Patents by Inventor Ivan Krstic

Ivan Krstic has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10999287
    Abstract: Some embodiments of the invention provide a program for recovering access to a service associated with an account. The program provides a login credential to log into the account to receive the associated service. Next, the program receives an access continuation parameter (ACP) after logging into the account. The program then accesses the service and receives a rejection of a subsequent access to the service. The program then provides the ACP in lieu of the login credential to continue to receive the service.
    Type: Grant
    Filed: December 2, 2019
    Date of Patent: May 4, 2021
    Assignee: Apple Inc.
    Inventors: Ivan Krstic, James Wilson, Eric Daniel Friedman, Selvarajan Subramaniam, Patrice O. Gautier, John Patrick Gates, Ramarathnam Santhanagopal, Prabhakaran Vaidyanathaswami, Sudhakar Mambakkam, Raghunandan Pai, Karthik Narayanan
  • Patent number: 10929515
    Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.
    Type: Grant
    Filed: July 31, 2018
    Date of Patent: February 23, 2021
    Assignee: Apple Inc.
    Inventors: Deepti S. Prakash, Lucia E. Ballard, Jerrold V. Hauck, Feng Tang, Etai Littwin, Pavan Kumar Ansosalu Vasu, Gideon Littwin, Thorsten Gernoth, Lucie Kucerova, Petr Kostka, Steven P. Hotelling, Eitan Hirsh, Tal Kaitz, Jonathan Pokrass, Andrei Kolin, Moshe Laifenfeld, Matthew C. Waldon, Thomas P. Mensch, Lynn R. Youngs, Christopher G. Zeleznik, Michael R. Malone, Ziv Hendel, Ivan Krstic, Anup K. Sharma
  • Publication number: 20210049251
    Abstract: The present disclosure describes techniques for changing a required authentication type based on a request for a particular type of information. For example, consider a situation where a user has asked a virtual assistant “who owns this device?” By default, the device may allow biometric authentication to unlock. In response to identification of the owner by the virtual assistant, however, the device may require one or more other types of authentication (e.g., manual entry of a passcode) to unlock the device. In various embodiments, the disclosed techniques may increase the security of the device by making it more difficult for malicious entities to obtain the sensitive information or to access device functionality once the sensitive information has been disclosed. In various embodiments, this may prevent or reduce unauthorized access to the device.
    Type: Application
    Filed: October 29, 2020
    Publication date: February 18, 2021
    Inventors: Lucia E. Ballard, Jerrold V. Hauck, Deepti S. Prakash, Jan Cibulka, Ivan Krstic
  • Patent number: 10839058
    Abstract: The present disclosure describes techniques for changing a required authentication type based on a request for a particular type of information. For example, consider a situation where a user has asked a virtual assistant “who owns this device?” By default, the device may allow biometric authentication to unlock. In response to identification of the owner by the virtual assistant, however, the device may require one or more other types of authentication (e.g., manual entry of a passcode) to unlock the device. In various embodiments, the disclosed techniques may increase the security of the device by making it more difficult for malicious entities to obtain the sensitive information or to access device functionality once the sensitive information has been disclosed. In various embodiments, this may prevent or reduce unauthorized access to the device.
    Type: Grant
    Filed: April 1, 2019
    Date of Patent: November 17, 2020
    Assignee: Apple Inc.
    Inventors: Lucia E. Ballard, Jerrold V. Hauck, Deepti S. Prakash, Jan Cibulka, Ivan Krstic
  • Patent number: 10824705
    Abstract: The present disclosure describes techniques for changing a required authentication type based on a request for a particular type of information. For example, consider a situation where a user has asked a virtual assistant “who owns this device?” By default, the device may allow biometric authentication to unlock. In response to identification of the owner by the virtual assistant, however, the device may require one or more other types of authentication (e.g., manual entry of a passcode) to unlock the device. In various embodiments, the disclosed techniques may increase the security of the device by making it more difficult for malicious entities to obtain the sensitive information or to access device functionality once the sensitive information has been disclosed. In various embodiments, this may prevent or reduce unauthorized access to the device.
    Type: Grant
    Filed: May 15, 2018
    Date of Patent: November 3, 2020
    Assignee: Apple Inc.
