Patents by Inventor Oliver J. Hunt
Oliver J. Hunt has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11025596Abstract: Data items such as files or database records associated with particular applications (such as messaging applications and other applications) can be stored in one or more remote locations, such as a cloud storage system, and synchronized with other devices. The remote storage can be configured such that each application executing on a client device can only view data items stored at the remote location to which the application has permission to access. An access manager on each client device enforces application specific access policies. Storage at the remote location can be secured for each application associated with a user or user account, for example, using isolated containers. The cloud storage of data can be anonymized and anonymous group data can be stored in the cloud storage.Type: GrantFiled: February 28, 2018Date of Patent: June 1, 2021Assignee: Apple Inc.Inventors: Benoit Chevallier-Mames, Thomas Icart, Mathieu Ciet, Oliver J. Hunt, Yannick Sierra, Gokul Thirumalai, Roberto Garcia
-
Patent number: 10713021Abstract: One embodiment provides for a computer-implemented method comprising receiving a request to compile a set of program instructions coded in a high-level language, the set of program instructions including a pointer to a virtual memory address, the pointer having a pointer encoding including a base address and a length; while compiling the set of program instructions, decoding the base address and length from the pointer, wherein the base address specifies a first boundary for a memory allocation, the length defines a second boundary for the memory allocation and the length is an encoding of a size of the memory allocation; and generating a set of compiled instructions which, when executed, enable access to a physical address associated with a virtual address between the first boundary and the second boundary.Type: GrantFiled: September 28, 2018Date of Patent: July 14, 2020Assignee: Apple Inc.Inventors: Filip J. Pizlo, Oliver J. Hunt
-
Publication number: 20190272159Abstract: One embodiment provides for a computer-implemented method comprising receiving a request to compile a set of program instructions coded in a high-level language, the set of program instructions including a pointer to a virtual memory address, the pointer having a pointer encoding including a base address and a length; while compiling the set of program instructions, decoding the base address and length from the pointer, wherein the base address specifies a first boundary for a memory allocation, the length defines a second boundary for the memory allocation and the length is an encoding of a size of the memory allocation; and generating a set of compiled instructions which, when executed, enable access to a physical address associated with a virtual address between the first boundary and the second boundary.Type: ApplicationFiled: September 28, 2018Publication date: September 5, 2019Inventors: Filip J. Pizlo, Oliver J. Hunt
-
Patent number: 10303885Abstract: Methods and systems for securely executing untrusted software are described. In one embodiment, two virtual memory mappings are used (one readable/writeable-RW and the other readable/executable-RX). In one embodiment, compiled software is used at run time through pointers to the RX virtual memory space and a compiler causes the storage of the compiled software in the RW virtual memory space through the use of an executable function (e.g. a memory copy like function) stored in an executable only memory region.Type: GrantFiled: September 23, 2016Date of Patent: May 28, 2019Assignee: Apple Inc.Inventors: Gregory D. Hughes, Ivan Krstic, Oliver J. Hunt
-
Publication number: 20170255780Abstract: Methods and systems for securely executing untrusted software are described. In one embodiment, two virtual memory mappings are used (one readable/writeable-RW and the other readable/executable-RX). In one embodiment, compiled software is used at run time through pointers to the RX virtual memory space and a compiler causes the storage of the compiled software in the RW virtual memory space through the use of an executable function (e.g. a memory copy like function) stored in an executable only memory region.Type: ApplicationFiled: September 23, 2016Publication date: September 7, 2017Inventors: Gregory D. Hughes, Ivan Krstic, Oliver J. Hunt
-
Patent number: 9602520Abstract: Methods and apparatus are disclosed for detecting illegitimate or spoofed links on a web page. Illegitimate links can be detected by receiving a web link that includes link text and a link address, generating normalized link text based upon the link text, wherein characters in the link text that are visually similar are represented by a single normalized character identifier in the normalized text, determining whether the normalized link text is in the format of a link address, and determining that the text is safe when the normalized link text is not in the format of a link address. The techniques disclosed herein further involve determining whether the normalized link text matches the link address, determining that the text is safe when the normalized link text matches the link address, and determining that the text is unsafe when the normalized link text does not match the link address.Type: GrantFiled: November 4, 2015Date of Patent: March 21, 2017Assignee: Apple Inc.Inventors: Oliver J. Hunt, Ivan Krstic
-
Publication number: 20160127389Abstract: Methods and apparatus are disclosed for detecting illegitimate or spoofed links on a web page. Illegitimate links can be detected by receiving a web link that includes link text and a link address, generating normalized link text based upon the link text, wherein characters in the link text that are visually similar are represented by a single normalized character identifier in the normalized text, determining whether the normalized link text is in the format of a link address, and determining that the text is safe when the normalized link text is not in the format of a link address. The techniques disclosed herein further involve determining whether the normalized link text matches the link address, determining that the text is safe when the normalized link text matches the link address, and determining that the text is unsafe when the normalized link text does not match the link address.Type: ApplicationFiled: November 4, 2015Publication date: May 5, 2016Inventors: Oliver J. HUNT, Ivan KRSTIC
