Patents by Inventor David Rahardja

David Rahardja has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9118642
    Abstract: A device streams assets to network-based storage, and servers administering the network-based storage operate to notify other authorized devices that the assets are available to download, including initiating the download of assets automatically or in response to user input. With streaming enabled on their device, a user is able to make assets, such as digital photograph, video or other type of media file, data file, or other type of electronic content, available immediately to all of their other devices and to other users having permission to follow assets streamed by their device. Servers secure access to the stream of assets, on both an account level and an asset level in accordance with asset metadata registered for the assets during streaming.
    Type: Grant
    Filed: September 5, 2011
    Date of Patent: August 25, 2015
    Assignee: Apple Inc.
    Inventors: David Rahardja, Hernan R. Eguiluz, Miguel S. Sanchez-Sandoval, Stan Jirman
  • Publication number: 20150237498
    Abstract: Methods and apparatuses that enroll a wireless device into an enterprise service with a management server addressed in a management profile are described. The enrollment may grant a control of configurations of the wireless device to the management server via the management profile. In response to receiving a notification from the management server, a trust of the notification may be verified against the management profile. If the trust is verified, a network session may be established with the management server. The network session may be secured via a certificate in the management profile. Management operations may be performed for management commands received over the secure network session to manage the configurations transparently to a user of the wireless device according to the control.
    Type: Application
    Filed: May 4, 2015
    Publication date: August 20, 2015
    Inventors: Gordie FREEDMAN, David RAHARDJA
  • Patent number: 9027112
    Abstract: Methods and apparatuses that enroll a wireless device into an enterprise service with a management server addressed in a management profile are described. The enrollment may grant a control of configurations of the wireless device to the management server via the management profile. In response to receiving a notification from the management server, a trust of the notification may be verified against the management profile. If the trust is verified, a network session may be established with the management server. The network session may be secured via a certificate in the management profile. Management operations may be performed for management commands received over the secure network session to manage the configurations transparently to a user of the wireless device according to the control.
    Type: Grant
    Filed: May 8, 2013
    Date of Patent: May 5, 2015
    Assignee: Apple Inc.
    Inventors: Gordie Freedman, David Rahardja
  • Publication number: 20150074165
    Abstract: The described embodiments include a computing device that executes a broker application. The broker application performs a mediated data exchange to exchange data between a first sandboxed application and a second application. For example, the broker application can import data from the second application into the first sandboxed application. As another example, the broker application can export data from the first sandboxed application into the second application.
    Type: Application
    Filed: September 12, 2013
    Publication date: March 12, 2015
    Applicant: Apple Inc.
    Inventors: David Rahardja, Toby C. Paterson, Anthony D'Auria
  • Publication number: 20140365624
    Abstract: In the described embodiments, a device configuration file is used to set configuration settings on a computing device during a configuration operation (e.g., an initial configuration or a re-configuration of the computing device). The device configuration file is retrieved from a location where the device configuration file is hosted using a reference to the location from a bootstrap configuration. The bootstrap configuration is provided by a bootstrap configuration server and is retrieved by the computing device from the bootstrap configuration server during the configuration operation.
    Type: Application
    Filed: June 7, 2013
    Publication date: December 11, 2014
    Inventors: Mark W. Whittemore, Michael D. Santos, Todd R. Fernandez, Christopher G. Skogen, Jussi-Pekka Mantere, David Rahardja
  • Publication number: 20140351605
    Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.
    Type: Application
    Filed: June 9, 2014
    Publication date: November 27, 2014
    Applicant: Apple Inc
    Inventors: Dallas Blake DE ATLEY, Gordon FREEDMAN, Thomas Brogan DUFFY, JR., Tahoma Madrone TOELKES, Michael John SMITH, Paul William CHINN, David RAHARDJA
  • Patent number: 8756419
    Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.
    Type: Grant
    Filed: July 12, 2013
    Date of Patent: June 17, 2014
    Assignee: Apple Inc.
    Inventors: Dallas Blake De Atley, Gordon Freedman, Thomas Brogan Duffy, Jr., Tahoma Madrone Toelkes, Michael John Smith, Paul William Chinn, David Rahardja
  • Publication number: 20140150115
    Abstract: The described embodiments include a content provider device that can assign items of content (applications, digitally-rendered music, books, videos, etc.) to users upon receiving assignment messages from administrative devices. The items of content can be electronically transferred to the user's devices to be used by users. The content provider device can also revoke assignments of items of content from users upon receiving revocation messages from administrative devices. The revocation generally causes the loss of one or more rights to the item of content for the user. For example, the content provider device can stop providing services for the item of content and/or can cause the item of content to be deleted from a corresponding user's device.
