Patent application number | Description | Published |
20080289001 | POLICY PROXY - In a system with a policy server, a first device able to communicate with the policy server and a second device able to communicate with the first device and unable to communicate with the policy server, the first device is to act as a policy proxy. The policy server may push to the first device a policy for the second device, and the first device may push the policy to the second device. | 11-20-2008 |
20080305776 | SYSTEM AND METHOD FOR WIRELESSLY PROVISIONING A MOBILE COMMUNICATION DEVICE - Systems and methods for wirelessly provisioning a mobile communication device are provided. To provision the mobile communication device to operate with an electronic messaging system, a provisioning request message may be generated at the mobile communication device. The provisioning request message may include a wireless identification for identifying the mobile communication device in a wireless network. The provisioning request message may be transmitted from the mobile communication device to the electronic messaging system using a pre-established communication link. In response to detecting the provisioning request message, the electronic messaging system may be provisioned by storing the wireless identification for use in communicating with the mobile communication device. | 12-11-2008 |
20080306922 | SYSTEM AND METHOD FOR ENABLING BULK RETRIEVAL OF CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, a certificate synchronization application is programmed to perform certificate searches by querying one or more certificate servers for all of the certificates on those certificate servers. If all of the certificates on a certificate server cannot be successfully retrieved using a single search query, due to a search quota on the certificate server being exceeded for example, the search is re-performed through multiple queries, each corresponding to a narrower subsearch. Embodiments described herein enable large amounts of certificates to be automatically searched for and retrieved from certificate servers, thereby minimizing the need for users to manually search for individual certificates. | 12-11-2008 |
20090077644 | APPARATUS AND METHOD FOR INTEGRATING AUTHENTICATION PROTOCOLS IN THE ESTABLISHMENT OF CONNECTIONS BETWEEN COMPUTING DEVICES - An apparatus and method for integrating authentication protocols in the establishment of connections between a controlled-access first computing device and at least one second computing device. In one embodiment, network access user authentication data needed to access the at least one second computing device is transmitted to an authentication server automatically if the user has access to use the first computing device, thereby not requiring the user to manually enter the authentication data needed for such access at the first computing device. The network access user authentication data may be, for example, retrieved from a memory store of the first computing device and/or generated in accordance with an authentication data generating algorithm. | 03-19-2009 |
20090095812 | SYSTEM AND METHOD FOR MANAGING MULTIPLE SMART CARD SESSIONS - A system and method is provided for managing multiple smart card sessions with multiple communications or computing devices in association with a single smart card reader. A wireless smart card reader is provided for communicating with a plurality of devices requiring smart card functionality in a number of smart card sessions, in which each smart card session is addressed with an identifier identifying a single device. The smart card session is secured by a wireless connection pairing and by a secure pairing, such that each connection between the smart card reader and a device is secured against all other devices in communication with the smart card reader using a master connection key, which is unique for each device. | 04-16-2009 |
20090113543 | AUTHENTICATION CERTIFICATE MANAGEMENT FOR ACCESS TO A WIRELESS COMMUNICATION DEVICE - A system and method for authenticating a user to a user device using one or more-factor authentication with a certificate are provided. The status of the certificate is stored at the user device such that the stored status is queried during the authentication process. The status is updated as a background operation on the user device on a periodic basis. In the event that the user device fails to obtain updated status information, further status update requests are issued by the user device at varying time intervals until a response is received. In the event that the user is authenticated to the device but the certificate is subsequently revoked, access to all or a subset of user data and functions on the user device may be restricted. | 04-30-2009 |
20090119511 | AUTOMATED KEY MANAGEMENT SYSTEM AND METHOD - A system and method for automatic key and certificate management is disclosed. In particular, a key store in a base computer contains both new and previously viewed cryptographic keys. In one embodiment, for each new key, if a corresponding certificate matches an existing certificate, the new certificate may be automatically downloaded to a mobile communications device without prompting a user. | 05-07-2009 |
20090132827 | DEBUGGING PORT SECURITY INTERFACE - The present invention provides a secure JTAG interface to an application-specific integrated circuit (ASIC). In the preferred embodiment the invention operates through the combined efforts of a Security Module (SM) comprising a state machine that controls the security modes for the ASIC, and a Test Control Module (TCM) which contains the JTAG interface. The TCM operates in either a restricted mode or an unrestricted mode, depending on the state of the SM state machine. In a restricted mode, only limited access to memory content is permitted. In an unrestricted mode, full access to memory content is permitted. | 05-21-2009 |
20090187796 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. For example, when the mobile device is being used to decrypt a cryptographically secured electronic message, and a problem is encountered, program logic of the device provides the user with (1) an indication of exactly what problem is preventing opening of the message, for example, a required cryptographic key is not available; (2) an indication of exactly what may be done to overcome the problem, for example, what utilities should be run on the device; and (3) exactly what data, if any, needs to be downloaded to the device, for example, what cryptographic keys should be downloaded. | 07-23-2009 |
20090188977 | OPTIMIZED SMART CARD DRIVER PERFORMANCE - By splitting a smart card driver into multiple components, with one component residing on the mobile communication device and another component residing on the smart card reader, the smart card reader driver component is enabled to do more than merely relay communication between the mobile communication device and the smart card. By transferring part of the communication handling of the smart card driver to the smart card reader, a reduction in communication over the connection between the smart card reader and mobile communication device advantageously results in a more efficient transaction. | 07-30-2009 |
20090190802 | Optimized biometric authentication method and system - An efficient exchange of messages in a system for authenticating access to a base device is facilitated through the selection of a particular biometric template from among a plurality of biometric templates. Rather than transmitting the template to a peripheral device, an indication of a location of the particular biometric template within the plurality of biometric templates is transmitted to the peripheral device. At the peripheral device, once the indication of the location and a biometric candidate are received, the particular biometric template may be located and compared to the biometric candidate. Finally, an indication of a result of the comparing may be transmitted to the base device. | 07-30-2009 |
20090193151 | Optimized Biometric Authentication Method and System - An efficient exchange of messages in a system for authenticating access to a base device is facilitated through the selection of a particular biometric template from among a plurality of biometric templates. Rather than transmitting the template to a peripheral device, an indication of a location of the particular biometric template within the plurality of biometric templates is transmitted to the peripheral device. At the peripheral device, once the indication of the location and a biometric candidate are received, the particular biometric template may be located and compared to the biometric candidate. Finally, an indication of a result of the comparing may be transmitted to the base device. | 07-30-2009 |
20090199007 | PROVIDING CERTIFICATE MATCHING IN A SYSTEM AND METHOD FOR SEARCHING AND RETRIEVING CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one broad aspect, certificate identification data that uniquely identifies a certificate associated with a message is generated. The certificate identification data can then be used to determine whether the certificate is stored on a computing device. Only the certificate identification data is needed to facilitate the determination alleviating the need for a user to download the entire message to the computing device in order to make the determination. | 08-06-2009 |
20090210718 | SYSTEM AND METHOD FOR UPDATING MESSAGE TRUST STATUS - Systems and methods for processing encoded messages within a wireless communications system are disclosed. A server within the wireless communications system performs signature verification of an encoded message and provides, together with the message, an indication to the mobile device that the message has been verified. In addition, the server provides supplemental information, such as, for example, a hash of the certificate or certificate chain used to verify the message, to the device, to enable the device to perform additional checks on the certificate, such as, for example, validity checks, trust checks, strength checks, or the like. | 08-20-2009 |
20090210729 | Automated Power Management of a Peripheral Device - Based on bounds of a period of reduced operation for a base device, a base device generates a power management message for transmission to a peripheral device. In the power management message, the base device inserts bounds of a period of reduced operation for the peripheral device. As a result, the periods of reduced operation conserve battery power in both devices and the two devices may reestablish a communications channel upon reaching the end of the period of reduced operation and resuming normal operations. | 08-20-2009 |
20090210936 | SYSTEM AND METHOD FOR PROVIDING REMOTE DATA ACCESS FOR A MOBILE COMMUNICATION DEVICE - In one exemplary embodiment, a system for providing data access between an information source and a mobile communication device includes a transcoding system and a first network device. The transcoding system includes a plurality of transcoders, and each transcoder is operable to transcode information content from a respective first content type into a respective second content type. The first network device is in communication with the transcoding system and includes a connection handler system. The connection handler system is operable to receive connection data for a connection between the information source and the mobile communication device and to select a corresponding connection handler. The connection handler is operable to select one or more transcoders from the plurality of transcoders to transcode the information content. | 08-20-2009 |
20090217044 | AUTOMATED KEY MANAGEMENT SYSTEM AND METHOD - A system and method for automatic key and certificate management is disclosed. In particular, a key store in a base computer contains both new and previously viewed cryptographic keys. In one embodiment, for each new key, if a corresponding certificate matches an existing certificate, the new certificate may be automatically downloaded to a mobile communications device without prompting a user. | 08-27-2009 |
20090224036 | System And Method Of Operation Control On An Electronic Device - Systems and methods of application control for use on an electronic device. A device can be configured to receive an operation request from an application. The device can determine whether the requested operation is allowed to be performed by the application based upon a stored authorization record and an application identifier associated with the application. The application is allowed to perform the requested operation based upon whether the requested operation is determined to be allowed to be performed by the application. | 09-10-2009 |
20090234931 | System and Method for Selecting Messaging Settings On A Messaging Client - A system and method of selecting messaging settings on a messaging client are provided. A data store configured to operate in conjunction with the messaging client stores records comprising messaging settings or characteristics for previously received and/or sent messages. The messaging client is configured to send outgoing messages, each of the messages having message characteristics, to determine whether a record for an addressed recipient of an outgoing message exists in the data store, and to select messaging settings to control the message characteristics of the outgoing message based on the record where a record exists. | 09-17-2009 |