    Inventors: Lucia E. Ballard, Jerrold V. Hauck, Deepti S. Prakash, Jan Cibulka, Ivan Krstic
  • Patent number: 10735396
    Abstract: Some embodiments provide an account-access recovery method that receives a request to recover access to an account. The method also assesses recent usage of a device that is associated with the account. The method also, based on the assessment, selects a recovery process from a group of different recovery processes for regaining access to the account. The method also provides the selected recovery process to a party that is requesting the access recovery.
    Type: Grant
    Filed: October 22, 2018
    Date of Patent: August 4, 2020
    Assignee: Apple Inc.
    Inventors: Ivan Krstic, James Wilson, Eric Daniel Friedman, Selvarajan Subramaniam, Patrice O. Gautier, John Patrick Gates, Ramarathnam Santhanagopal, Prabhakaran Vaidyanathaswami, Sudhakar Mambakkam, Raghunandan Pai, Karthik Narayanan
  • Publication number: 20200233984
    Abstract: Techniques are disclosed relating to securing an accessory interface on a computing device. In various embodiments, a computing device detects a connection of an accessory device to an accessory interface port and, in response to the detected connection, evaluates a policy defining one or more criteria for restricting unauthorized access to the accessory interface port. Based on the evaluating, the computing device determines whether to disable the accessory interface port to prevent communication with the connected accessory device. In some embodiments, the computing device includes an interconnect coupled between the processor and the accessory interface port, and the interconnect includes a hub circuit configured to facilitate communication between a plurality of devices via the interconnect. In some embodiments, the computing device, in response to determining to disable the accessory interface port, instructs the hub circuit to prevent traffic from being conveyed from the accessory interface port.
    Type: Application
    Filed: May 3, 2019
    Publication date: July 23, 2020
    Inventors: Loukas Kalenderidis, Ivan Krstic, Brian J. Dawbin, Filip Stoklas, Carmen A. Bovalino, III, Shyam S. Toprani, Christopher B. Zimmermann, Libor Sykora, Arnold S. Liu, Lucia E. Ballard
  • Publication number: 20200213323
    Abstract: Some embodiments of the invention provide a program for recovering access to a service associated with an account. The program provides a login credential to log into the account to receive the associated service. Next, the program receives an access continuation parameter (ACP) after logging into the account. The program then accesses the service and receives a rejection of a subsequent access to the service. The program then provides the ACP in lieu of the login credential to continue to receive the service.
    Type: Application
    Filed: December 2, 2019
    Publication date: July 2, 2020
    Inventors: Ivan KRSTIC, James WILSON, Eric Daniel FRIEDMAN, Selvarajan SUBRAMANIAM, Patrice O. GAUTIER, John Patrick GATES, Ramarathnam SANTHANAGOPAL, Prabhakaran VAIDYANATHASWAMI, Sudhakar MAMBAKKAM, Raghunandan PAI, Karthik NARAYANAN
  • Publication number: 20200143038
    Abstract: In accordance with some embodiments, the method includes: detecting, via the one or more input devices, a request to display information for password protected accounts; and, in response to detecting the request, concurrently displaying, on the display device: a representation of a first password protected account that is associated with a credential having one or more security issues, wherein the representation of the first password protected account is visually associated with an alert indicator indicating the one or more security issues associated with the credential of the first password protected account; and a representation of a second password protected account that is associated with a credential having one or more security issues, wherein the representation of the second password protected account is visually associated with an alert indicator indicating the one or more security issues associated with the credential of the second password protected account.
    Type: Application
    Filed: November 7, 2019
    Publication date: May 7, 2020
    Inventors: Conrad A. Shultz, Richard J. Mondello, Reza Abbasian, Ivan Krstic, Darin Adler, Charilaos Papadopoulos, Maureen Grace Daum, Guillaume Borios, Patrick Robert Burns, Alexander David Sanciangco, Brent Michael Ledvina, Chelsea Elizabeth Pugh, Kyle Brogle, Marc J. Krochmal, Jacob Klapper, Paul Russell Knight, Connor David Graham, Shengkai Wu, I-Ting Liu, Steven Jon Falkenburg
  • Publication number: 20190370457
    Abstract: In accordance with some embodiments, a method is performed at an electronic device with a display device and one or more input devices. The method includes displaying, via the display device, a user interface that includes a new-password field. The method includes detecting, via the one or more input devices, a user input that corresponds to selection of the new-password field. In response to detecting the user input that corresponds to selection of the new-password field, the method includes displaying, on the display device, a representation of a new automatically-generated password in the new-password field and displaying, on the display device, an affordance to accept the new automatically-generated password and an affordance to decline to use the new automatically-generated password.
