Patent application number | Description | Published |
20090221267 | NOTIFICATION OF ACCESS CONTROL REQUEST AND EXPLANATION INDICATIVE OF THE ACCESS CONTROL REQUEST ON A COMMUNICATION DEVICE - A communication device includes a display screen upon which information is displayed. A microprocessor configured to execute at least one notification program is provided that displays a notification descriptive of an access control request on the display screen. The at least one notification program is programmed to receive data indicative of an access control request and to receive data descriptive of the access control request. Additionally, the at least one notification program is further programmed to display a notification indicative of the access control request and comprising an explanation of the access control request based on the received descriptive data. | 09-03-2009 |
20100328110 | METHOD OF GENERATING AND PROVIDING A PASSWORD TO A HANDHELD ELECTRONIC DEVICE - A method of providing a password to a handheld electronic device having a reduced keyboard and a non-predictive keystroke interpretation system, wherein the reduced keyboard is of a particular keyboard type and the non-predictive keystroke interpretation system is of a particular system type. The method includes receiving a first character string in an electronic device, such as, without limitation, a PC, that is separate from the handheld electronic device, generating one or more second character strings in the electronic device based on the particular keyboard type, the first character string, and, possibly, the particular system type, and transmitting the one or more second character strings from the electronic device to the handheld electronic device as the password. | 12-30-2010 |
20110103588 | Key Agreement and Re-keying over a Bidirectional Communication Path - A key agreement method is carried out by a first system in conjunction with a second system over a bidirectional communication path, including generating a first key pair having a first public key and a first private key, sending the first public key to the second system, receiving a second public key generated by the second system, and calculating a master key based upon the first private key, the second public key, a long-term private key, and a long-term public key. The long-term private key was generated by the first system during a previous key-agreement method as part of a long-term key pair. The long-term public key was generated by the second system and received during the previous key-agreement method. The previous key-agreement method required a secret to be known to the first system and the second system, thus conferring authentication based on the secret to the long-term public key. | 05-05-2011 |
20110214184 | System and method for controlling applications to mitigate the effects of malicious software - Methods and systems for mitigating the effects of a malicious software application are disclosed. A dedicated module on the computing device receives from a malicious software detector a message indicating whether the application is malicious or has a malicious component. The dedicated module obtains a set of permissions to be granted to the application, and instructs software on the computing device that controls the permissions of the application to grant the set of permissions. | 09-01-2011 |
20120063599 | Key Agreement and Re-keying over a Bidirectional Communication Path - A key agreement method is carried out by a first system in conjunction with a second system over a bidirectional communication path, including generating a first key pair having a first public key and a first private key, sending the first public key to the second system, receiving a second public key generated by the second system, and calculating a master key based upon the first private key, the second public key, a long-term private key, and a long-term public key. The long-term private key was generated by the first system during a previous key-agreement method as part of a long-term key pair. The long-term public key was generated by the second system and received during the previous key-agreement method. The previous key-agreement method required a secret to be known to the first system and the second system, thus conferring authentication based on the secret to the long-term public key. | 03-15-2012 |
20120079110 | METHOD AND APPARATUS FOR DIFFERENTIATED ACCESS CONTROL - A method for differentiated access control on a computing device having a connection with a second device, the method checking whether a timer has expired on the second device or if a connection is lost to the second device; and preventing at least one of the plurality of application subsets from being launched or enabled if the timer has expired on the second device or the connection is lost to the second device. | 03-29-2012 |
20120079586 | METHOD AND APPARATUS FOR DIFFERENTIATED ACCESS CONTROL - A method for differentiated access control on a computing device, and the computing device, the method including starting a timer on the computing device; resetting the timer if activity occurs on the computing device prior to the expiration of the timer; and preventing a subset of applications from being launched or enabled on expiry of the timer. | 03-29-2012 |
20120079609 | METHOD FOR ESTABLISHING A PLURALITY OF MODES OF OPERATION ON A MOBILE DEVICE - A method, device and system for establishing plural modes of operation on a mobile device, including: associating each application on the mobile device with one of a plurality of modes; and restricting access to data on the mobile device to only a subset of applications based on the mode associated for the each application. A system includes connection of an untrusted device to a trusted device and restricting data access for restricted data to a subset of trusted applications on the untrusted device. | 03-29-2012 |