20090240888 | SYSTEM AND METHOD FOR OBSCURING HAND-HELD DEVICE DATA TRAFFIC INFORMATION - Increasing security for a hand-held data processing device with communication functionality where such a device includes an access-ordered memory cache relating to communications carried out by the device. The hand-held data processing device has a locked state that is entered by the device receiving or initiating a trigger. On occurrence of the trigger to enter the locked state the memory cache is reordered so as to disrupt the access-ordering of the cache to obscure device traffic information and thus increase the security of the device in the locked state. | 09-24-2009 |
20090240943 | CHALLENGE RESPONSE-BASED DEVICE AUTHENTICATION SYSTEM AND METHOD - A challenge response scheme authenticates a requesting device by an authenticating device. The authenticating device generates and issues a challenge to the requesting device. The requesting device combines the challenge with a hash of a password provided by a user, and the combination is further hashed in order to generate a requesting encryption key used to encrypt the user supplied password. The encrypted user supplied password is sent to the authenticating device as a response to the issued challenge. The authenticating device generates an authenticating encryption key by generating the hash of a combination of the challenge and a stored hash of an authenticating device password. The authenticating encryption key is used to decrypt the response in order to retrieve the user-supplied password. If the user-supplied password hash matches the stored authenticating device password hash, the requesting device is authenticated and the authenticating device is in possession of the password. | 09-24-2009 |
20090240958 | SYSTEM AND METHOD FOR GENERATING A SECURE STATE INDICATOR ON A DISPLAY - A system and method for generating a security indicator on a display of a computing device (e.g. a mobile device), to indicate when the computing device is in a secure state while locked. A determination is made (e.g. by a data protection system) as to whether at least some of the secure data stored on the computing device can be decrypted by any applications on the computing device, while the computing device is in the locked state. An icon or other identifier can be displayed to indicate that the secure state has been attained. In one embodiment, the secure state is considered to have been attained, if it is determined that all tickets that have been issued to applications on the computing device while the computing device was unlocked have been released, and any decrypted encryption keys that may be used to decrypt the secure data have been deleted. | 09-24-2009 |
20090282247 | METHOD, SYSTEM AND DEVICE FOR AUTHENTICATING A USER - Embodiments described herein relate to a method and device for authenticating a user of a computer and a corresponding system using the method and device. The device is a handheld electronic device configured to receive a first authentication code and to generate a secure identification token. If the received first authentication code and the generated token match, a second authentication code is transmitted to a computer to unlock the computer. | 11-12-2009 |
20090292916 | Certificate Management and Transfer System and Method - A method and system for Certificate management and transfer between messaging clients are disclosed. When communications are established between a first messaging client and a second messaging client, one or more Certificates stored on the first messaging client may be selected and transferred to the second messaging client. Messaging clients may thereby share Certificates. Certificate management functions such as Certificate deletions, Certificate updates and Certificate status checks may also be provided. | 11-26-2009 |
20090296657 | System And Method For Providing Remote Data Access And Transcoding For A Mobile Communication Device - A system for providing information content over a network to a mobile communication device includes a transcoding system and a first network device. The transcoding system includes a plurality of transcoders. Each transcoder is operable to transcode the information content from a respective input content type into a respective output content type. The first network device is in communication with the transcoding system and includes a connection handler system. The first network device is operable to receive a first connection request that includes transcoder request data and to select a corresponding connection handler. The connection handler is operable to select one or more transcoders from the plurality of transcoders based on the transcoder request data. | 12-03-2009 |
20090307498 | USER-DEFINED PASSWORDS HAVING ASSOCIATED UNIQUE VERSION DATA TO ASSIST USER RECALL OF THE PASSWORD - An electronic device includes password protected functionality using a password that can be changed by the user. A user-specified password is stored in association with unique version data that is subsequently provided to help user recall of the password associated therewith. | 12-10-2009 |
20090327677 | SYSTEM AND METHOD FOR SURELY BUT CONVENIENTLY CAUSING RESET OF A COMPUTERIZED DEVICE - Enhanced reset logic is included in a user's computerized device so that the device owner (e.g., the user's employer) can assure prompt reset (e.g., to insure device use of newly downloaded software versions or other control or security data) while still allowing user convenience (e.g., some limited continued normal use of the device before reset is forced upon the user thus permitting the user to avoid possibly aggravating losses of data and/or ongoing usage). | 12-31-2009 |
20100003972 | Advanced System And Method For Dynamically Discovering, Provisioning And Accessing Host Services On Wireless Data Communication Devices - A system and method for pushing a service book to a mobile device is provided. A service book includes a plurality of fields relating to a host service. At least one mobile device is identified that is to receive the service book. Wireless propagation information is provided that identifies an address for the mobile device to receive the service book. The service book is transmitted over a wireless network using the address for the mobile device, and is received by the mobile device. | 01-07-2010 |
20100011417 | SYSTEM AND METHOD FOR PRIVILEGE MANAGEMENT AND REVOCATION - The present disclosure relates generally to the management of privileges associated with certain applications that are accessible by users of electronic equipment, such as, for example, networked computers, mobile wireless communications devices, and the like. In particular, the disclosure is directed to systems and methods for managing privileges associated with particular applications and for revoking these privileges in a timely and robust manner. For example, the device keeps track of which applications get access to which privileges. When policies or application control changes, the system detects which privileges have been revoked for which applications. This can be accomplished by simply comparing the old set of privileges with the new set of privileges. For each revoked privilege for a given application, the system determines if the application has ever accessed that privilege in the past. If an application has accessed a privilege that is now revoked at any time in the past, the device is reset. To ensure that privileges that may be passed between applications are not overlooked, the device is arranged to perform a reset if any revoked privilege accessible by the device is one that may be passed between applications. | 01-14-2010 |
20100020697 | METHOD AND SYSTEM FOR MONITORING THE HEALTH OF WIRELESS TELECOMMUNICATION NETWORKS - A method and system for monitoring the health of a wireless telecommunication network. Network health is monitored without placing an administrative burden on the carrier network itself, instead, this burden is placed on components that lie outside the carrier network and pass communications through it. The data service provider infrastructure sends a request to a mobile device, asking that it return data regarding its location. The carrier networks handling the request insert location information into the packet that is sent to the mobile device, but this information is not sent to the data service provider infrastructure itself. The mobile device harvests this location information from the packets it receives and inserts it in a response packet that finds its way back to the data service provider infrastructure. The data service provider infrastructure is able to collate this location data and to analyze it, determining the carrier network's health. | 01-28-2010 |
20100031371 | System and Method for Handling Peripheral Connections to Mobile Devices - Systems and methods for establishing a data connection between a mobile device and a peripheral. The mobile device is configured to determine whether to handle user approval of the data connection between the mobile device and the peripheral. Through the mobile device, an input mechanism is provided for the user to provide input. The input is used in determining whether to approve the data connection between the mobile device and the peripheral. | 02-04-2010 |
20100056228 | AUTHORIZATION STATUS FOR SMART BATTERY USED IN MOBILE COMMUNICATION DEVICE - A mobile communication device is capable of communicating with a battery authorization server. Determining an authorization status of a smart battery currently powering the mobile communication device involves an initial authorization process and a subsequent authorization process. The initial authorization process is conducted between the mobile communication device and the smart battery. If the initial authorization process is successful, it is followed by a subsequent authorization process between the mobile communication device and the battery authorization server. | 03-04-2010 |
20100082976 | SYSTEM AND METHOD FOR RETRIEVING RELATED CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, a certificate synchronization application is programmed to perform certificate searches by querying one or more certificate servers for all certificate authority (CA) certificates and cross-certificates on the certificate servers. In another embodiment, all certificates related to an identified certificate are retrieved from the certificate servers automatically by the certificate synchronization application, where the related certificates comprise at least one of one or more CA certificates and one or more cross-certificates. Embodiments of the invention facilitate at least partial automation of the downloading and establishment of certificate chains, thereby minimizing the need for users to manually search for individual certificates. | 04-01-2010 |
20100088504 | System and Method for Implementing an Enhanced Transport Layer Security Protocol - A system and method for implementing an enhanced transport layer security (ETLS) protocol is provided. The system includes a primary server, an ETLS servlet and an ETLS software module. The primary server operates on a computer network and is configured to communicate over the computer network using a non-proprietary security protocol. The ETLS servlet also operates on the computer network and is securely coupled to the primary server. The ETLS servlet is configured to communicate over the computer network using an ETLS security protocol. The ETLS software module operates on a mobile device, and is configured to communicate over the computer network using either the non-proprietary security protocol or the ETLS security protocol. Operationally, the ETLS software module initially contacts the server over the computer network using the non-proprietary security protocol, and subsequently contacts the server through the ETLS servlet using the ETLS security protocol. | 04-08-2010 |
20100091992 | ADDING RANDOMNESS INTERNALLY TO A WIRELESS MOBILE COMMUNICATION DEVICE - A mobile communication device is provided with an integral transducer used to refresh a random data pool without connection to an external source of new random data. | 04-15-2010 |
20100095352 | Message Service Indication System and Method - Systems and methods for displaying messages to a user, the messages having different levels of security, are provided herein. One method of displaying to a user messages having different levels of security includes receiving a message over a network includes examining an attribute of the message to determine a security-related level associated with the message. A visual indication for display to a device user is generated by the device. Such visual indication is indicative of the determined security-related level, and is configured to be visible during scrolling through a majority of the message text. | 04-15-2010 |
20100100730 | SYSTEM AND METHOD FOR SEARCHING AND RETRIEVING CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one broad aspect, a method is provided in which a certificate search request is received, a search of one or more certificate servers for certificates satisfying the request is performed, located certificates are retrieved and processed at a first computing device to determine data that uniquely identifies each located certificate, and search result data comprising the determined data is communicated to a second device (e.g. a mobile device) for use in determining whether each located certificate is already stored on the second device. | 04-22-2010 |
20100104102 | Systems and Methods to Securely Generate Shared Keys - A method for secure bidirectional communication between two systems is described. A first key pair and a second key pair are generated, the latter including a second public key that is generated based upon a shared secret. First and second public keys are sent to a second system, and third and fourth public keys are received from the second system. The fourth public key is generated based upon the shared secret. A master key for encrypting messages is calculated based upon a first private key, a second private key, the third public key and the fourth public key. For re-keying, a new second key pair having a new second public key and a new second private key is generated, and a new fourth public key is received. A new master key is calculated using elliptic curve calculations using the new second private key and the new fourth public key. | 04-29-2010 |
