处理系统，耦合到处理系统的中断控制器和耦合到中断控制器的定时器电路。 中断控制器被配置为向处理系统提供第一中断信号和第二中断信号。 处理系统被配置为维持多个进程的时间相关事件的数据结构（例如，列表），并且处理系统被配置为对代表一段时间的值的输入进行加密， 进入定时器电路。 定时器电路被配置为响应于该时间段的到期而导致第一中断信号的断言。

公开(公告)号：US11263020B2

公开(公告)日：2022-03-01

申请号：US16017940

申请日：2018-06-25

Applicant: Apple Inc.

Inventor： Dallas Blake De Atley ,  Gordon Freedman ,  Thomas Brogan Duffy, Jr. ,  Tahoma Madrone Toelkes ,  Michael John Smith ,  Paul William Chinn ,  David Rahardja

IPC: G06F9/4401 ,  H04L9/08 ,  H04W12/04 ,  H04L9/12 ,  H04L9/32 ,  H04W12/082 ,  G06F21/60 ,  H04L9/30 ,  H04W12/02 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

公开(公告)号：US20150020077A1

公开(公告)日：2015-01-15

申请号：US14491970

申请日：2014-09-19

Applicant: Apple Inc.

Inventor： Jussi-Pekka Mantere, III ,  Alexander Tony Maluta ,  John William Scalo ,  Eugene Ray Tyacke ,  Bruce Gaya ,  Michael John Smith ,  Peter Kiehtreiber ,  Simon P. Cooper

IPC: G06F9/50 ,  G06F9/54

CPC classification number: G06F9/5005 ,  G06F9/54 ,  G06F21/44 ,  G06F21/602 ,  H04L63/104

Abstract: Resource restrictions are associated with a user identifier. A resource restriction agent receives operating system calls related for resources and provides resource request data to a resource agent. The resource agent determines whether the resource is restricted based on the resource request data and resource restriction data and generates access data based on the determination. The resource restriction agent grants or denies the system call based on the access data.

Abstract translation: 资源限制与用户标识符相关联。 资源限制代理接收与资源相关的操作系统调用，并向资源代理提供资源请求数据。 资源代理基于资源请求数据和资源限制数据确定资源是否被限制，并且基于该确定生成访问数据。 资源限制代理根据访问数据授予或拒绝系统调用。

公开(公告)号：US08756419B2

公开(公告)日：2014-06-17

申请号：US13941373

申请日：2013-07-12

Applicant: Apple Inc.

Inventor： Dallas Blake De Atley ,  Gordon Freedman ,  Thomas Brogan Duffy, Jr. ,  Tahoma Madrone Toelkes ,  Michael John Smith ,  Paul William Chinn ,  David Rahardja

IPC: H04L29/06 ,  G06F11/30 ,  G06F7/04

CPC classification number: G06F9/4406 ,  G06F9/4401 ,  G06F21/602 ,  H04L9/0816 ,  H04L9/0891 ,  H04L9/0894 ,  H04L9/12 ,  H04L9/30 ,  H04L9/3226 ,  H04L2209/80 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.

Abstract translation: 这里公开了用于擦除存储在文件系统中的用户数据的系统，方法和非暂时的计算机可读存储介质。 该方法包括在具有每个文件和每个类基础上加密的文件系统的设备上破坏包含加密密钥的所有密钥袋，擦除和重建与用户数据相关联的文件系统的至少一部分，以及创建新的默认密钥袋， 加密密钥。 本文还公开了一种擦除存储在以每个文件和每个类为基础加密的远程文件系统中的用户数据的方法。 该方法包括向远程设备发送闭塞指令，这导致远程设备破坏包含远程设备上的加密密钥的所有密钥袋，擦除并重建与用户数据相关联的文件系统的至少一部分，并在远程设备上创建 一个包含加密密钥的新的默认密钥袋。