20120294440 | Key Agreement and Re-keying over a Bidirectional Communication Path - A key agreement method is carried out by a first system in conjunction with a second system over a bidirectional communication path, including generating a first key pair having a first public key and a first private key, sending the first public key to the second system, receiving a second public key generated by the second system, and calculating a master key based upon the first private key, the second public key, a long-term private key, and a long-term public key. The long-term private key was generated by the first system during a previous key-agreement method as part of a long-term key pair. The long-term public key was generated by the second system and received during the previous key-agreement method. The previous key-agreement method required a secret to be known to the first system and the second system, thus conferring authentication based on the secret to the long-term public key. | 11-22-2012 |
20130067009 | SYSTEM AND METHOD FOR HANDLING ELECTRONIC MAIL MISMATCHES - A system and method for handling e-mail address mismatches between the address contained within a user's certificate or certificate chain, and the account address actually being used is disclosed. In order to resolve address mismatches a canonical or generic domain name or user name may, for example, be used as a lifelong address of a user that is contained in the user's certificate. Upon detection of an address mismatch, the system and method disclosed herein may automatically re-check the certificate or search for a certificate containing the canonical or generic domain name and/or user name to attempt to resolve the mismatch. | 03-14-2013 |
20130093596 | NOTIFICATION OF ACCESS CONTROL REQUEST AND EXPLANATION INDICATIVE OF THE ACCESS CONTROL REQUEST ON A COMMUNICATION DEVICE - A communication device includes a display screen upon which information is displayed. A microprocessor configured to execute at least one notification program is provided that displays a notification descriptive of an access control request on the display screen. The at least one notification program is programmed to receive data indicative of an access control request and to receive data descriptive of the access control request. Additionally, the at least one notification program is further programmed to display a notification indicative of the access control request and comprising an explanation of the access control request based on the received descriptive data. | 04-18-2013 |
20130133065 | SYSTEM AND METHOD OF INDICATING THE STRENGTH OF ENCRYPTION - A method and system are provided for secure messaging on mobile computing devices. The method and system provide for an indication of a security trust level associated with a security method used with an electronic message. | 05-23-2013 |
20130145480 | E-MAIL WITH SECURE MESSAGE PARTS - A method for preventing a recipient of an electronically transmitted message from taking at least one action in relation to the message is disclosed. The message has at least two parts with one of the parts having a higher level of security than the other part. The method includes the step of extracting information from the message. The information indicates that the higher level security part is not permitted to have the action taken on it while the other part is so permitted. The method also includes the step of preventing the higher level security part from having the action taken on it in reaction to said recipient making an offending request. | 06-06-2013 |
20130167194 | SYSTEM AND METHOD FOR DETERMINING A SECURITY ENCODING TO BE APPLIED TO OUTGOING MESSAGES - A device comprising a processor is disclosed herein. In one broad aspect, the processor is configured to: determine whether a general message encoding configuration setting at the device is set to a first setting indicating that when a security encoding is to be applied to a message, the security encoding is to be established by a policy engine, wherein the established security encoding cannot be overridden by a security encoding selection algorithm at the device; and if the general message encoding configuration setting is set to the first setting, transmit the message to at least one message recipient via the policy engine such that the policy engine applies the security encoding to the message prior to the policy engine transmitting the message. | 06-27-2013 |
20130167247 | SELECTIVELY WIPING A REMOTE DEVICE - A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level. | 06-27-2013 |
20130198508 | SYSTEM AND METHOD FOR REMOTE RESET OF PASSWORD AND ENCRYPTION KEY - Data is secured on a device in communication with a remote location using a password and content protection key. The device stores data encrypted using a content protection key, which itself may be stored in encrypted form using the password and a key encryption key. The remote location receives a public key from the device. The remote location uses the public key and a stored private key to generate a further public key. The further public key is sent to the device. The device uses the further public key to generate a key encryption key, which is then used to decrypt the encrypted content protection key. A new content encryption key may then be created. | 08-01-2013 |