20100106970 | DEVICE AUTHENTICATION - Authentication of two devices in communication with a third device is achieved where the first and second devices each possess a shared secret value. The authentication includes communication of authentication values from the first device to the second device using the third device. Similarly, there is communication of values from the second device to the first device using the third device. The third device retains the communicated values. The values are calculated to permit the third device to authenticate the first and second devices without the third device receiving the shared secret value. The authentication may be used to establish a communications channel between the first and the second devices. | 04-29-2010 |
20100115264 | System and Method for Processing Encoded Messages for Exchange with a Mobile Data Communication Device - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device, the message is processed so as to modify the message with respect to one or more encryption and/or authentication aspects. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a host system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the host system to one or more receivers. | 05-06-2010 |
20100122089 | SYSTEM AND METHOD FOR COMPRESSING SECURE E-MAIL FOR EXCHANGE WITH A MOBILE DATA COMMUNICATION DEVICE - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device: the message is processed so as to modify the message with respect to encryption and/or authentication aspect. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a remote system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the remote system to one or more receivers. | 05-13-2010 |
20100124333 | System and Method for Processing Encoded Messages for Exchange with a Mobile Data Communication Device - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device, the message is processed so as to modify the message with respect to one or more encryption and/or authentication aspects. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a host system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the host system to one or more receivers. | 05-20-2010 |
20100138930 | System and Method of Secure Garbage Collection on a Mobile Device - A method and system for performing garbage collection involving sensitive information on a mobile device. Secure information is received at a mobile device over a wireless network. The sensitive information is extracted from the secure information. A software program operating on the mobile device uses an object to access the sensitive information. Secure garbage collection is performed upon the object after the object becomes unreachable. | 06-03-2010 |
20100146270 | System and Method of Indicating the Strength of Encryption - A method and system are provided for secure messaging on mobile computing devices. The method and system provide for an indication of a security trust level associated with a security method used with an electronic message. | 06-10-2010 |
20100148721 | BATTERY PACK AUTHENTICATION FOR A MOBILE DEVICE - Various embodiments are described herein for a mobile communication device that authenticates a smart battery prior to use. The mobile device includes a main processor and a device memory. The device memory stores first and second portions of security information used for authentication. The smart battery includes a battery processor and a battery memory. The battery memory stores a third portion of security information used for authentication. The main processor sends an authentication request including the first portion of security information to the battery processor, and the battery processor generates a response based on the first and third portions of security information and sends the generated response to the main processor. The smart battery is authenticated if the generated response matches the second portion of security information. | 06-17-2010 |
20100169979 | System and Method for Handling Restoration Operations on Mobile Devices - Systems and methods for handling restoration operations for a mobile device. A mobile device receives a kill pill command, wherein the command causes some or all data on the mobile device to be wiped. An indicator is stored to indicate that the kill pill command was sent to the mobile device. The indicator is used to determine whether a program should be wiped from the mobile device. | 07-01-2010 |
20100211888 | METHOD AND APPARATUS FOR PROVIDING MINIMAL STATUS DISPLAY - A method and apparatus are provided for a user of a mobile wireless communications device to have the option of viewing security status messages in a large or small format depending upon the user's preferences, form factor of the mobile communications device, or the like. In accordance with an exemplary aspect of the invention, a user may opt to display status icons on one row of a display and include an abbreviated text associated with each icon that is displayed when a particular icon is highlighted by the user. If no icon is highlighted by the user, the most important status text (determined based on predetermined criteria) is displayed. The user has the option of switching to a large status display to view additional information relating to the status icons. | 08-19-2010 |
20100223331 | SYSTEMS AND METHODS FOR PROTECTING HEADER FIELDS IN A MESSAGE - Embodiments of the systems and methods described herein facilitate the transmitting, receiving, and processing of encoded messages wherein the header fields in the message header are protected. In one embodiment, the contents of the header fields to be protected are inserted into the message body as one or more additional lines of text, for example, prior to encoding and transmitting the message to a message recipient. Upon receipt of the message, the message recipient processes the encoded message such that the contents of the protected header fields can be extracted from the message body. Accordingly, by inserting the contents of the header fields to be protected into the message body, the header fields may be protected using existing standards and protocols for facilitating secure message communication. | 09-02-2010 |
20100223342 | SYSTEMS AND METHODS FOR PROTECTING HEADER FIELDS IN A MESSAGE - Embodiments of the systems and methods described herein facilitate the transmitting, receiving, and processing of encoded messages wherein the header fields in the message header are protected. In one embodiment, the contents of the header fields to be protected are inserted into the message body as one or more additional lines of text, for example, prior to encoding and transmitting the message to a message recipient. Upon receipt of the message, the message recipient processes the encoded message such that the contents of the protected header fields can be extracted from the message body. Accordingly, by inserting the contents of the header fields to be protected into the message body, the header fields may be protected using existing standards and protocols for facilitating secure message communication. | 09-02-2010 |
20100235628 | System and Method for Accessing Keys for Secure Messaging - Methods and systems for handling on an electronic device a secure message to be sent to a recipient. Data is accessed about a security key associated with the recipient. The received data is used to perform a validity check related to sending a secure message to the recipient. The validity check may uncover an issue that exists with sending a secure message to the recipient. A reason is determined for the validity check issue and is provided to the mobile device's user. | 09-16-2010 |
20100235893 | SYSTEM AND METHOD FOR ASSOCIATING MESSAGE ADDRESSES WITH CERTIFICATES - A system and method for associating message addresses with certificates, in which one or more secondary message addresses are identified and associated with a user-selected certificate. The secondary message addresses are saved in a data structure that resides in a secure data store on a computing device, such as a mobile device. When a message is to be encrypted and sent to an individual using a particular certificate, an address mismatch would not be detected so long as the address to which the message is to be sent matches any of the message addresses associated with the certificate. The message addresses associated with the certificate include any message addresses contained within the certificate itself (“primary message addresses”) as well as any secondary message addresses that have been subsequently associated with the certificate. | 09-16-2010 |
20100241867 | SYSTEM AND METHOD FOR ENCRYPTED SMART CARD PIN ENTRY - A smart card, system, and method for securely authorizing a user or user device using the smart card is provided. The smart card is configured to provide, upon initialization or a request for authentication, a public key to the user input device such that the PIN or password entered by the user is encrypted before transmission to the smart card via a smart card reader. The smart card then decrypts the PIN or password to authorize the user. Preferably, the smart card is configured to provide both a public key and a nonce to the user input device, which then encrypts a concatenation or other combination of the nonce and the user-input PIN or password before transmission to the smart card. The smart card reader thus never receives a copy of the PIN or password in the clear, allowing the smart card to be used with untrusted smart card readers. | 09-23-2010 |
20100242086 | SYSTEM AND METHOD FOR HANDLING DATA TRANSFERS - Systems and methods for managing data transfers between a secure location and a less secure location. A data transfer checker operating on a mobile device determines whether an attempted data transfer between two locations is permitted. If it is not permitted, then the data transfer is prevented and the user may be notified of the data transfer prevention. | 09-23-2010 |
20100250948 | SYSTEM AND METHOD FOR CHECKING DIGITAL CERTIFICATE STATUS - A method for handling digital certificate status requests between a client system and a proxy system is provided. The method includes the steps of receiving at the proxy system digital certificate status request data transmitted from the client system and generating query data for the digital certificate status in response to receiving the digital certificate status request data. The query data is transmitted to a status provider system, and status data from the status provider system in response to the query data is received at the proxy system. Digital certificate status data based on the status data received is generated and transmitting to the client system. | 09-30-2010 |
20100259549 | SYSTEMS, DEVICES, AND METHODS FOR DISPLAYING A BARCODE AT A COMPUTING DEVICE - Embodiments of the systems, devices, and methods described herein generally facilitate the display of a barcode at a computing device for capture by another computing device. In accordance with one example embodiment, a barcode is generated at a first computing device, the barcode is displayed on a display screen associated with the first computing device, and one or more display properties of the barcode are dynamically modified while it is displayed at the first computing device until the barcode is successfully captured (e.g. by a camera) at a second computing device. | 10-14-2010 |
20100262579 | Reducing Transmission of Location Updates Based on Loitering - The mobile communications device may reduce the amount of location updates transmitted by applying algorithm-based filters. By setting a minimum distance threshold applied to a location update, the mobile communication device reduces the amount of location updates transmitted when the mobile communication device is “loitering” at a specific location. This disclosure describes a use of a minimum threshold used in loitering analysis and improvements to loitering calculations. | 10-14-2010 |
20100262657 | METHOD OF SHARING IMAGE BASED FILES BETWEEN A GROUP OF COMMUNICATION DEVICES - Methods and associated mobile devices are disclosed for sharing an image based file between a group of communication devices. The image based file is scaled based on a display capacity of the devices within the group. The group of communication devices including a sending mobile communications device. The method includes: accessing from a memory of the sending mobile communication device a display capacity of each of the devices in the group, determining whether the resolution of the image based file exceeds an image resolution threshold based on the display capacity of the devices in the group, and if so scaling the image based file to within the image resolution threshold, and sending the image based file from the sending mobile communication device to one or more receiving communication devices in the group. | 10-14-2010 |
20100262660 | METHOD, SYSTEM AND MOBILE DEVICE FOR IMPLEMENTING A SERVERLESS PRESENCE SYSTEM - A method, system and mobile communication device for implementing a serverless presence system are provided. In accordance with one embodiment, there is provided a method of sharing presence information between a group of mobile communication devices configured to communicate over a wireless network, the mobile communication devices defining the group members of the group, the method comprising: sending a data packet from a sending group member to at least one of the other group members; determining a presence status in accordance with whether a delivery acknowledgement is received by the sending group member from each of the other group members to which the data packet was sent within a predetermined duration from the sending of the data packet; storing the determined presence status in memory; and sending a presence update comprising the determined presence status of at least some of the group members to all of the group members. | 10-14-2010 |