-
Patent number: 9245112Abstract: A method, apparatus and machine readable medium are described for managing entitlements on a computing device. For example, one embodiment of a method comprises: loading a first application into a system memory of a computing device; for each library value/symbol pair referenced by the first application, determining whether the first application has a correct entitlement to be linked with the library value/symbol pair; wherein if the application does not have the correct entitlement associated with the library value/symbol pair, then denying linking to the library value/symbol pair and/or linking the application to an alternate library value/symbol pair which does not have the entitlement associated therewith; and if the application has the correct entitlement associated with the library value/symbol pair, then linking the application to the library value/symbol pair with the entitlement in the system memory.Type: GrantFiled: June 1, 2012Date of Patent: January 26, 2016Assignee: Apple Inc.Inventors: Oliver J. Hunt, Ivan Krstic, Gavin Barraclough, Filip J. Pizlo
-
Patent number: 9203849Abstract: Methods and apparatus are disclosed for detecting illegitimate or spoofed links on a web page. Illegitimate links can be detected by receiving a web link that includes link text and a link address, generating normalized link text based upon the link text, wherein characters in the link text that are visually similar are represented by a single normalized character identifier in the normalized text, determining whether the normalized link text is in the format of a link address, and determining that the text is safe when the normalized link text is not in the format of a link address. The techniques disclosed herein further involve determining whether the normalized link text matches the link address, determining that the text is safe when the normalized link text matches the link address, and determining that the text is unsafe when the normalized link text does not match the link address.Type: GrantFiled: December 4, 2013Date of Patent: December 1, 2015Assignee: Apple Inc.Inventors: Oliver J. Hunt, Ivan Krstic
-
Patent number: 9128732Abstract: A method and an apparatus for runtime compilation that generates non-deterministic and unpredictable code to protect against un-trusted code attacks are described. The runtime compilation may be based on heuristic rules without requiring deterministic behavior reduction operations for all the code generated. The heuristic rules may include estimations on, for example, runtime overhead or cost incurred for code protection, amount of code protection required and/or other applicable factors and their relationships.Type: GrantFiled: September 14, 2012Date of Patent: September 8, 2015Assignee: Apple Inc.Inventors: Oliver J. Hunt, Gavin Barraclough, Filip J. Pizlo, Geoffrey Garen
-
Publication number: 20150156210Abstract: Methods and apparatus are disclosed for detecting illegitimate or spoofed links on a web page. Illegitimate links can be detected by receiving a web link that includes link text and a link address, generating normalized link text based upon the link text, wherein characters in the link text that are visually similar are represented by a single normalized character identifier in the normalized text, determining whether the normalized link text is in the format of a link address, and determining that the text is safe when the normalized link text is not in the format of a link address. The techniques disclosed herein further involve determining whether the normalized link text matches the link address, determining that the text is safe when the normalized link text matches the link address, and determining that the text is unsafe when the normalized link text does not match the link address.Type: ApplicationFiled: December 4, 2013Publication date: June 4, 2015Applicant: Apple Inc.Inventors: Oliver J. Hunt, Ivan Krstic
-
Publication number: 20130326492Abstract: A method, apparatus and machine readable medium are described for managing entitlements on a computing device. For example, one embodiment of a method comprises: loading a first application into a system memory of a computing device; for each library value/symbol pair referenced by the first application, determining whether the first application has a correct entitlement to be linked with the library value/symbol pair; wherein if the application does not have the correct entitlement associated with the library value/symbol pair, then denying linking to the library value/symbol pair and/or linking the application to an alternate library value/symbol pair which does not have the entitlement associated therewith; and if the application has the correct entitlement associated with the library value/symbol pair, then linking the application to the library value/symbol pair with the entitlement in the system memory.Type: ApplicationFiled: June 1, 2012Publication date: December 5, 2013Inventors: Oliver J. Hunt, Ivan Krstic, Gavin Barraclough, Filip J. Pizlo
-
Publication number: 20130205388Abstract: A method and an apparatus for runtime compilation that generates non-deterministic and unpredictable code to protect against un-trusted code attacks are described. The runtime compilation may be based on heuristic rules without requiring deterministic behavior reduction operations for all the code generated. The heuristic rules may include estimations on, for example, runtime overhead or cost incurred for code protection, amount of code protection required and/or other applicable factors and their relationships.Type: ApplicationFiled: September 14, 2012Publication date: August 8, 2013Applicant: Apple Inc.Inventors: Oliver J. Hunt, Gavin Barraclough, Filip J. Pizlo, Geoffrey Garen