20130227360 | Method and Apparatus for Providing Intelligent Error Messaging - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. | 08-29-2013 |
20130232334 | SYSTEM AND METHOD FOR OBTAINING CERTIFICATE STATUS OF SUBKEYS - Systems and methods for updating status of digital certificate subkeys. A request is made to a key server to verify if a given key is revoked. If it is not, then the key with its subkeys is acquired from the key server. If one or more subkeys or signatures of the subkeys are different in the acquired key, then the key is replaced. | 09-05-2013 |
20130239225 | Deleting Confidential Information Used to Secure a Communication Link - A system includes a first wireless-enabled device that transparently stores confidential information and a second wireless-enabled device that stores the same confidential information. The confidential information is to be used to secure a wireless communication link between the first device and the second device. One or both of the first device and the second device is to delete the confidential information upon fulfillment of one or more conditions related to the communication link. The conditions include general timeout, device inactivity, loss of connection over the communication link, a decline in signal strength, and a predefined number of transactions having occurred between the first device and the second device. | 09-12-2013 |
20130246549 | SYSTEM AND METHOD FOR SELECTING MESSAGING SETTINGS ON A MESSAGING CLIENT - A system and method of selecting messaging settings on a messaging client are provided. A display configured to operate in conjunction with the messaging client displays a compose screen that includes a message portion and a messaging settings portion when an outgoing message is to be composed on the messaging client. Messaging settings selected to control message characteristics of the outgoing message are displayed in the messaging settings portion of the compose screen. | 09-19-2013 |
20130247143 | SYSTEM AND METHOD FOR CONFIGURING DEVICES FOR SECURE OPERATIONS - Systems and methods for establishing a security-related mode of operation for computing devices. A policy data store contains security mode configuration data related to the computing devices. Security mode configuration data is used in establishing a security-related mode of operation for the computing devices. | 09-19-2013 |
20130254528 | SECURE MESSAGE HANDLING ON A MOBILE DEVICE - Systems, methods, and software for providing digital security to a child message transmitted from a mobile device to a messaging server, where the mobile device typically does not transmit the parent message with the child message to the messaging server. Whether to apply digital security, such as encryption or a digital signature, or both, is determined, and if the mobile device does not include a complete copy of a parent message for insertion into the child message, the mobile device selectively downloads the parent message from the messaging server prior to the computation of a digital signature or prior to encryption. The systems and methods may also provide a check of the child message size, when the child message includes inserted parent content, to ensure that the child message does not exceed any prescribed limits on message size. | 09-26-2013 |
20130268607 | SYSTEM AND METHOD FOR HANDLING ELECTRONIC MAIL MISMATCHES - A system and method for handling e-mail address mismatches between the address contained within a user's certificate or certificate chain, and the account address actually being used is disclosed. In order to resolve address mismatches a canonical or generic domain name or user name may, for example, be used as a lifelong address of a user that is contained in the user's certificate. Upon detection of an address mismatch, the system and method disclosed herein may automatically re-check the certificate or search for a certificate containing the canonical or generic domain name and/or user name to attempt to resolve the mismatch. | 10-10-2013 |
20130283049 | METHOD AND DEVICES FOR PROVIDING SECURE DATA BACKUP FROM A MOBILE COMMUNICATION DEVICE TO AN EXTERNAL COMPUTING DEVICE - A method and devices for providing secure data backup from a mobile communication device to an external computing device is described. In one embodiment, there is provided a method of backing up data from a mobile communication device to an external computing device, the mobile communication device being in communication with the external computing device, the method includes: receiving a request to backup one or more data items stored on the mobile communication device; encrypting a data item using an encryption key stored in a protected memory of the mobile communication device; and transferring the encrypted data item to the external computing device for storage by the external computing device. A method of restoring backup data to a mobile communication device from an external computing device is also provided, as are mobile communication devices and computing devices configured for implementing the backup and restore operations. | 10-24-2013 |
20130318344 | SYSTEM AND METHOD FOR PROCESSING ENCODED MESSAGES FOR EXCHANGE WITH A MOBILE DATA COMMUNICATION DEVICE - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device, the message is processed so as to modify the message with respect to one or more encryption and/or authentication aspects. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a host system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the host system to one or more receivers. | 11-28-2013 |