20100262828 | SYSTEMS, DEVICES, AND METHODS FOR SECURELY TRANSMITTING A SECURITY PARAMETER TO A COMPUTING DEVICE - Embodiments of the systems, devices, and methods described herein generally facilitate the secure transmittal of security parameters. In accordance with at least one embodiment, a representation of first data comprising a password is generated at the first computing device as an image or audio signal. The image or audio signal is transmitted from the first computing device to the second computing device. The password is determined from the image or audio signal at the second computing device. A key exchange is performed between the first computing device and the second computing device wherein a key is derived at each of the first and second computing devices. In at least one embodiment, one or more security parameters (e.g. one or more public keys) are exchanged between the first and second computing devices, and techniques for securing the exchange of security parameters or authenticating exchanged security parameters are generally disclosed herein. | 10-14-2010 |
20100262829 | SYSTEMS, DEVICES, AND METHODS FOR SECURELY TRANSMITTING A SECURITY PARAMETER TO A COMPUTING DEVICE - Embodiments of the systems, devices, and methods described herein generally facilitate the secure transmittal of security parameters. In accordance with at least one embodiment, a representation of first data comprising a password is generated at the first computing device as an image or audio signal. The image or audio signal is transmitted from the first computing device to the second computing device. The password is determined from the image or audio signal at the second computing device. A key exchange is performed between the first computing device and the second computing device wherein a key is derived at each of the first and second computing devices. In at least one embodiment, one or more security parameters (e.g. one or more public keys) are exchanged between the first and second computing devices, and techniques for securing the exchange of security parameters or authenticating exchanged security parameters are generally disclosed herein. | 10-14-2010 |
20100262915 | PUBLISHING LOCATION FOR A LIMITED TIME - A method and user device for limiting a time for which location data sharing is enabled for a user device of a data sharing group, the data sharing group comprising at least two user devices inclusive of the user device, each user device of the data sharing group configured to store data shared by user devices of the data sharing group on the respective user device and to maintain a list of the user devices in the data sharing group. The method comprises receiving an instruction through a user interface on the user device indicating that location data sharing is to be enabled for a limited time period after which location sharing is to be disabled, obtaining location data for the user device during the limited time period; and sending the location data to at least one other user device of the sharing group during the limited time period. | 10-14-2010 |
20100275029 | SYSTEM AND METHOD OF INSTALLING SOFTWARE APPLICATIONS ON ELECTRONIC DEVICES - In at least one embodiment, there is provided a mobile wireless device comprising: a microprocessor and memory, the memory comprising a set of control settings used to control a plurality of device operations; wherein the microprocessor is configured to: receive a first digital signature key for verifying digital signatures on software applications to be installed on the device; determine if any digital signature keys for verifying digital signatures on software applications to be installed on the device exist on the device, and if not, store the received first digital signature key in the memory; receive a software application for installation on the device; verify a digital signature on the received software application using the first digital signature key; and install the software application on the device if the digital signature on the received software application is successfully verified. | 10-28-2010 |
20100284536 | SYSTEM AND METHOD FOR OBTAINING CERTIFICATE STATUS OF SUBKEYS - Systems and methods for updating status of digital certificate subkeys. A request is made to a key server to verify if a given key is revoked. If it is not, then the key with its subkeys is acquired from the key server. If one or more subkeys or signatures of the subkeys are different in the acquired key, then the key is replaced. | 11-11-2010 |
20100288839 | METHOD, SYSTEM AND SMART CARD READER FOR MANAGEMENT OF ACCESS TO A SMART CARD - The described embodiments relate generally to devices, methods and systems for managing access to a memory card, such as a smart card, by a plurality of accessing devices. Certain embodiments relate to a smart card reader (SCR) for managing access to a smart card by a plurality of accessing devices. The SCR comprises: a processor; a channel manager responsive to the processor for interfacing with the smart card; and a communication interface responsive to the channel manager for communicating with the plurality of accessing devices. | 11-18-2010 |
20100325741 | System and Method of Owner Control of Electronic Devices - A system and method of owner control of an electronic device are provided. Owner identification information, such as data integrity and source authentication information, is stored on the electronic device. Received owner control information is stored on the electronic device where the integrity of the received owner control information is verified and/or the source is authenticated using the owner identification information. In one embodiment, owner identification information comprises an owner signature private key. | 12-23-2010 |
20100332824 | SYSTEM AND METHOD OF MOBILE LIGHTWEIGHT CRYPTOGRAPHIC DIRECTORY ACCESS - A system for handling an LDAP service request to an LDAP server for an LDAP service comprises a client program executable on a client system and a handler program executable on a handler system. The client program is operable to generate LDAP service request data corresponding to the LDAP service and provide the LDAP service request data for transmission from the client system, and further operable to receive LDAP service reply data in response to the LDAP service request data. The handler program is operable to receive the LDAP service request data transmitted from the client system and execute the LDAP service request to the LDAP server, receive LDAP service reply data from the LDAP server during one or more passes, and upon completion of the LDAP service, provide the LDAP service reply data for transmission to the client system in a single pass. | 12-30-2010 |
20100332848 | SYSTEM AND METHOD FOR CODE SIGNING - A system and method for code signing. The entities may be software application developers or other individuals or entities that wish to have applications digitally signed. Signing of the applications may be required in order to enable the applications to access sensitive APIs and associated resources of a computing device when the applications are executed on the computing device. | 12-30-2010 |
20110009133 | System and Method for Managing Items in a List Shared by a Group of Mobile Devices - A method and system are provided for sharing data amongst a group of a plurality of mobile devices without requiring a database or server to centrally store the shared data. The shared data is instead stored by each group member individually while controlling the manner in which the shared data is updated. The shared data can be used to manage tasks in a group project. To manage updates, the shared data is atomized such that individual databases in the shared data are separated or otherwise delineated into one or more records, each record having associated therewith, a value. To maintain a common copy of the shared data at each device, any update is sent to all group members using an intermediate message exchange service that is capable of transmitting a sent message to more than one recipient if necessary. In this way, the updates are multicast to the group. To manage the content of the shared data, each update comprises one or more changes to a current copy of a corresponding record. | 01-13-2011 |
20110010340 | System and Method for Managing Items in a List Shared by a Group of Mobile Devices - A method and system are provided for sharing data amongst a group of a plurality of mobile devices without requiring a database or server to centrally store the shared data. The shared data is instead stored by each group member individually while controlling the manner in which the shared data is updated. The shared data can be used to manage tasks in a group project. To manage updates, the shared data is atomized such that individual databases in the shared data are separated or otherwise delineated into one or more records, each record having associated therewith, a value. To maintain a common copy of the shared data at each device, any update is sent to all group members using an intermediate message exchange service that is capable of transmitting a sent message to more than one recipient if necessary. In this way, the updates are multicast to the group. To manage the content of the shared data, each update comprises one or more changes to a current copy of a corresponding record. | 01-13-2011 |
20110010554 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. For example, when the mobile device is being used to decrypt a cryptographically secured electronic message, and a problem is encountered, program logic of the device provides the user with (1) an indication of exactly what problem is preventing opening of the message, for example, a required cryptographic key is not available; (2) an indication of exactly what may be done to overcome the problem, for example, what utilities should be run on the device; and (3) exactly what data, if any, needs to be downloaded to the device, for example, what cryptographic keys should be downloaded. | 01-13-2011 |
20110010556 | System and Method of Secure Authentication Information Distribution - A system and method of distributing authentication information for remotely accessing a computer resource. A request for authentication information, including identity information, is received from a user of a remote device. When the user is authenticated based on the identity information, requested authentication information is retrieved and returned to the remote device. The authentication information, or information generated from the authentication information, is then used for remotely accessing the computer resource. | 01-13-2011 |
20110010705 | System and Method of Owner Application Control of Electronic Devices - Systems and methods of owner application control of an electronic device are provided. Owner application control information is stored on the electronic device and/or one or more remote servers. Owner application control information is consulted to determine if one or more required applications are available for execution on the electronic device. If not, one or more required applications not available are downloaded and installed. This could be in a manner transparent to the user of the electronic device. If one or more required applications are not available on the electronic device, the device can be functionally disabled in whole, or in part, until one or more required applications are available. | 01-13-2011 |
20110022948 | METHOD AND SYSTEM FOR PROCESSING A MESSAGE IN A MOBILE COMPUTER DEVICE - A system and method for converting an initial message residing in a mobile computer device, which is capable of wireless access to a computer network, into a processed message. The system includes a menu option module that prompts a user of the mobile computer device to select a processing option for the initial message. When the user selects an encryption option, text is wirelessly sent to at least one server on the computer network for encryption. | 01-27-2011 |
20110072270 | SYSTEM AND METHOD FOR SUPPORTING MULTIPLE CERTIFICATE STATUS PROVIDERS ON A MOBILE COMMUNICATION DEVICE - A method and system for supporting multiple digital certificate status information providers are disclosed. An initial service request is prepared at a proxy system client module and sent to a proxy system service module operating at a proxy system. The proxy system prepares multiple service requests and sends the service requests to respective multiple digital certificate status information providers. One of the responses to the service requests received from the status information providers is selected, and a response to the initial service request is prepared and returned to the proxy system client module based on the selected response. | 03-24-2011 |
20110081860 | METHODS AND DEVICES FOR FACILITATING BLUETOOTH PAIRING USING A CAMERA AS A BARCODE SCANNER - Embodiments of the systems, devices and methods described herein generally facilitate performing Bluetooth pairing between a first device and a second device. In accordance with one example embodiment, a first device generates a barcode that encodes Bluetooth pairing data for transmission to the second device, wherein the pairing data comprises a Bluetooth address associated with the first device, and wherein the pairing data further comprises a personal identification number usable to complete the Bluetooth pairing, the barcode is transmitted to the second device, and Bluetooth pairing is performed with the second device. | 04-07-2011 |