    Type: Application
    Filed: May 30, 2019
    Publication date: December 5, 2019
    Inventors: Conrad A. Shultz, Richard J. Mondello, Reza Abbasian, Ivan Krstic, Darin Adler, Charilaos Papadopoulos, Maureen Grace Daum, Guillaume Borios, Patrick Robert Burns, Alexander David Sanciangco, Brent Michael Ledvina, Chelsea Elizabeth Pugh, Kyle Brogle, Marc J. Krochmal, Jacob Klapper, Paul Russell Knight, Connor David Graham, Shengkai Wu, I-Ting Liu, Steven Jon Falkenburg
  • Patent number: 10498738
    Abstract: Some embodiments of the invention provide a program for recovering access to a service associated with an account. The program provides a login credential to log into the account to receive the associated service. Next, the program receives an access continuation parameter (ACP) after logging into the account. The program then accesses the service and receives a rejection of a subsequent access to the service. The program then provides the ACP in lieu of the login credential to continue to receive the service.
    Type: Grant
    Filed: September 30, 2015
    Date of Patent: December 3, 2019
    Assignee: APPLE INC.
    Inventors: Ivan Krstic, James Wilson, Eric Daniel Friedman, Selvarajan Subramaniam, Patrice O. Gautier, John Patrick Gates, Ramarathnam Santhanagopal, Prabhakaran Vaidyanathaswami, Sudhakar Mambakkam, Raghunandan Pai, Karthik Narayanan
  • Publication number: 20190236254
    Abstract: The present disclosure describes techniques for changing a required authentication type based on a request for a particular type of information. For example, consider a situation where a user has asked a virtual assistant “who owns this device?” By default, the device may allow biometric authentication to unlock. In response to identification of the owner by the virtual assistant, however, the device may require one or more other types of authentication (e.g., manual entry of a passcode) to unlock the device. In various embodiments, the disclosed techniques may increase the security of the device by making it more difficult for malicious entities to obtain the sensitive information or to access device functionality once the sensitive information has been disclosed. In various embodiments, this may prevent or reduce unauthorized access to the device.
    Type: Application
    Filed: April 1, 2019
    Publication date: August 1, 2019
    Inventors: Lucia E. Ballard, Jerrold V. Hauck, Deepti S. Prakash, Jan Cibulka, Ivan Krstic
  • Patent number: 10303885
    Abstract: Methods and systems for securely executing untrusted software are described. In one embodiment, two virtual memory mappings are used (one readable/writeable-RW and the other readable/executable-RX). In one embodiment, compiled software is used at run time through pointers to the RX virtual memory space and a compiler causes the storage of the compiled software in the RW virtual memory space through the use of an executable function (e.g. a memory copy like function) stored in an executable only memory region.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: May 28, 2019
    Assignee: Apple Inc.
    Inventors: Gregory D. Hughes, Ivan Krstic, Oliver J. Hunt
  • Publication number: 20190158478
    Abstract: Some embodiments provide an account-access recovery method that receives a request to recover access to an account. The method also assesses recent usage of a device that is associated with the account. The method also, based on the assessment, selects a recovery process from a group of different recovery processes for regaining access to the account. The method also provides the selected recovery process to a party that is requesting the access recovery.
    Type: Application
    Filed: October 22, 2018
    Publication date: May 23, 2019
    Inventors: Ivan Krstic, James Wilson, Eric Daniel Friedman, Selvarajan Subramaniam, Patrice O. Gautier, John Patrick Gates, Ramarathnam Santhanagopal, Prabhakaran Vaidyanathaswami, Sudhakar Mambakkam, Raghunandan Pai, Karthik Narayanan
  • Publication number: 20190044723
    Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.
