公开(公告)号：WO2019112972A1

公开(公告)日：2019-06-13

申请号：PCT/US2018/063686

申请日：2018-12-03

Applicant: APPLE INC.

Inventor： DE CESARE, Joshua P. ,  PAASKE, Timothy R. ,  KOVAH, Xeno S. ,  SCHLEJ, Nikolaj ,  WILCOX, Jeffrey R. ,  DOSHI, Hardik K. ,  ALDERFER, Kevin H. ,  KALLENBERG, Corey T.

IPC: G06F21/57

CPC classification number: G06F21/575

Abstract: A method and apparatus for protecting boot variables is disclosed. A computer system includes a main processor and an auxiliary processor. The auxiliary processor is associated with a non-volatile memory that stores variables associated with boot code that is also stored thereon. The main processor may send a request to the auxiliary processor to alter one of the variables stored in the non-volatile memory. Responsive to receiving the request, the auxiliary processor may execute a security policy to determine if the main processor meets the criteria for altering the variable. If the auxiliary processor determines that the main processor meets the criteria, it may grant permission to alter the variable.

公开(公告)号：WO2014046847A1

公开(公告)日：2014-03-27

申请号：PCT/US2013/056668

申请日：2013-08-26

Applicant: APPLE INC.

Inventor： MURPHY, Michael W. ,  DE CESARE, Joshua P. ,  PAASKE, Timothy R.

IPC: G06F13/24 ,  G06F1/32

CPC classification number: G06F13/24 ,  G06F1/3253 ,  Y02D10/151

Abstract: A method and system are described for reducing latency in a peripheral component interconnect express (PCIe) link between a host and an endpoint. In the described embodiments, an interrupt is issued from the endpoint to the host using the PCIe link. Then, while the interrupt is pending at the host, the PCIe link is prevented from entering a power-saving mode with an exit latency greater than a predetermined time period.

Abstract translation: 描述了一种用于减少主机和端点之间的外围组件互连快速（PCIe）链路中的延迟的方法和系统。 在所描述的实施例中，使用PCIe链路从端点向主机发出中断。 然后，当中断在主机处于等待状态时，PCIe链路被阻止进入功率节省模式，退出延迟大于预定时间段。

公开(公告)号：WO2017181132A2

公开(公告)日：2017-10-19

申请号：PCT/US2017/027792

申请日：2017-04-14

Applicant: APPLE INC.

Inventor： HAUCK, Jerrold V. ,  MARQUEZ, Alejandro J. ,  PAASKE, Timothy R. ,  SEN, Indranil S. ,  SIBERT, Herve ,  SIERRA, Yannick L. ,  THIARA, Raman S.

IPC: H04W64/00

Abstract: A secure ranging system can use a secure processing system to deliver one or more ranging keys to a ranging radio on a device, and the ranging radio can derive locally at the system ranging codes based on the ranging keys. A deterministic random number generator can derive the ranging codes using the ranging key and one or more session parameters, and each device (e.g. a cellular telephone and another device) can independently derive the ranging codes and derive them contemporaneously with their use in ranging operations.

Abstract translation: 安全测距系统可以使用安全处理系统来向设备上的测距无线电传递一个或多个测距密钥，并且测距无线电可以基于测距密钥在系统测距代码处本地导出 。 确定性随机数发生器可以使用测距键和一个或多个会话参数来导出测距码，并且每个设备（例如，蜂窝电话和另一个设备）可以独立地导出测距码并在测距操作中与它们的使用同时导出测距码。

公开(公告)号：WO2019112971A1

公开(公告)日：2019-06-13

申请号：PCT/US2018/063685

申请日：2018-12-03

Applicant: APPLE INC.

Inventor： DE CESARE, Joshua P. ,  PAASKE, Timothy R. ,  KOVAH, Xeno S. ,  SCHLEJ, Nikolaj ,  WILCOX, Jeffrey R. ,  RUNYON, Ezekiel T. ,  DOSHI, Hardik K. ,  ALDERFER, Kevin H. ,  KALLENBERG, Corey T.

IPC: G06F21/57 ,  G06F21/44

CPC classification number: G06F21/575 ,  G06F21/44

Abstract: A method and apparatus for performing a secure boot of a computer system is disclosed. A computer system according to the disclosure includes an auxiliary processor and a main processor. The boot process includes initially booting the auxiliary processor. The auxiliary processor is associated with a non-volatile memory storing boot code for the main processor. The auxiliary processor may perform a verification of the boot code. Subsequent to verifying the boot code, the main processor may be released from a reset state. Once the main processor is no longer in the reset state, the boot code may be provided thereto. Thereafter, the boot procedure may continue with the main processor executing the boot code.

公开(公告)号：WO2015020788A1

公开(公告)日：2015-02-12

申请号：PCT/US2014/047576

申请日：2014-07-22

Applicant: APPLE INC.

Inventor： PAASKE, Timothy R. ,  WARREN, David S. ,  SMITH, Michael J. ,  ROSS, Diarmuid P. ,  MAO, Weihua

IPC: G06F21/72 ,  G06F21/85 ,  G06F21/60 ,  G06F21/87

CPC classification number: G06F12/1408 ,  G06F21/602 ,  G06F21/72 ,  G06F21/85 ,  G06F21/87 ,  G09C1/00 ,  H04L9/12 ,  H04L2209/12

Abstract: In an embodiment, a peripheral interface controller may include an inline cryptographic engine which may encrypt data being sent over a peripheral interface and decrypt data received from the peripheral interface. The encryption may be transparent to the device connected to the peripheral interface that is receiving/supplying the data. In an embodiment, the peripheral interface controller is included in a system on a chip (SOC) that also includes a memory controller configured to couple to a memory. The memory may be mounted on the SOC in a chip-on-chip or package-on-package configuration. The unencrypted data may be stored in the memory for use by other parts of the SOC (e.g. processors, on-chip peripherals, etc.). The keys used for the encryption/decryption of data may remain within the SOC.