20110099381 | SYSTEM AND METHOD FOR RETRIEVING CERTIFICATES ASSOCIATED WITH SENDERS OF DIGITALLY SIGNED MESSAGES - A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user's computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit. | 04-28-2011 |
20110126013 | Systems and Methods to Securely Generate Shared Keys - A method for secure bidirectional communication between two systems is described. A first key pair and a second key pair are generated, the latter including a second public key that is generated based upon a shared secret. First and second public keys are sent to a second system, and third and fourth public keys are received from the second system. The fourth public key is generated based upon the shared secret. A master key for encrypting messages is calculated based upon a first private key, a second private key, the third public key and the fourth public key. For re-keying, a new second key pair having a new second public key and a new second private key is generated, and a new fourth public key is received. A new master key is calculated using elliptic curve calculations using the new second private key and the new fourth public key. | 05-26-2011 |
20110154028 | SYSTEM AND METHOD FOR ADMINISTERING DIGITAL CERTIFICATE CHECKING - Systems and methods for handling electronic messages. An electronic message that is associated with a digital certificate is to be processed. A decision whether to check the validity of the digital certificate is based upon digital certificate checking criterion. An IT administrator may provide to one or more devices configuration data that establishes the digital certificate checking criterion. | 06-23-2011 |
20110154047 | USER-DEFINED PASSWORDS HAVING ASSOCIATED UNIQUE VERSION DATA TO ASSIST USER RECALL OF THE PASSWORD - An electronic device includes password protected functionality using a password that can be changed by the user. A user-specified password is stored in association with unique version data that is subsequently provided to help user recall of the password associated therewith. | 06-23-2011 |
20110167484 | APPARATUS AND METHOD FOR INTEGRATING AUTHENTICATION PROTOCOLS IN THE ESTABLISHMENT OF CONNECTIONS BETWEEN COMPUTING DEVICES - An apparatus and method for integrating authentication protocols in the establishment of connections between a controlled-access first computing device and at least one second computing device. In one embodiment, network access user authentication data needed to access the at least one second computing device is transmitted to an authentication server automatically if the user has access to use the first computing device, thereby not requiring the user to manually enter the authentication data needed for such access at the first computing device. The network access user authentication data may be, for example, retrieved from a memory store of the first computing device and/or generated in accordance with an authentication data generating algorithm. | 07-07-2011 |
20110191642 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. | 08-04-2011 |
20110196989 | SYNCHRONIZING CERTIFICATES BETWEEN A DEVICE AND SERVER - Systems and methods for processing messages within a wireless communications system are disclosed. A server within the wireless communications system maintains a list of certificates contained in devices that use the server. The server synchronizes or updates the list of certificates based on information contained in message to and from the device. By providing a server with certificates associated with devices that use the server, and providing a system and method for synchronizing the certificates between the device and server, the server can implement powerful features that will improve the efficiency, speed and user satisfaction of the devices. The exemplary embodiments also enable advantageous bandwidth savings by preventing transmission of certificates unnecessarily | 08-11-2011 |
20110213977 | METHODS AND DEVICES FOR COMPUTING A SHARED ENCRYPTION KEY - Embodiments described herein are generally directed to methods and devices in which computing devices, and mobile devices in particular, establish a shared encryption key for a device group comprising at least three mobile devices. In accordance with one example embodiment, a public key of a mobile device is computed using a shared password as performed in accordance with authentication acts of a password-authenticated key exchange protocol, and transmitted to at least one other mobile device of the group. A public value is computed as a function of a mobile device private key and of a public key of at least one other mobile device of the device group, in accordance with a group key establishment protocol. The public values of the mobile devices of the device group are used to compute a shared encryption key. | 09-01-2011 |
20110231646 | SYSTEM AND METHOD FOR PROCESSING ENCODED MESSAGES FOR EXCHANGE WITH A MOBILE DATA COMMUNICATION DEVICE - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device, the message is processed so as to modify the message with respect to one or more encryption and/or authentication aspects. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a host system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the host system to one or more receivers. | 09-22-2011 |
20110239292 | SYSTEM AND METHOD OF SECURITY FUNCTION ACTIVATION FOR A MOBILE ELETRONIC DEVICE - A system and a method are provided for activating one or more security functions of a mobile electronic device. The system and method provide for the activation of one or more security functions when the mobile electronic device is stored in a mobile electronic device holder. Security functions include, for example, closing a data item currently being displayed on the mobile electronic device, erasing decrypted information stored on the mobile electronic device, locking the mobile electronic device, and performing a secure garbage collection operation. | 09-29-2011 |
20110271115 | CERTIFICATE INFORMATION STORAGE SYSTEM AND METHOD - A system and method of storing in a computer device digital certificate data from a digital certificate are provided. When a digital certificate is received at the computer device, it is determined whether the digital certificate data in the digital certificate is stored in a first memory store in the computer device. The digital certificate data is stored in the first memory store upon determining that the digital certificate data is not stored in the first memory store. | 11-03-2011 |
20110271322 | System and Method for Configuring Devices for Secure Operations - Systems and methods for establishing a security-related mode of operation for computing devices. A policy data store contains security mode configuration data related to the computing devices. Security mode configuration data is used in establishing a security-related mode of operation for the computing devices. | 11-03-2011 |
20110276800 | Message Service Indication System and Method - Systems and methods for operation upon a data processing device for handling messages with different levels of security, are provided herein. A method for operation upon a data processing device for handling messages with different levels of security includes examining an attribute of a message received over a network in order to determine a security-related level associated with the message, generating a visual indication for display to a device user that is indicative of the determined security-related level, wherein the generated visual indication is applied to a displayed portion of text associated with the message, and changing the visual indication when the message viewed. | 11-10-2011 |
20110281559 | BATTERY AUTHORIZATION SERVER - A mobile communication device is capable of communicating with a battery authorization server. Determining an authorization status of a smart battery currently powering the mobile communication device involves an initial authorization process and a subsequent authorization process. The initial authorization process is conducted between the mobile communication device and the smart battery. If the initial authorization process is successful, it is followed by a subsequent authorization process between the mobile communication device and the battery authorization server. | 11-17-2011 |
20110283109 | SYSTEM AND METHOD FOR SELECTING MESSAGING SETTINGS ON A MESSAGING CLIENT - A system and method of selecting messaging settings on a messaging client are provided. A data store configured to operate in conjunction with the messaging client stores records comprising messaging settings or characteristics for previously received and/or sent messages. The messaging client is configured to send outgoing messages, each of the messages having message characteristics, to determine whether a record for an addressed recipient of an outgoing message exists in the data store, and to select messaging settings to control the message characteristics of the outgoing message based on the record where a record exists. | 11-17-2011 |
20110299687 | AUTOMATED KEY MANAGEMENT SYSTEM AND METHOD - A system and method for automatic key and certificate management is disclosed. In particular, a key store in a base computer contains both new and previously viewed cryptographic keys. In one embodiment, for each new key, if a corresponding certificate matches an existing certificate, the new certificate may be automatically downloaded to a mobile communications device without prompting a user. | 12-08-2011 |
20110320807 | SYSTEM AND METHOD FOR PROCESSING ENCODED MESSAGES - Systems and methods for processing encoded messages at a message receiver. A received encoded message is decoded and stored in a memory. The stored decoded message can subsequently be displayed or otherwise processed without repeating the decoding operations. Decoding operations may include signature verification, decryption, other types of decoding, or some combination thereof. | 12-29-2011 |
20120017272 | System and Method of Security Function Activation for a Mobile Electronic Device - A system and a method are provided for activating one or more security functions of a mobile electronic device. The system and method provide for the activation of one or more security functions when the mobile electronic device is stored in a mobile electronic device holder. Security functions include, for example, closing a data item currently being displayed on the mobile electronic device, erasing decrypted information stored on the mobile electronic device, locking the mobile electronic device, and performing a secure garbage collection operation. | 01-19-2012 |
20120036582 | SYSTEM AND METHOD TO FORCE A MOBILE DEVICE INTO A SECURE STATE - Embodiments relate to systems and methods for implementation on a mobile device to force the mobile device into a secure state upon detection or determination of a triggering event. Once it is determined that a triggering event has occurred, each application operating on the mobile device is caused to immediately unreference sensitive objects and a secure garbage collection operation is performed upon the unreferenced sensitive objects to render data associated therewith unreadable. The mobile device is then caused to enter a secure state, in which the mobile device cannot be accessed without authorization. A microprocessor within the mobile device is configured to determine the existence of the triggering event according to a configuration data structure and to perform the secure garbage collection. | 02-09-2012 |
20120045057 | CHALLENGE RESPONSE-BASED DEVICE AUTHENTICATION SYSTEM AND METHOD - A challenge response scheme authenticates a requesting device by an authenticating device. The authenticating device generates and issues a challenge to the requesting device. The requesting device combines the challenge with a hash of a password provided by a user, and the combination is further hashed in order to generate a requesting encryption key used to encrypt the user supplied password. The encrypted user supplied password is sent to the authenticating device as a response to the issued challenge. The authenticating device generates an authenticating encryption key by generating the hash of a combination of the challenge and a stored hash of an authenticating device password. The authenticating encryption key is used to decrypt the response in order to retrieve the user-supplied password. If the user-supplied password hash matches the stored authenticating device password hash, the requesting device is authenticated and the authenticating device is in possession of the password. | 02-23-2012 |
20120060026 | CERTIFICATE MANAGEMENT AND TRANSFER SYSTEM AND METHOD - A method and system for Certificate management and transfer between messaging clients are disclosed. When communications are established between a first messaging client and a second messaging client, one or more Certificates stored on the first messaging client may be selected and transferred to the second messaging client. Messaging clients may thereby share Certificates. Certificate management functions such as Certificate deletions, Certificate updates and Certificate status checks may also be provided. | 03-08-2012 |
20120066505 | SYSTEM AND METHOD FOR REMOTE RESET OF PASSWORD AND ENCRYPTION KEY - A method and system are provided for resetting a password using a first device and a second device. The second device stores data encrypted using a content protection key, which itself is stored in encrypted form using the password, and is also stored in encrypted form using a key encryption key. The first device receives a public key from a second device. The first device uses the public key and a stored private key to generate a further public key. The further public key and a new password are sent to the second device. The second device uses the further public key to generate the key encryption key, which is then used to decrypt the encrypted content protection key. A new content encryption key is created, and encrypted using the new password. | 03-15-2012 |
