中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

86 records (took 0.029 seconds)

    EFFICIENT SECURE INSTANT MESSAGING
    41.
    发明申请
    EFFICIENT SECURE INSTANT MESSAGING 审中-公开
    高效安全即时消息

    公开(公告)号:US20150350247A1

    公开(公告)日:2015-12-03

    申请号:US14477564

    申请日:2014-09-04

    Applicant: Apple Inc.

    Inventor: Mitchell D. Adler Michael L.H. Brouwer Conrad Sauerwald

    IPC: H04L29/06 H04L12/58

    CPC classification number: H04L63/166 H04L51/04 H04L63/0428 H04L63/061 H04L63/18

    Abstract: A method and apparatus of a device that enables a user to participate in a secure instant messaging session by starting with a low security connection before switching to a high security connection is described. The device concurrently establishes a low security connection and a high security connection with a remote participant of the secure instant messaging session. The device sends a first message to the remote participant through the low security connection while the high security connection is being established. The device further determines whether the high security connection is established. If the high security connection is established, the device can send a second message to the remote participant through the high security connection. If the high security connection is not yet established, the device can send the second message to the remote participant through the low security connection.

    Abstract translation: 描述了一种设备的方法和装置,其使得用户能够在切换到高安全性连接之前以低安全性连接开始参与安全即时消息收发会话。 该设备同时建立与安全即时消息传递会话的远程参与者的低安全性连接和高安全性连接。 当建立高安全性连接时,设备通过低安全性连接向远程参与者发送第一条消息。 设备进一步确定高安全性连接是否建立。 如果建立了高安全性连接,则设备可以通过高安全性连接向远程参与者发送第二条消息。 如果高安全性连接尚未建立,则设备可以通过低安全性连接将第二条消息发送给远程参与者。

    SECURE PROVISIONING OF CREDENTIALS ON AN ELECTRONIC DEVICE
    43.
    发明申请
    SECURE PROVISIONING OF CREDENTIALS ON AN ELECTRONIC DEVICE 审中-公开
    在电子设备上安全提供证书

    公开(公告)号:US20150058191A1

    公开(公告)日:2015-02-26

    申请号:US14092205

    申请日:2013-11-27

    Applicant: Apple Inc.

    Inventor: Ahmer A. Khan David T. Haggerty George R. Dicker Jerrold V. Hauck Joakim Linde Mitchell D. Adler Zachary A. Rosen Yousuf H. Vaid Christopher Sharp

    IPC: G06Q20/42 G06Q20/40

    CPC classification number: G06Q20/42 G06F21/35 G06Q20/32 G06Q20/3226 G06Q20/40 G06Q20/4016

    Abstract: Systems, methods, and computer-readable media for provisioning credentials on an electronic device are provided. In one example embodiment, a secure platform system may be in communication with an electronic device and a financial institution subsystem. The secure platform system may be configured to, inter alia, receive user account information from the electronic device, authenticate a user account with a commercial entity using the received user account information, detect a commerce credential associated with the authenticated user account, run a commercial entity fraud check on the detected commerce credential, commission the financial institution subsystem to run a financial entity fraud check on the detected commerce credential based on the results of the commercial entity fraud check, and facilitate provisioning of the detected commerce credential on the electronic device based on the results of the financial entity fraud check. Additional embodiments are also provided.

    Abstract translation: 提供了用于在电子设备上提供凭证的系统,方法和计算机可读介质。 在一个示例性实施例中,安全平台系统可以与电子设备和金融机构子系统通信。 安全平台系统可以被配置为特别地从电子设备接收用户帐户信息,使用接收到的用户帐户信息向商业实体验证用户帐户,检测与经认证的用户帐户相关联的商业凭证,运行商业广告 实体欺诈检查检测到的商业凭证,委托金融机构子系统根据商业实体欺诈检查的结果对检测到的商业凭证进行金融实体欺诈检查,并促进在电子设备上提供检测到的商业凭证 关于金融实体欺诈检查的结果。 还提供了另外的实施例。

    Key Management Using Security Enclave Processor
    44.
    发明申请
    Key Management Using Security Enclave Processor 审中-公开
    使用安全处理器进行密钥管理

    公开(公告)号:US20150010148A1

    公开(公告)日:2015-01-08

    申请号:US14493458

    申请日:2014-09-23

    Applicant: Apple Inc.

