公开(公告)号：WO2021262600A1

公开(公告)日：2021-12-30

申请号：PCT/US2021/038259

申请日：2021-06-21

Applicant: APPLE INC.

Inventor： KRSTIC, Ivan ,  SORRESSO, Damien P. ,  REMAHL, David P. ,  LISKIN, Elliot C. ,  HOGG, Justin S. ,  LINDEMAN, Kevin J. ,  BALLARD, Lucia E. ,  CIRCOSTA, Nicholas J. ,  COOPER, Richard J. ,  WILLIAMS, Ryan A. ,  VITTITOE, Steven C. ,  RIGGLE, Zachariah J. ,  WHITEHEAD, Andrew T. ,  METCALFE, Patrick R.

IPC: G06F21/53 ,  G06F21/56 ,  H04L12/58 ,  H04L29/06 ,  G06F9/455 ,  G06F12/14 ,  G06F21/79 ,  G06F2009/45583 ,  G06F21/566 ,  G06F2212/1052 ,  H04L51/12 ,  H04L63/0227 ,  H04L63/0245 ,  H04L63/0428 ,  H04L63/1416 ,  H04L63/1466

Abstract: The subject disclosure provides systems and methods for application-specific network data filtering. Application-specific network data filtering may be performed by a sandboxed process prior to providing the network data to an application to which the network data is directed. Any malicious or otherwise potentially harmful data that is included in the network data may be removed by the application-specific network data filter or may be allowed to corrupt the application specific network data filtering operations within the sandbox, thereby preventing the malicious or harmful data from affecting the application or other portions of an electronic device. In one or more implementations, a first process such as an application-specific network data filtering process may request allocation of memory for the first process from second process, such as an application, that is separate from a memory manager of the electronic device.

公开(公告)号：WO2019027503A1

公开(公告)日：2019-02-07

申请号：PCT/US2018/015498

申请日：2018-01-26

Applicant: APPLE INC.

Inventor： BALLARD, Lucia E. ,  HAUCK, Jerrold V. ,  PRAKASH, Deepti Sunder ,  TANG, Feng ,  LITTWIN, Etai ,  VASU, Pavan Kumar Anasosalu ,  LITTWIN, Gideon ,  GERNOTH, Thorsten ,  KUCEROVA, Lucie ,  KOSTKA, Petr ,  HOTELLING, Steve ,  HIRSH, Eitan ,  KAITZ, Tal ,  POKRASS, Jonathan ,  KOLIN, Andrei ,  LAIFENFELD, Moshe ,  WALDON, Matthew C. ,  MENSCH, Thomas P. ,  YOUNGS, Lynn ,  ZELEZNIK, Chris ,  MALONE, Michael ,  HENDEL, Ziv ,  KRSTIC, Ivan ,  SHARMA, Anup K.

IPC: G06K9/20 ,  G06K9/00

Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.