20120072722 | SYSTEM AND METHOD OF PROTECTING DATA ON A COMMUNICATION DEVICE - A system and method of protecting data on a communication device are provided. Data received when the communication device is in a first operational state is encrypted using a first cryptographic key and algorithm. When the communication device is in a second operational state, received data is encrypted using a second cryptographic key and algorithm. Received data is stored on the communication device in encrypted form. | 03-22-2012 |
20120079269 | SYNCHRONIZING CERTIFICATES BETWEEN A DEVICE AND SERVER - Systems and methods for processing messages within a wireless communications system are disclosed. A server within the wireless communications system maintains a list of certificates contained in devices that use the server. The server synchronizes or updates the list of certificates based on information contained in message to and from the device. By providing a server with certificates associated with devices that use the server, and providing a system and method for synchronizing the certificates between the device and server, the server can implement powerful features that will improve the efficiency, speed and user satisfaction of the devices. The exemplary embodiments also enable advantageous bandwidth savings by preventing transmission of certificates unnecessarily | 03-29-2012 |
20120079603 | SELECTIVELY WIPING A REMOTE DEVICE - A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level. | 03-29-2012 |
20120084556 | SYSTEM AND METHOD FOR RETRIEVING RELATED CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, all certificates related to an identified certificate are retrieved from the certificate servers automatically by the certificate synchronization application, where the related certificates comprise at least one of one or more CA certificates and one or more cross-certificates. Embodiments described herein facilitate at least partial automation of the downloading and establishment of certificate chains, thereby minimizing the need for users to manually search for individual certificates. | 04-05-2012 |
20120084587 | Automated Power Management of a Peripheral Device - Based on bounds of a period of reduced operation for a base device, a base device generates a power management message for transmission to a peripheral device. In the power management message, the base device inserts bounds of a period of reduced operation for the peripheral device. As a result, the periods of reduced operation conserve battery power in both devices and the two devices may reestablish a communications channel upon reaching the end of the period of reduced operation and resuming normal operations. | 04-05-2012 |
20120117616 | WIRELESS/WIRED MOBILE COMMUNICATION DEVICE WITH OPTION TO AUTOMATICALLY BLOCK WIRELESS COMMUNICATION WHEN CONNECTED FOR WIRED COMMUNICATION - A mobile wireless communication device also has at least one wired communication port. Enhanced security is achieved by permitting the device to automatically disable one or more wireless ports when connected to a wired port. Specific combinations/permutations of such automatic control may be effected by use of an IT Policy also resident on the device. | 05-10-2012 |
20120117637 | MANAGEMENT OF MULTIPLE CONNECTIONS TO A SECURITY TOKEN ACCESS DEVICE - A security token access device, a user device such as a computing device or communications device, and a method for managing multiple connections between multiple user devices and the access device. The access device maintains connection information, including security information, for each user device securely paired with the access device. Each time a new user device is paired with the access device, the access device transmits a notification to the user devices already paired to the user device. A user may provide instructions to the access device to terminate a pairing with one of the user devices by overwriting at least a portion of the connection information associated with the designated user device. A user device may further request a listing of all user devices currently paired with the access device. | 05-10-2012 |
20120122425 | DISPLAY OF SECURE MESSAGES ON A MOBILE COMMUNICATION DEVICE - A mobile communications device for the display of an incrementally received message includes a message viewer application for scanning the received portions of the message. On determination that the received portion of the message includes a first displayable portion of the message content, the system signals to a message server to halt the message server from forwarding further portions of the message content. The system provides a mechanism for the user of the mobile communications device to cause the mobile communications device to further signal the message server to recommence the forwarding of further portions of the secure message content to permit the verification of the e-mail based on the further portions of the secure message content. | 05-17-2012 |
20120124382 | SYSTEM AND METHOD FOR CHECKING DIGITAL CERTIFICATE STATUS - A method for handling digital certificate status requests between a client system and a proxy system is provided. The method includes the steps of receiving at the proxy system digital certificate status request data transmitted from the client system and generating query data for the digital certificate status in response to receiving the digital certificate status request data. The query data is transmitted to a status provider system, and status data from the status provider system in response to the query data is received at the proxy system. Digital certificate status data based on the status data received is generated and transmitting to the client system. | 05-17-2012 |
20120144196 | System and Method for Secure Control of Resources of Wireless Mobile Communication Devices - Systems and methods for secure control of a wireless mobile communication device are disclosed. Each of a plurality of domains includes at least one wireless mobile communication device asset. When a request to perform an operation affecting at least one of the assets is received, it is determined whether the request is permitted by the domain that includes the at least one affected asset, by determining whether the entity with which the request originated has a trust relationship with the domain, for example. The operation is completed where it is permitted by the domain. Wireless mobile communication device assets include software applications, persistent data, communication pipes, and configuration data, properties or user or subscriber profiles. | 06-07-2012 |
20120159150 | SYSTEM AND METHOD FOR IMPLEMENTING AN ENHANCED TRANSPORT LAYER SECURITY PROTOCOL - A system and method for implementing an enhanced transport layer security (ETLS) protocol is provided. The system includes a primary server, an ETLS servlet and an ETLS software module. The primary server operates on a computer network and is configured to communicate over the computer network using a non-proprietary security protocol. The ETLS servlet also operates on the computer network and is securely coupled to the primary server. The ETLS servlet is configured to communicate over the computer network using an ETLS security protocol. The ETLS software module operates on a mobile device, and is configured to communicate over the computer network using either the non-proprietary security protocol or the ETLS security protocol. Operationally, the ETLS software module initially contacts the server over the computer network using the non-proprietary security protocol, and subsequently contacts the server through the ETLS servlet using the ETLS security protocol. | 06-21-2012 |
20120179917 | CODE SIGNING SYSTEM AND METHOD - A code signing system and method is provided. The code signing system operates in conjunction with a signed software application having a digital signature and includes an application platform, an application programming interface (API), and a virtual machine. The API is configured to link the software application with the application platform. The virtual machine verifies the authenticity of the digital signature in order to control access to the API by the software application. | 07-12-2012 |
20120191978 | SYSTEM AND METHOD FOR SECURING DATA FOR REDIRECTING AND TRANSPORTING OVER A WIRELESS NETWORK - A system and method for securing data for redirecting and transporting over a wireless network are generally described herein. In accordance with some embodiments, when it is determined that an electronic message that is protected with a first encryption algorithm is to be transported over a wireless network to a wireless device, the electronic message is converted to a data structure that is recognizable by the wireless device and the data structure is encrypted with a second encryption algorithm using a random session key. The second encryption algorithm has a stronger security than the first encryption algorithm. The random session key is encrypted with a public key and packets that comprise the encrypted data structure and the encrypted random session key are transmitted to the wireless device over the wireless network. | 07-26-2012 |
20120198236 | SYSTEMS, DEVICES, AND METHODS FOR SECURELY TRANSMITTING A SECURITY PARAMETER TO A COMPUTING DEVICE - Embodiments of the systems, devices, and methods described herein generally facilitate the secure transmittal of security parameters. In accordance with at least one embodiment, a representation of first data comprising a password is generated at the first computing device as an audio signal. The audio signal is transmitted from the first computing device to the second computing device. The password is determined from the audio signal at the second computing device. A key exchange is performed between the first computing device and the second computing device wherein a key is derived at each of the first and second computing devices. In at least one embodiment, one or more security parameters (e.g. one or more public keys) are exchanged between the first and second computing devices, and techniques for securing the exchange of security parameters or authenticating exchanged security parameters are generally disclosed herein. | 08-02-2012 |
20120216032 | MULTIPLE-STAGE SYSTEM AND METHOD FOR PROCESSING ENCODED MESSAGES - System and methods for processing encoded messages at a message receiver are described. Encoded message processing is performed in multiple stages. In a first stage, a new received message is at least partially decoded by performing any decoding operations that require no user input and a resulting context object is stored in memory, before a user is notified that the new message has been received. When the user accesses the new message, any further required decoding operations are performed on the stored context object in a second stage of processing. The message can subsequently be displayed or otherwise processed relatively quickly, without repeating the first stage decoding operations. Decoding operations may include signature verification, decryption, other types of decoding, or some combination thereof. | 08-23-2012 |
20120221841 | SYSTEM AND METHOD FOR SURELY BUT CONVENIENTLY CAUSING RESET OF A COMPUTERIZED DEVICE - Enhanced reset logic is included in a user's computerized device so that the device owner (e.g., the user's employer) can assure prompt reset (e.g., to insure device use of newly downloaded software versions or other control or security data) while still allowing user convenience (e.g., some limited continued normal use of the device before reset is forced upon the user thus permitting the user to avoid possibly aggravating losses of data and/or ongoing usage). | 08-30-2012 |
20120233459 | System and Method for Content Protection on a Computing Device - Systems and methods for handling user interface field data. A system and method can be configured to receive input which indicates that the mobile device is to enter into a protected mode. Data associated with fields displayed on a user interface are stored in a secure form on the mobile device. After the mobile device leaves the protected mode, the stored user interface filed data is accessed and used to populate one or more user interface fields with the accessed user interface field data for display to a user. | 09-13-2012 |
20120239927 | SYSTEM AND METHOD FOR SEARCHING AND RETRIEVING CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one broad aspect, a method is provided in which a certificate search request is received, a search of one or more certificate servers for certificates satisfying the request is performed, located certificates are retrieved and processed at a first computing device to determine data that uniquely identifies each located certificate, and search result data comprising the determined data is communicated to a second device (e.g. a mobile device) for use in determining whether each located certificate is already stored on the second device. | 09-20-2012 |