    Inventor: R. Stephen Polzin Fabrice L. Gautier Mitchell D. Adler Conrad Sauerwald Michael L. H. Brouwer

    IPC: H04L9/08

    CPC classification number: H04L9/0861 G06F21/72 G09C1/00 H04L9/0822 H04L9/0897 H04L2209/24

    Abstract: An SOC implements a security enclave processor (SEP). The SEP may include a processor and one or more security peripherals. The SEP may be isolated from the rest of the SOC (e.g. one or more central processing units (CPUs) in the SOC, or application processors (APs) in the SOC). Access to the SEP may be strictly controlled by hardware. For example, a mechanism in which the CPUs/APs can only access a mailbox location in the SEP is described. The CPU/AP may write a message to the mailbox, which the SEP may read and respond to. The SEP may include one or more of the following in some embodiments: secure key management using wrapping keys, SEP control of boot and/or power management, and separate trust zones in memory.

    Abstract translation: SOC实现安全飞地处理器(SEP)。 SEP可以包括处理器和一个或多个安全外设。 SEP可以与SOC的其余部分隔离(例如SOC中的一个或多个中央处理单元(CPU),或SOC中的应用处理器(AP))。 对SEP的访问可以由硬件严格控制。 例如,描述了CPU / AP仅能访问SEP中的邮箱位置的机制。 CPU / AP可以向邮箱写入消息,SEP可以读取并响应。 在一些实施例中,SEP可以包括以下一个或多个:使用包装密钥的安全密钥管理,引导和/或电源管理的SEP控制以及存储器中的单独的信任区域。

    Key management using security enclave processor
    45.
    发明授权
    Key management using security enclave processor 有权
    密钥管理使用安全飞地处理器

    公开(公告)号:US08873747B2

    公开(公告)日:2014-10-28

    申请号:US13626476

    申请日:2012-09-25

    Applicant: Apple Inc.

    Inventor: R. Stephen Polzin Fabrice L. Gautier Mitchell D. Adler Conrad Sauerwald Michael L. H. Brouwer

    IPC: H04L29/06 H04L9/08 G06F21/72

    CPC classification number: H04L9/0861 G06F21/72 G09C1/00 H04L9/0822 H04L9/0897 H04L2209/24

    Abstract: An SOC implements a security enclave processor (SEP). The SEP may include a processor and one or more security peripherals. The SEP may be isolated from the rest of the SOC (e.g. one or more central processing units (CPUs) in the SOC, or application processors (APs) in the SOC). Access to the SEP may be strictly controlled by hardware. For example, a mechanism in which the CPUs/APs can only access a mailbox location in the SEP is described. The CPU/AP may write a message to the mailbox, which the SEP may read and respond to. The SEP may include one or more of the following in some embodiments: secure key management using wrapping keys, SEP control of boot and/or power management, and separate trust zones in memory.

    Abstract translation: SOC实现安全飞地处理器(SEP)。 SEP可以包括处理器和一个或多个安全外设。 SEP可以与SOC的其余部分隔离(例如SOC中的一个或多个中央处理单元(CPU),或SOC中的应用处理器(AP))。 对SEP的访问可以由硬件严格控制。 例如,描述了CPU / AP仅能访问SEP中的邮箱位置的机制。 CPU / AP可以向邮箱写入消息,SEP可以读取并响应。 在一些实施例中,SEP可以包括以下一个或多个:使用包装密钥的安全密钥管理,引导和/或电源管理的SEP控制以及存储器中的单独的信任区域。

    Security Enclave Processor Boot Control
    46.
    发明申请
    Security Enclave Processor Boot Control 有权
    安全处理器启动控制

    公开(公告)号:US20140089650A1

    公开(公告)日:2014-03-27

    申请号:US13626585

    申请日:2012-09-25

    Applicant: APPLE INC.