    Type: Application
    Filed: December 27, 2012
    Publication date: May 29, 2014
    Applicant: APPLE INC.
    Inventors: Jean-Pierre Ciudad, David Rahardja, Christopher H. Bourdon, Todd R. Fernandez, Daniel I. Feldman, Gregory Burns, Jussi-Pekka Mantere, Mark W. Whittemore, Christopher G. Skogen
  • Publication number: 20130339715
    Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.
    Type: Application
    Filed: July 12, 2013
    Publication date: December 19, 2013
    Applicant: Apple Inc.
    Inventors: Dallas Blake De Atley, Gordon Freedman, Thomas Brogan Duffy, Jr., Tahoma Madrone Toelkes, Michael John Smith, Paul William Chinn, David Rahardja
  • Publication number: 20130247166
    Abstract: Methods and apparatuses that enroll a wireless device into an enterprise service with a management server addressed in a management profile are described. The enrollment may grant a control of configurations of the wireless device to the management server via the management profile. In response to receiving a notification from the management server, a trust of the notification may be verified against the management profile. If the trust is verified, a network session may be established with the management server. The network session may be secured via a certificate in the management profile. Management operations may be performed for management commands received over the secure network session to manage the configurations transparently to a user of the wireless device according to the control.
    Type: Application
    Filed: May 8, 2013
    Publication date: September 19, 2013
    Applicant: Apple Inc.
    Inventors: Gordie Freedman, David Rahardja
  • Patent number: 8510552
    Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for encryption and key management. The method includes encrypting each file on a computing device with a unique file encryption key, encrypting each unique file encryption key with a corresponding class encryption key, and encrypting each class encryption key with an additional encryption key. Further disclosed are systems, methods, and non-transitory computer-readable storage media for encrypting a credential key chain. The method includes encrypting each credential on a computing device with a unique credential encryption key, encrypting each unique credential encryption key with a corresponding credential class encryption key, and encrypting each class encryption key with an additional encryption key.
    Type: Grant
    Filed: April 7, 2010
    Date of Patent: August 13, 2013
    Assignee: Apple Inc.
    Inventors: Dallas Blake De Atley, Gordon Freedman, Thomas Brogan Duffy, Jr., John Andrew Wright, Vrajesh Rajesh Bhavsar, Lucia Elena Ballard, Michael Lambertus Hubertus Brouwer, Conrad Sauerwald, Mitchell David Adler, Eric Brandon Tamura, David Rahardja, Carsten Guenther
  • Patent number: 8473743
    Abstract: Methods and apparatuses that enroll a wireless device into an enterprise service with a management server addressed in a management profile are described. The enrollment may grant a control of configurations of the wireless device to the management server via the management profile. In response to receiving a notification from the management server, a trust of the notification may be verified against the management profile. If the trust is verified, a network session may be established with the management server. The network session may be secured via a certificate in the management profile. Management operations may be performed for management commands received over the secure network session to manage the configurations transparently to a user of the wireless device according to the control.
    Type: Grant
    Filed: April 7, 2010
    Date of Patent: June 25, 2013
    Assignee: Apple Inc.
    Inventors: Gordie Freedman, David Rahardja
  • Patent number: 8433901
    Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.
    Type: Grant
    Filed: April 7, 2010
    Date of Patent: April 30, 2013
    Assignee: Apple Inc.
    Inventors: Dallas Blake De Atley, Gordon Freedman, Thomas Brogan Duffy, Jr., Tahoma Madrone Toelkes, Michael John Smith, Paul William Chinn, David Rahardja
  • Patent number: 8412934
    Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for initiating a backup, backing up encrypted data, and restoring backed up encrypted data. The method for initiating a backup includes sending a backup secret to a backup device having an encrypted file system, receiving from the backup device a backup ticket created based on the backup secret, and storing the backup ticket. The method for backing up encrypted data includes receiving a backup ticket and a backup secret, retrieving an escrow key bag containing protection class keys, decrypting the protection class keys with the backup ticket, generating a backup key bag containing new protection class keys, selecting a set of encrypted files to back up, decrypting the file encryption keys with corresponding decrypted protection class keys, re-encrypting the file encryption keys with new protection class keys, and transferring the selected encrypted files, the backup key bag, and metadata.
    Type: Grant
    Filed: April 7, 2010
    Date of Patent: April 2, 2013
    Assignee: Apple Inc.