20120246706 | SYSTEMS, DEVICES, AND METHODS FOR SECURELY TRANSMITTING A SECURITY PARAMETER TO A COMPUTING DEVICE - Embodiments of the systems, devices, and methods described herein generally facilitate the secure transmittal of security parameters. In accordance with at least one embodiment, a representation of first data comprising a password is generated at the first computing device as an image or audio signal. The image or audio signal is transmitted from the first computing device to the second computing device. The password is determined from the image or audio signal at the second computing device. A key exchange is performed between the first computing device and the second computing device wherein a key is derived at each of the first and second computing devices. In at least one embodiment, one or more security parameters (e.g. one or more public keys) are exchanged between the first and second computing devices, and techniques for securing the exchange of security parameters or authenticating exchanged security parameters are generally disclosed herein. | 09-27-2012 |
20120254678 | METHOD AND SYSTEM FOR DETERMINING SUPPORT FOR A MEMORY CARD - Embodiments related to methods and systems for determining support for a memory card, where the memory card is accessible to a card reader and the card reader is in communication with an accessing device. One embodiment comprises transmitting a first test command to the memory card, receiving a response to the first test command, and determining that the response to the first test command indicates that a card type is not supported by a plurality of card drivers. In response to said determining, at least one additional test command specific to a card type supported by a selected card driver is automatically transmitted, and if the response is successful, the selected card driver, which was previously determined not to support the card type of the memory card, is indicated to support the card type of the memory card. | 10-04-2012 |
20120257746 | Systems and Methods to Securely Generate Shared Keys - A method for secure bidirectional communication between two systems is described. A first key pair and a second key pair are generated, the latter including a second public key that is generated based upon a shared secret. First and second public keys are sent to a second system, and third and fourth public keys are received from the second system. The fourth public key is generated based upon the shared secret. A master key for encrypting messages is calculated based upon a first private key, a second private key, the third public key and the fourth public key. For re-keying, a new second key pair having a new second public key and a new second private key is generated, and a new fourth public key is received. A new master key is calculated using elliptic curve calculations using the new second private key and the new fourth public key. | 10-11-2012 |
20120265869 | SYSTEM AND METHOD OF MOBILE LIGHTWEIGHT CRYPTOGRAPHIC DIRECTORY ACCESS - A system for handling an LDAP service request to an LDAP server for an LDAP service comprises a client program executable on a client system and a handler program executable on a handler system. The client program is operable to generate LDAP service request data corresponding to the LDAP service and provide the LDAP service request data for transmission from the client system, and further operable to receive LDAP service reply data in response to the LDAP service request data. The handler program is operable to receive the LDAP service request data transmitted from the client system and execute the LDAP service request to the LDAP server, receive LDAP service reply data from the LDAP server during one or more passes, and upon completion of the LDAP service, provide the LDAP service reply data for transmission to the client system in a single pass. | 10-18-2012 |
20120271896 | System and Method for Handling Electronic Messages - Systems and methods for handling messages on a mobile device. A system and method could be configured to receive at a mobile device a message that is associated with a message expiry indicator. If a message expiry indicator is determined to be associated with the received message, then the received message is removed from the mobile device. | 10-25-2012 |
20120271947 | System And Method Of Communication Control for Wireless Mobile Communication Devices - Systems and methods of connection control for wireless mobile communication devices enabled for communication via a plurality of communication connections are provided. Connection control information associates software applications with communication connections. When a connection request specifying a requested connection is received from a software application, it is determined whether the requested connection is permitted by the connection control information. Where the requested connection is permitted by the connection control information, the requested connection is opened. If the requested connection is a first connection opened by the software application, then the software application is associated with the requested connection in the connection control information. | 10-25-2012 |
20120278630 | DEBUGGING PORT SECURITY INTERFACE - The present invention provides a secure JTAG interface to an application-specific integrated circuit (ASIC). In the preferred embodiment the invention operates through the combined efforts of a Security Module (SM) comprising a state machine that controls the security modes for the ASIC, and a Test Control Module (TCM) which contains the JTAG interface. The TCM operates in either a restricted mode or an unrestricted mode, depending on the state of the SM state machine. In a restricted mode, only limited access to memory content is permitted. In an unrestricted mode, full access to memory content is permitted. | 11-01-2012 |
20120290809 | System and Method of Secure Garbage Collection on a Mobile Device - A method and system for performing garbage collection involving sensitive information on a mobile device. Secure information is received at a mobile device over a wireless network. The sensitive information is extracted from the secure information. A software program operating on the mobile device uses an object to access the sensitive information. Secure garbage collection is performed upon the object after the object becomes unreachable. | 11-15-2012 |
20120297002 | SYSTEMS AND METHODS FOR PROTECTING HEADER FIELDS IN A MESSAGE - Embodiments of the systems and methods described herein facilitate the transmitting, receiving, and processing of encoded messages wherein the header fields in the message header are protected. In one embodiment, the contents of the header fields to be protected are inserted into the message body as one or more additional lines of text, for example, prior to encoding and transmitting the message to a message recipient. Upon receipt of the message, the message recipient processes the encoded message such that the contents of the protected header fields can be extracted from the message body. Accordingly, by inserting the contents of the header fields to be protected into the message body, the header fields may be protected using existing standards and protocols for facilitating secure message communication. | 11-22-2012 |
20120297194 | Device Authentication - A first device in possession of a value is able to determine, without communicating the value and without communicating any information from which the value can be identified, whether a second device is also in possession of the value. The first device accomplishes this with the assistance of a third device that is able to communicate with the first device and with the second device. The second device also does not communicate the value and does not communicate any information from which the value can be identified. The first device may send additional information to the third device which, if passed to the second device, enables the second device to determine that the first device is in possession of the value. The value may be a secret. | 11-22-2012 |
20120298744 | SYSTEM AND METHOD FOR MANAGING ITEMS IN A LIST SHARED BY A GROUP OF MOBILE DEVICES - A method and system are provided for operating a mobile device, the method comprising: reading a barcode being displayed by another mobile device, to identify a group, by capturing at least one image of the barcode; and joining the group identified by the barcode. Another method and system are provided, the method comprising: storing a barcode on the mobile device, the barcode identifying a group; and displaying the barcode on a display of the mobile device such that the entire barcode is visible on the display to enable another mobile device to scan the barcode to join the group. Another method and system are provided, the method comprising: reading a barcode being displayed by another mobile device, to identify an individual associated with the other mobile device, by capturing at least one image of the barcode; and inviting the individual identified by the barcode to join a group. | 11-29-2012 |
20120303786 | POLICY PROXY - In a system with a policy server, a first device able to communicate with the policy server and a second device able to communicate with the first device and unable to communicate with the policy server, the first device is to act as a policy proxy. The policy server may push to the first device a policy for the second device, and the first device may push the policy to the second device. | 11-29-2012 |
20120311323 | System and Method of Accessing Keys for Secure Messaging - Methods and systems for handling on an electronic device a secure message to be sent to a recipient. Data is accessed about a security key associate with the recipient. The received data is used to perform a validity cheek related to sending a secure message to the recipient. The validity check may uncover an issue that exists with sending a secure message to the recipient. A reason is determined for the validity check issue and is provided to the mobile device's user. | 12-06-2012 |
20120322414 | System and Method of Security Function Activation for a Mobile Electronic Device - A system and a method are provided for activating one or more security functions of a mobile electronic device. The system and method provide for the activation of one or more security functions when the mobile electronic device is stored in a mobile electronic device holder. Security functions include, for example, closing a data item currently being displayed on the mobile electronic device, erasing decrypted information stored on the mobile electronic device, locking the mobile electronic device, and performing a secure garbage collection operation. | 12-20-2012 |
20120324013 | METHOD OF SHARING IMAGE BASED FILES BETWEEN A GROUP OF COMMUNICATION DEVICES - Methods and associated mobile devices are disclosed for sharing an image based file between a group of communication devices. The image based file is scaled based on a display capacity of the devices within the group. The group of communication devices including a sending mobile communications device. The method includes: accessing from a memory of the sending mobile communication device a display capacity of each of the devices in the group, determining whether the resolution of the image based file exceeds an image resolution threshold based on the display capacity of the devices in the group, and if so scaling the image based file to within the image resolution threshold, and sending the image based file from the sending mobile communication device to one or more receiving communication devices in the group. | 12-20-2012 |
20130003974 | DISPLAY OF SECURE MESSAGES ON A MOBILE COMMUNICATION DEVICE - A mobile device for the display of messages receives messages in segments or incrementally from a server, and includes a message viewer application for displaying portions of the message. On determination using the received portion of the message that the message is digitally signed or encrypted, the server is signalled to halt automatic transmission of further segments of the message. When a verify command is received by the mobile device, a command is transmitted to the server so that automatic reception of message segments can be resumed at the mobile device. | 01-03-2013 |
20130007445 | SYSTEM AND METHOD FOR RETRIEVING CERTIFICATES ASSOCIATED WITH SENDERS OF DIGITALLY SIGNED MESSAGES - A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user's computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit. | 01-03-2013 |
20130007446 | SYSTEM AND METHOD FOR PROCESSING CERTIFICATES LOCATED IN A CERTIFICATE SEARCH - A system and method for processing certificates located in a certificate search. Certificates located in a certificate search are processed at a data server (e.g. a mobile data server) coupled to a computing device (e.g. a mobile device) to determine status data that can be used to indicate the status of those certificates to a user of the computing device, without having to download those certificates to the computing device in their entirety. The data server is further adapted to transmit the status data to the computing device. In one embodiment, at least one status property of the certificates is verified at the data server in determining the status data. In another embodiment, additional certificate data is determined and transmitted to the computing device, which can be used by the computing device to verify, at the computing device, at least one other status property of the certificates. | 01-03-2013 |
20130007447 | PROVIDING CERTIFICATE MATCHING IN A SYSTEM AND METHOD FOR SEARCHING AND RETRIEVING CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one broad aspect, certificate identification data that uniquely identifies a certificate associated with a message is generated. The certificate identification data can then be used to determine whether the certificate is stored on a computing device. Only the certificate identification data is needed to facilitate the determination alleviating the need for a user to download the entire message to the computing device in order to make the determination. | 01-03-2013 |
