-
公开(公告)号:US11017109B1
公开(公告)日:2021-05-25
申请号:US16404538
申请日:2019-05-06
Applicant: Apple Inc.
Inventor: Kelly B. Yancey , Richard J. Cooper , Richard L. Hagy , Pierre-Olivier Martel , David P. Remahl , Jonathan A. Zdziarski
Abstract: Embodiments described herein provide techniques to limit programmatic access to privacy related user data and system resources for applications that execute outside of a sandbox or other restricted operating environment while enabling a user to grant additional access to those applications via prompts presented to the user via a graphical interface. In a further embodiment, techniques are applied to limit the frequency in which a user is prompted by learning the types of files or resources to which a user is likely to permit or deny access.
-
公开(公告)号:US10032041B2
公开(公告)日:2018-07-24
申请号:US14874224
申请日:2015-10-02
Applicant: Apple Inc.
Inventor: Pierre-Olivier Martel , Austin G. Jennings
Abstract: Techniques for restricting access to a storage volume attached to a data processing system are described. In one embodiment, a storage management and access control logic in the data processing system can receive a message indicating the attachment of a storage volume. The logic can apply access restrictions to the storage volume by creating an association between a restricted resource class and the storage volume to limit programmatic access to the storage volume. An evaluation of the storage volume can be requested and based on the result of the evaluation the access restrictions can be removed or retained on the storage volume.
-
公开(公告)号:US20170201550A1
公开(公告)日:2017-07-13
申请号:US15274880
申请日:2016-09-23
Applicant: Apple Inc.
Inventor: Wade Benson , David M. O'Rourke , Michael D. Santos , Gopi K. Rangaswamy , Selvarajan Subramaniam , Timothy P. Hannon , Pierre-Olivier Martel , Raghu Pai , Andrew R. Whalley , Michael Brouwer
IPC: H04L29/06
CPC classification number: H04L63/0815 , G06F21/41
Abstract: Techniques are disclosed relating to accessing credential information on multiple devices. In one embodiment, a computer system is disclosed that includes one or processors and memory having program instructions stored therein that are executable by the one or more processors to cause the computer system to perform operations. The operations include storing registration information identifying a plurality of devices as being registered to an organization and receiving, over a network from a first device, a request for credential information of a first of a plurality of users associated with the organization. The operations further include authenticating the first request, including verifying that the first device is being used by the first user and determining, based on the registration information, whether the first device is one of the plurality of devices. The operations include granting or denying the first request for the credential information based on the authenticating.
-
公开(公告)号:US20160357983A1
公开(公告)日:2016-12-08
申请号:US14874224
申请日:2015-10-02
Applicant: Apple Inc.
Inventor: Pierre-Olivier Martel , Austin G. Jennings
CPC classification number: G06F21/6218 , G06F9/545
Abstract: Techniques for restricting access to a storage volume attached to a data processing system are described. In one embodiment, a storage management and access control logic in the data processing system can receive a message indicating the attachment of a storage volume. The logic can apply access restrictions to the storage volume by creating an association between a restricted resource class and the storage volume to limit programmatic access to the storage volume. An evaluation of the storage volume can be requested and based on the result of the evaluation the access restrictions can be removed or retained on the storage volume.
Abstract translation: 描述了用于限制对连接到数据处理系统的存储卷的访问的技术。 在一个实施例中,数据处理系统中的存储管理和访问控制逻辑可以接收指示存储卷的附着的消息。 逻辑可以通过创建受限资源类和存储卷之间的关联来限制对存储卷的访问限制,以限制对存储卷的编程访问。 可以请求对存储卷的评估,并且基于评估结果,访问限制可被移除或保留在存储卷上。
-
-
-
Search Results
4
records
(took 0.023 seconds)