    Inventors: Dallas Blake De Atley, Gordon Freedman, Thomas Brogan Duffy, Jr., Kenneth Buffalo McNeil, David Rahardja
  • Publication number: 20120311095
    Abstract: A device streams assets to network-based storage, and servers administering the network-based storage operate to notify other authorized devices that the assets are available to download, including initiating the download of assets automatically or in response to user input. With streaming enabled on their device, a user is able to make assets, such as digital photograph, video or other type of media file, data file, or other type of electronic content, available immediately to all of their other devices and to other users having permission to follow assets streamed by their device. Servers secure access to the stream of assets, on both an account level and an asset level in accordance with asset metadata registered for the assets during streaming.
    Type: Application
    Filed: September 5, 2011
    Publication date: December 6, 2012
    Inventors: David Rahardja, Hernan R. Eguiluz, Miguel S. Sanchez-Sandoval, Stan Jirman
  • Publication number: 20110252240
    Abstract: Methods and apparatuses that enroll a wireless device into an enterprise service with a management server addressed in a management profile are described. The enrollment may grant a control of configurations of the wireless device to the management server via the management profile. In response to receiving a notification from the management server, a trust of the notification may be verified against the management profile. If the trust is verified, a network session may be established with the management server. The network session may be secured via a certificate in the management profile. Management operations may be performed for management commands received over the secure network session to manage the configurations transparently to a user of the wireless device according to the control.
    Type: Application
    Filed: April 7, 2010
    Publication date: October 13, 2011
    Inventors: Gordie Freedman, David Rahardja
  • Publication number: 20110252233
    Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for initiating a backup, backing up encrypted data, and restoring backed up encrypted data. The method for initiating a backup includes sending a backup secret to a backup device having an encrypted file system, receiving from the backup device a backup ticket created based on the backup secret, and storing the backup ticket. The method for backing up encrypted data includes receiving a backup ticket and a backup secret, retrieving an escrow key bag containing protection class keys, decrypting the protection class keys with the backup ticket, generating a backup key bag containing new protection class keys, selecting a set of encrypted files to back up, decrypting the file encryption keys with corresponding decrypted protection class keys, re-encrypting the file encryption keys with new protection class keys, and transferring the selected encrypted files, the backup key bag, and metadata.
    Type: Application
    Filed: April 7, 2010
    Publication date: October 13, 2011
    Applicant: Apple Inc.
    Inventors: Dallas Blake De Atley, Gordon Freedman, Thomas Brogan Duffy, JR., Kenneth Buffalo McNeil, David Rahardja
  • Publication number: 20110252232
    Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for erasing user data stored in a file system. The method includes destroying all key bags containing encryption keys on a device having a file system encrypted on a per file and per class basis, erasing and rebuilding at least part of the file system associated with user data, and creating a new default key bag containing encryption keys. Also disclosed herein is a method of erasing user data stored in a remote file system encrypted on a per file and per class basis. The method includes transmitting obliteration instructions to a remote device, which cause the remote device to destroy all key bags containing encryption keys on the remote device, erase and rebuild at least part of the file system associated with user data, and create on the remote device a new default key bag containing encryption keys.
    Type: Application
    Filed: April 7, 2010
    Publication date: October 13, 2011
    Applicant: Apple Inc.
    Inventors: Dallas Blake De Atley, Gordon Freedman, Thomas Brogan Duffy, JR., Tahoma Madrone Toelkes, Michael John Smith, Paul William Chinn, David Rahardja
  • Publication number: 20110252234
    Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for encryption and key management. The method includes encrypting each file on a computing device with a unique file encryption key, encrypting each unique file encryption key with a corresponding class encryption key, and encrypting each class encryption key with an additional encryption key. Further disclosed are systems, methods, and non-transitory computer-readable storage media for encrypting a credential key chain. The method includes encrypting each credential on a computing device with a unique credential encryption key, encrypting each unique credential encryption key with a corresponding credential class encryption key, and encrypting each class encryption key with an additional encryption key.
    Type: Application
    Filed: April 7, 2010
    Publication date: October 13, 2011
    Applicant: Apple Inc.
    Inventors: Dallas Blake De Atley, Gordon Freedman, Thomas Brogan Duffy, JR., John Andrew Wright, Vrajesh Rajesh Bhavsar, Lucia Elena Ballard, Michael Lambertus Hubertus Brouwer, Conrad Sauerwald, Mitchell David Adler, Eric Brandon Tamura, David Rahardja, Carsten Guenther