公开(公告)号：AU2009233685B2

公开(公告)日：2011-08-25

申请号：AU2009233685

申请日：2009-11-06

Applicant: APPLE INC

Inventor： PERRY KIEHTREIBER ,  MICHAEL BROUWER

IPC: G06F11/22 ,  G06F11/30 ,  G06F21/00 ,  H04L9/32 ,  H04L9/36

Abstract: The present invention discloses a method for quickly and easily authenticating large computer program. The system operates by first sealing the computer program with digital signature in an incremental manner. Specifically, the computer program is divided into a 5 set of pages and a hash value is calculated for each page. The set of hash values is formed into a hash value array and then the hash value array is then sealed with a digital signature. The computer program is then distributed along with the hash value array and the digital signature. To authenticate the computer program, a recipient first verifies the authenticity of the hash value array with the digital signature and a public key. Once the 0 hash value array has been authenticated, the recipient can then verify the authenticity of each page of the computer program by calculating a hash of a page to be loaded and then comparing with an associated hash value in the authenticated hash value array. If the hash values do not match, then execution may be halted.

公开(公告)号：US20170277886A1

公开(公告)日：2017-09-28

申请号：US15611690

申请日：2017-06-01

Applicant: APPLE INC.

Inventor： DALLAS DE ATLEY ,  HEIKO PANTHER ,  MITCHELL ADLER ,  SIMON COOPER ,  MICHAEL BROUWER ,  MATT REDA

IPC: G06F21/51 ,  G06F21/31 ,  G06F21/33 ,  G06F21/44 ,  G06F21/50 ,  G06F21/53

CPC classification number: G06F21/51 ,  G06F21/31 ,  G06F21/33 ,  G06F21/44 ,  G06F21/50 ,  G06F21/53

Abstract: Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments. Profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. The profiles allow entities to add software code to the device without reauthorizing each distribution by a trusted authority such as testing, quality assurance, or to limited groups of devices controlled or authorized by the other entities.