20140027508 | Controlling Connectivity of a Wireless-Enabled Peripheral Device - A system includes a wireless-enabled peripheral device configured to be coupled to a personalized security device. The wireless-enabled peripheral device has a wireless communication interface. The system also includes a mobile device configured to establish a wireless connection with the wireless-enabled peripheral device via the wireless communication interface. Upon establishment of the wireless connection, the mobile device is further configured to control establishment of at least one contemporaneous connection of the wireless-enabled peripheral device to one or more other devices attempting to access the personalized security device. | 01-30-2014 |
20140059342 | System and Method of Accessing Keys for Secure Messaging - Methods and systems for handling on an electronic device a secure message to be sent to a recipient. Data is accessed about a security key associated with the recipient. The received data is used to perform a validity check related to sending a secure message to the recipient. The validity check may uncover an issue that exists with sending a secure message to the recipient. A reason is determined for the validity check issue and is provided to the mobile device's user. | 02-27-2014 |
20140115665 | MESSAGE-HANDLING SERVER AND METHOD FOR HANDLING SECURE MESSAGE ATTACHMENTS FOR A MOBILE DEVICE - A secure message that includes an attachment is received at a server. The secure message may have a secure layer that indicates that the secure message is at least digitally signed. The secure message may be provided without the attachment to the mobile device over a wireless network. A request may be received from the mobile device to access the attachment. The request may include an attachment identifier (ID) that identifies the attachment in accordance with a message-attachment indexing system. In response to the request to access the attachment, the server may perform an index lookup to find the attachment based upon the attachment ID, may look through the secure layer of the secure message in order to locate the attachment within the secure message, and may render at least an initial portion of the attachment by the server in a format for viewing by the mobile device. | 04-24-2014 |
20140237246 | Generating a Symmetric Key to Secure a Communication Link - A symmetric key to be used to secure a communication link between a first device and a second device is generated as follows: a first symmetric key is generated; a second symmetric key is generated; packets communicated between the first device and the second device over communication link are hashed to create a hash result; the first symmetric key, the second symmetric key and the hash result are hashed to generate a third symmetric key to be used to secure the communication link. | 08-21-2014 |
20140351599 | SYSTEM AND METHOD FOR UPDATING MESSAGE TRUST STATUS - Systems and methods for processing encoded messages within a wireless communications system are disclosed. A server within the wireless communications system performs signature verification of an encoded message and provides, together with the message, an indication to the mobile device that the message has been verified. In addition, the server provides supplemental information, such as, for example, a hash of the certificate or certificate chain used to verify the message, to the device, to enable the device to perform additional checks on the certificate, such as, for example, validity checks, trust checks, strength checks, or the like. | 11-27-2014 |
20140380045 | SYSTEM AND METHOD FOR WIPING AND DISABLING A REMOVED DEVICE - A system and method implemented at a server system, for securely wiping a remote mobile device after the device registration has been removed from the server system. Prior to removal of the device registration from the server system, a “pre-packaged” command is created and stored at the server system. In the event that it is determined, after removal of the registration, that the device should be wiped or disabled, means are provided for an administrator to issue the previously stored command to the target mobile device. | 12-25-2014 |
20150016612 | SYSTEM AND METHOD FOR REMOTE RESET OF PASSWORD AND ENCRYPTION KEY - Data is secured on a device in communication with a remote location using a password and content protection key. The device stores data encrypted using a content protection key, which itself may be stored in encrypted form using the password and a key encryption key. The remote location receives a public key from the device. The remote location uses the public key and a stored private key to generate a further public key. The further public key is sent to the device. The device uses the further public key to generate a key encryption key, which is then used to decrypt the encrypted content protection key. A new content encryption key may then be created. | 01-15-2015 |
20150033329 | PASSWORD ENTRY USING 3D IMAGE WITH SPATIAL ALIGNMENT - A method of controlling access to an electronic device is disclosed. The method comprises: generating a modified first image from a first image, wherein the first image and the modified first image include a first image reference point; generating a modified second image from a second image, wherein the second image and the modified second image include a second image reference point; displaying a three dimensional representation of the modified first image overlaid by the modified second image; authenticating access to the electronic device in response to substantial alignment of the first image reference point in the modified first image with the second image reference point in the modified second image. | 01-29-2015 |