Invention Grant
- Patent Title: Methods for restricting resources used by a program based on entitlements
- Patent Title (中): 基于权利限制程序使用的资源的方法
-
Application No.: US13922188Application Date: 2013-06-19
-
Publication No.: US09280644B2Publication Date: 2016-03-08
- Inventor: Ivan Krstić , Austin G. Jennings , Richard L. Hagy
- Applicant: Apple Inc.
- Applicant Address: US CA Cupertino
- Assignee: Apple Inc.
- Current Assignee: Apple Inc.
- Current Assignee Address: US CA Cupertino
- Agency: Blakely, Sokoloff, Taylor & Zafman LLP
- Main IPC: G06F9/46
- IPC: G06F9/46 ; G06F9/455 ; G06F21/10 ; G06F21/51 ; G06F21/53 ; G06F21/62
Abstract:
In response to a request for launching a program, a list of one or more application frameworks to be accessed by the program during execution of the program is determined. Zero or more entitlements representing one or more resources entitled by the program during the execution are determined. A set of one or more rules based on the entitlements of the program is obtained from at least one of the application frameworks. The set of one or more rules specifies one or more constraints of resources associated with the at least one application framework. A security profile is dynamically compiled for the program based on the set of one or more rules associated with the at least one application framework. The compiled security profile is used to restrict the program from accessing at least one resource of the at least one application frameworks during the execution of the program.
Public/Granted literature
- US20130283344A1 METHODS FOR RESTRICTING RESOURCES USED BY A PROGRAM BASED ON ENTITLEMENTS Public/Granted day:2013-10-24
Information query