Abstract translation: 在一个实施例中，外围接口控制器可以包括内联密码引擎，其可以对通过外围接口发送的数据进行加密，并解密从外围接口接收的数据。 加密可能对连接到正在接收/提供数据的外设接口的设备是透明的。 在一个实施例中，外围接口控制器包括在芯片上的系统（SOC）中，该系统还包括被配置为耦合到存储器的存储器控​​制器。 存储器可以以片上芯片或封装的封装形式安装在SOC上。 未加密的数据可以存储在存储器中以供SOC的其他部分使用（例如处理器，片上外设等）。 用于加密/解密数据的密钥可能保留在SOC内。

公开(公告)号：EP3417663A2

公开(公告)日：2018-12-26

申请号：EP17733582.5

申请日：2017-04-14

Applicant: Apple Inc.

Inventor： HAUCK, Jerrold V. ,  MARQUEZ, Alejandro J. ,  PAASKE, Timothy R. ,  SEN, Indranil S. ,  SIBERT, Herve ,  SIERRA, Yannick L. ,  THIARA, Raman S.

IPC: H04W64/00 ,  H04W12/02

CPC classification number: H04W64/00 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: A secure ranging system can use a secure processing system to deliver one or more ranging keys to a ranging radio on a device, and the ranging radio can derive locally at the system ranging codes based on the ranging keys. A deterministic random number generator can derive the ranging codes using the ranging key and one or more session parameters, and each device (e.g. a cellular telephone and another device) can independently derive the ranging codes and derive them contemporaneously with their use in ranging operations.

公开(公告)号：WO2018222666A1

公开(公告)日：2018-12-06

申请号：PCT/US2018/035057

申请日：2018-05-30

Applicant: APPLE INC.

Inventor： DE CESARE, Joshua P. ,  PAASKE, Timothy R. ,  KOVAH, Xeno S. ,  SCHLEJ, Nikolaj ,  WILCOX, Jeffrey R. ,  RUNYON, Ezekiel T. ,  DOSHI, Hardik K. ,  ALDERFER, Kevin H. ,  KALLENBERG, Corey T.

IPC: G06F21/57

Abstract: A method and apparatus for performing a secure boot of a computer system is disclosed. A computer system according to the disclosure includes an auxiliary processor and a main processor. The boot process includes initially booting the auxiliary processor. The auxiliary processor includes a non-volatile memory storing boot code for the main processor. The auxiliary processor may perform a verification of the boot code. Subsequent to verifying the boot code, the main processor may be released from a reset state. Once the main processor is no longer in the reset state, the boot code may be provided thereto. Thereafter, the boot procedure may continue with the main processor executing the boot code.

公开(公告)号：WO2017181132A3

公开(公告)日：2017-10-19

申请号：PCT/US2017/027792

申请日：2017-04-14

Applicant: APPLE INC.

Inventor： HAUCK, Jerrold V. ,  MARQUEZ, Alejandro J. ,  PAASKE, Timothy R. ,  SEN, Indranil S. ,  SIBERT, Herve ,  SIERRA, Yannick L. ,  THIARA, Raman S.

IPC: H04W64/00 ,  H04W12/02

Abstract: A secure ranging system can use a secure processing system to deliver one or more ranging keys to a ranging radio on a device, and the ranging radio can derive locally at the system ranging codes based on the ranging keys. A deterministic random number generator can derive the ranging codes using the ranging key and one or more session parameters, and each device (e.g. a cellular telephone and another device) can independently derive the ranging codes and derive them contemporaneously with their use in ranging operations.

公开(公告)号：WO2015041773A2

公开(公告)日：2015-03-26

申请号：PCT/US2014/050744

申请日：2014-08-12

Applicant: APPLE INC.

Inventor： WARREN, David S. ,  LEVIT, Inna ,  PAASKE, Timothy R.

IPC: G06F1/32 ,  G06F1/08

CPC classification number: G06F1/3296 ,  G06F1/06 ,  G06F1/08 ,  G06F1/3206 ,  G06F1/3237 ,  G06F1/325 ,  G06F13/4022 ,  G06F13/4282 ,  Y02D10/128 ,  Y02D10/151 ,  Y02D50/20

Abstract: Embodiments of an apparatus and method are disclosed that may allow for managing power of a computing system. The apparatus may include a clock generation circuit, a bus interface unit, and a control circuit. The clock generation circuit may be configured to generate multiple clock signals. Each clock signal may provide a timing reference to different functional blocks within a device coupled to the communication bus. The bus interface unit may be configured to receive messages from the device via the communication bus. The messages may include a latency value and a request to activate a low power mode. The control circuit may be configured to deactivate one or more of the multiple clock signals dependent upon the latency value and multiple threshold values.

Abstract translation: 公开了可以允许管理计算系统的功率的装置和方法的实施例。 该装置可以包括时钟发生电路，总线接口单元和控制电路。 时钟发生电路可以被配置为产生多个时钟信号。 每个时钟信号可以提供与耦合到通信总线的设备内的不同功能块的定时参考。 总线接口单元可以被配置为经由通信总线从设备接收消息。 消息可以包括延迟值和激活低功率模式的请求。 控制电路可以被配置为取决于等待时间值和多个阈值的多个时钟信号中的一个或多个。