    Inventor: R. Stephen Polzin Fabrice L. Gautier Mitchell D. Adler Timothy R. Paaske Michael J. Smith

    IPC: G06F15/177

    CPC classification number: G06F21/575 G06F1/24 G06F9/24 G06F9/4401 G06F9/44505 G06F12/14 G06F15/167 G06F21/00 G06F21/572 G06F21/60 G06F21/74 G06F21/76 G06F21/81

    Abstract: An SOC implements a security enclave processor (SEP). The SEP may include a processor and one or more security peripherals. The SEP may be isolated from the rest of the SOC (e.g. one or more central processing units (CPUs) in the SOC, or application processors (APs) in the SOC). Access to the SEP may be strictly controlled by hardware. For example, a mechanism in which the CPUs/APs can only access a mailbox location in the SEP is described. The CPU/AP may write a message to the mailbox, which the SEP may read and respond to. The SEP may include one or more of the following in some embodiments: secure key management using wrapping keys, SEP control of boot and/or power management, and separate trust zones in memory.

    Abstract translation: SOC实现安全飞地处理器(SEP)。 SEP可以包括处理器和一个或多个安全外设。 SEP可以与SOC的其余部分隔离(例如SOC中的一个或多个中央处理单元(CPU),或SOC中的应用处理器(AP))。 对SEP的访问可以由硬件严格控制。 例如,描述了CPU / AP仅能访问SEP中的邮箱位置的机制。 CPU / AP可以向邮箱写入消息,SEP可以读取并响应。 在一些实施例中,SEP可以包括以下一个或多个:使用包装密钥的安全密钥管理,引导和/或电源管理的SEP控制以及存储器中的单独的信任区域。

    Distribution and recovery of a user secret
    48.
    发明授权
    Distribution and recovery of a user secret 有权

    公开(公告)号:US11057210B1

    公开(公告)日:2021-07-06

    申请号:US16550836

    申请日:2019-08-26

    Applicant: Apple Inc.

    Inventor: Yannick L. Sierra Mitchell D. Adler

    IPC: H04L9/08 H04L9/32 H04L9/30

    Abstract: A user device can segment a secret (e.g., a data recovery key) into a master segment and a shared segment such that possession of both segments is necessary and sufficient to reconstruct the secret. The user device can provide the master segment to a server system. The user device can further segment the shared segment to generate a set of M shares such that any subset of the shares that includes at least a threshold number t of the shares can be used to reconstruct the shared segment, while fewer than t shares provide no information about the shared segment. The M shares can be distributed to shareholder devices. To reconstruct the secret, a recovery device can obtain the master segment and at least t of the M shares, then reconstruct the secret.

    Keychain syncing
    49.
    发明授权
    Keychain syncing 有权

    公开(公告)号:US10771545B2

    公开(公告)日:2020-09-08

    申请号:US16184952

    申请日:2018-11-08

    Applicant: Apple Inc.

    Inventor: Mitchell D. Adler Michael Brouwer Dallas De Atley

    IPC: H04L29/06 H04L29/08 H04L12/18 G06F16/27 H04L9/12 H04L9/32 G06F16/178 H04L12/44 H04W84/18 G06F17/30

    Abstract: Some embodiments provide non-transitory machine-readable medium that stores a program which when executed by at least one processing unit of a device synchronizes a set of keychains stored on the device with a set of other devices. The device and the set of other devices are communicatively coupled to one another through a peer-to-peer (P2P) network. The program receives a modification to a keychain in the set of keychains stored on the device. The program generates an update request for each device in the set of other devices in order to synchronize the set of keychains stored on device with the set of other devices. The program transmits through the P2P network the set of update requests to the set of other devices over a set of separate, secure communication channels.

    Secure escrow service
    50.
    发明授权
    Secure escrow service 有权

    公开(公告)号:US10708049B2

    公开(公告)日:2020-07-07

    申请号:US16186426

    申请日:2018-11-09

    Applicant: Apple Inc.

    Inventor: Dallas B. De Atley Jerrold V. Hauck Mitchell D. Adler

    IPC: H04L9/08 G06F21/62 G06F21/33 G06F21/44 G06F21/60 H04L29/06 G06F21/00 G06F21/64 H04L9/12

    Abstract: A method of restoring confidential information items of a first device to a second device by using a set of servers. The method generates a public and private key pair and ties the private key to the hash of executable code of the servers at the time of generating the public and private keys. The method receives the encrypted confidential information items in a secure object which is encrypted with a user-specific key and the public key. The method only provides the confidential information to the second device when the second device provides the same user-specific key as the key that encrypts the secure object and the hash of the executable code of the servers at the time of accessing the private key to decrypt the secure object matches the hash of the executable code running on the servers at the time of generating the private key.

Patent Agency Ranking