    Type: Application
    Filed: July 31, 2018
    Publication date: February 7, 2019
    Inventors: Deepti S. Prakash, Lucia E. Ballard, Jerrold V. Hauck, Feng Tang, Etai Littwin, Pavan Kumar Ansosalu Vasu, Gideon Littwin, Thorsten Gernoth, Lucie Kucerova, Petr Kostka, Steven P. Hotelling, Eitan Hirsh, Tal Kaitz, Jonathan Pokrass, Andrei Kolin, Moshe Laifenfeld, Matthew C. Waldon, Thomas P. Mensch, Lynn R. Youngs, Christopher G. Zeleznik, Michael R. Malone, Ziv Hendel, Ivan Krstic, Anup K. Sharma
  • Publication number: 20190042718
    Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.
    Type: Application
    Filed: July 31, 2018
    Publication date: February 7, 2019
    Inventors: Deepti S. Prakash, Lucia E. Ballard, Jerrold V. Hauck, Feng Tang, Etai Littwin, Pavan Kumar Ansosalu Vasu, Gideon Littwin, Thorsten Gernoth, Lucie Kucerova, Petr Kostka, Steven P. Hotelling, Eitan Hirsh, Tal Kaitz, Jonathan Pokrass, Andrei Kolin, Moshe Laifenfeld, Matthew C. Waldon, Thomas P. Mensch, Lynn R. Youngs, Christopher G. Zeleznik, Michael R. Malone, Ziv Hendel, Ivan Krstic, Anup K. Sharma, Kelsey Y. Ho
  • Publication number: 20180352440
    Abstract: The present disclosure describes techniques for changing a required authentication type based on a request for a particular type of information. For example, consider a situation where a user has asked a virtual assistant “who owns this device?” By default, the device may allow biometric authentication to unlock. In response to identification of the owner by the virtual assistant, however, the device may require one or more other types of authentication (e.g., manual entry of a passcode) to unlock the device. In various embodiments, the disclosed techniques may increase the security of the device by making it more difficult for malicious entities to obtain the sensitive information or to access device functionality once the sensitive information has been disclosed. In various embodiments, this may prevent or reduce unauthorized access to the device.
    Type: Application
    Filed: May 15, 2018
    Publication date: December 6, 2018
    Inventors: Lucia E. Ballard, Jerrold V. Hauck, Deepti S. Prakash, Jan Cibulka, Ivan Krstic
  • Patent number: 10110583
    Abstract: Some embodiments provide an account-access recovery method that receives a request to recover access to an account. The method also assesses recent usage of a device that is associated with the account. The method also, based on the assessment, selects a recovery process from a group of different recovery processes for regaining access to the account. The method also provides the selected recovery process to a party that is requesting the access recovery.
    Type: Grant
    Filed: August 7, 2016
    Date of Patent: October 23, 2018
    Assignee: APPLE INC.
    Inventors: Ivan Krstic, James Wilson, Eric Daniel Friedman, Selvarajan Subramaniam, Patrice O. Gautier, John Patrick Gates, Ramarathnam Santhanagopal, Prabhakaran Vaidyanathaswami, Sudhakar Mambakkam, Raghunandan Pai, Karthik Narayanan
  • Patent number: 10063557
    Abstract: Some embodiments of the invention provide a program for recovering access to an account. The program receives an access recovery parameter (ARP) after providing a first credential to log into an account and providing a notification of a second credential necessary for accessing another resource. The program then receives a request to modify the first credential and receives the second credential. Next, after authenticating the second credential, the program uses the ARP to modify the first credential without providing the first credential.
    Type: Grant
    Filed: September 30, 2015
    Date of Patent: August 28, 2018
    Assignee: Apple Inc.
    Inventors: Ivan Krstic, James Wilson, Eric Daniel Friedman, Selvarajan Subramaniam, Patrice O. Gautier, John Patrick Gates, Ramarathnam Santhanagopal, Prabhakaran Vaidyanathaswami, Sudhakar Mambakkam, Raghunandan Pai, Karthik Narayanan
  • Patent number: 10019598
    Abstract: When an application is launched, a framework scanning module scans a plurality of frameworks linked against by the application to generate a list of available services. When the application makes a request of a particular service, a service verification module compares the requested service to the list of available services and if the requested service is found in the list of available services, sends a signal to the application, the signal allowing access to the requested service for the application. Otherwise, access to the requested service is denied.
    Type: Grant
    Filed: September 30, 2015
    Date of Patent: July 10, 2018
    Assignee: Apple Inc.
    Inventors: Kevin J. Van Vechten, Damien Pascal Sorresso, Richard L. Hagy, Ivan Krstic