20130007448 | SYSTEM AND METHOD FOR UPDATING MESSAGE TRUST STATUS - Systems and methods for processing encoded messages within a wireless communications system are disclosed. A server within the wireless communications system performs signature verification of an encoded message and provides, together with the message, an indication to the mobile device that the message has been verified. In addition, the server provides supplemental information, such as, for example, a hash of the certificate or certificate chain used to verify the message, to the device, to enable the device to perform additional checks on the certificate, such as, for example, validity checks, trust checks, strength checks, or the like. | 01-03-2013 |
20130007459 | SYSTEM AND METHOD FOR COMPRESSING SECURE E-MAIL FOR EXCHANGE WITH A MOBILE DATA COMMUNICATION DEVICE - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device: the message is processed so as to modify the message with respect to encryption and/or authentication aspect. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a remote system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the remote system to one or more receivers. | 01-03-2013 |
20130007877 | System and Method of Owner Control of Electronic Devices - A system and method of owner control of an electronic device are provided. Owner identification information, such as data integrity and source authentication information, is stored on the electronic device. Received owner control information is stored on the electronic device where the integrity of the received owner control information is verified and/or the source is authenticated using the owner identification information. In one embodiment, owner identification information comprises an owner signature private key. | 01-03-2013 |
20130012171 | SYSTEM AND METHOD FOR HANDLING MESSAGE RECEIPT NOTIFICATION - Systems and methods for operation upon a wireless mobile device to handle message notifications. A method can include receiving a message by the wireless mobile device over a wireless communications network. The received message is processed so that at least a portion of the sender's message is displayed to a user of the wireless mobile device before a signed receipt is provided to the sender. | 01-10-2013 |
20130012248 | DISPLAY OF SECURE MESSAGES ON A MOBILE COMMUNICATION DEVICE - A mobile device for the display of messages includes a message viewer application for displaying segments of the message received from a server. The message can include content that is encoded in a first encoding that is renderable for display on the device, and the same content encoded in a second encoding. On determination that the received portion of the message includes a first part comprising content encoded in a first encoding and is renderable for display, first displayable portion of the message content, the server is signalled to halt forwarding further segments of the message. | 01-10-2013 |
20130013714 | SYSTEM AND METHOD FOR PROCESSING ENCODED MESSAGES - Systems and methods for processing encoded messages within a wireless communication system. A server within the wireless communication system provides one or more indications to a mobile device as to certain conditions existing with respect to an encoded message. The mobile device performs a different message processing function based upon whether the indication is provided. The indications may include indicating whether a message exceeds a message size threshold and/or may indicate whether a partial message is being sent. | 01-10-2013 |
20130013917 | SYSTEM AND METHOD FOR ENABLING BULK RETRIEVAL OF CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, a certificate synchronization application is programmed to perform certificate searches by querying one or more certificate servers for all of the certificates on those certificate servers. If all of the certificates on a certificate server cannot be successfully retrieved using a single search query, due to a search quota on the certificate server being exceeded for example, the search is re-performed through multiple queries, each corresponding to a narrower subsearch. Embodiments described herein enable large amounts of certificates to be automatically searched for and retrieved from certificate servers, thereby minimizing the need for users to manually search for individual certificates. | 01-10-2013 |
20130013918 | SYSTEM AND METHOD FOR RETRIEVING CERTIFICATES ASSOCIATED WITH SENDERS OF DIGITALLY SIGNED MESSAGES - A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user's computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit. | 01-10-2013 |
20130013919 | UPDATING CERTIFICATE STATUS IN A SYSTEM AND METHOD FOR PROCESSING CERTIFICATES LOCATED IN A CERTIFICATE SEARCH - A system and method for processing certificates located in a certificate search. Certificates located in a certificate search are processed at a data server (e.g. a mobile data server) coupled to a computing device (e.g. a mobile device) to determine status data that can be used to indicate the status of those certificates to a user of the computing device. Selected certificates may be downloaded to the computing device for storage, and the downloaded certificates are tracked by the data server. This facilitates the automatic updating of the status of one or more certificates stored on the computing device by the data server, in which updated status data is pushed from the data server to the computing device. | 01-10-2013 |
20130014250 | WIRELESS COMMUNICATION DEVICE WITH PASSWORD PROTECTION AND RELATED METHOD - A wireless communication device (and its related method of operation) includes, if invoked, password protected access to data stored therewithin and/or to normal device operations and further includes duress password checking logic that automatically causes a duress message to be sent if a duress password has been entered. The duress message is preferably sent without maintaining any user accessible indication of such sending. It is also preferred that the password checking logic automatically cause an end-of-duress message to be sent if a normal password is entered after a duress password has been entered. A plurality of different duress passwords may be entered into a duress password portion of data memory in the device. | 01-10-2013 |
20130019102 | System and method for encrypted smart card pin entry - A smart card, system, and method for securely authorizing a user or user device using the smart card is provided. The smart card is configured to provide, upon initialization or a request for authentication, a public key to the user input device such that the PIN or password entered by the user is encrypted before transmission to the smart card via a smart card reader. The smart card then decrypts the PIN or password to authorize the user. Preferably, the smart card is configured to provide both a public key and a nonce to the user input device, which then encrypts a concatenation or other combination of the nonce and the user-input PIN or password before transmission to the smart card. The smart card reader thus never receives a copy of the PIN or password in the clear, allowing the smart card to be used with untrusted smart card readers. | 01-17-2013 |
20130019318 | System and Method of Owner Application Control of Electronic Devices - Systems and methods of owner application control of an electronic device are provided. Owner application control information is stored on the electronic device and/or one or more remote servers. Owner application control information is consulted to determine if one or more required applications are available for execution on the electronic device. If not, one or more required applications not available are downloaded and installed. This could be in a manner transparent to the user of the electronic device. If one or more required applications are not available on the electronic device, the device can be functionally disabled in whole, or in part, until one or more required applications are available. | 01-17-2013 |
20130114814 | ADDING RANDOMNESS INTERNALLY TO A WIRELESS MOBILE COMMUNICATION DEVICE - An electronic device is provided with an integral transducer used to update a random data pool without connection to an external source of new random data. In one embodiment, there is provided a method for providing random data on an electronic device, the method comprising: storing random data in a random data pool in a memory; sensing motion of the electronic device using a transducer integrally carried as part of the electronic device, wherein the transducer is configured to generate an output in response to sensed motion; generating new random data in accordance with the output of a transducer when sensed motion exceeds a threshold; and storing the new random data in the random data pool in the memory. | 05-09-2013 |
20130308779 | METHODS AND DEVICES FOR COMPUTING A SHARED ENCRYPTION KEY - Embodiments described herein are generally directed to methods and devices in which computing devices, and mobile devices in particular, establish a shared encryption key for a device group comprising at least three mobile devices. In accordance with one example embodiment, a public key of a mobile device is computed using a shared password as performed in accordance with authentication acts of a password-authenticated key exchange protocol, and transmitted to at least one other mobile device of the group. A public value is computed as a function of a mobile device private key and of a public key of at least one other mobile device of the device group, in accordance with a group key establishment protocol. The public values of the mobile devices of the device group are used to compute a shared encryption key. | 11-21-2013 |
20140013124 | ON-CHIP STORAGE, CREATION, AND MANIPULATION OF AN ENCRYPTION KEY - A system and method for encrypting data provides for retrievial of an encryption key; identification of the address in memory of a first portion of the data to be encrypted; derivation of a first unique key from the encryption key and the address of the first portion of data; encryption of the first portion of data using the first unique key; identification of the address in memory of a second portion of data to be encrypted; derivation of a second unique key from the encryption key and the address of the second portion of data; and encryption of the second portion of data using the second unique key. | 01-09-2014 |
20140031008 | SYSTEM AND METHOD OF SECURE MESSAGE PROCESSING - A system and method for handling message indicator processing on a wireless mobile communications device. Message state data is stored in a cache for use in generating message indicators. | 01-30-2014 |
20140171023 | System and Method for Secure Control of Resources of Wireless Mobile Communication Devices - Systems and methods for secure control of a wireless mobile communication device are disclosed. Each of a plurality of domains includes at least one wireless mobile communication device asset. When a request to perform an operation affecting at least one of the assets is received, it is determined whether the request is permitted by the domain that includes the at least one affected asset, by determining whether the entity with which the request originated has a trust relationship with the domain, for example. The operation is completed where it is permitted by the domain. Wireless mobile communication device assets include software applications, persistent data, communication pipes, and configuration data, properties or user or subscriber profiles. | 06-19-2014 |
20140205098 | ADDING RANDOMNESS INTERNALLY TO A WIRELESS MOBILE COMMUNICATION DEVICE - An electronic device is provided with an integral transducer used to update a random data pool without connection to an external source of new random data. In one embodiment, there is provided a method for providing random data on an electronic device, the method comprising: storing random data in a random data pool in a memory; sensing motion of the electronic device using a transducer integrally carried as part of the electronic device, wherein the transducer is configured to generate an output in response to sensed motion; generating new random data in accordance with the output of a transducer when sensed motion exceeds a threshold; and storing the new random data in the random data pool in the memory. | 07-24-2014 |
20140256350 | PUBLISHING LOCATION FOR A LIMITED TIME - A method and user device for limiting a time for which location data sharing is enabled for a user device of a data sharing group, the data sharing group comprising at least two user devices inclusive of the user device, each user device of the data sharing group configured to store data shared by user devices of the data sharing group on the respective user device and to maintain a list of the user devices in the data sharing group. The method comprises receiving an instruction through a user interface on the user device indicating that location data sharing is to be enabled for a limited time period after which location sharing is to be disabled, obtaining location data for the user device during the limited time period; and sending the location data to at least one other user device of the sharing group during the limited time period. | 09-11-2014 |
20150050887 | METHODS AND DEVICES FOR FACILITATING BLUETOOTH PAIRING USING A CAMERA AS A BARCODE SCANNER - Embodiments of the systems, devices and methods described herein generally facilitate performing Bluetooth pairing between a first device and a second device. In accordance with one example embodiment, a first device generates a barcode that encodes Bluetooth pairing data for transmission to the second device, wherein the pairing data comprises a Bluetooth address associated with the first device, and wherein the pairing data further comprises a personal identification number usable to complete the Bluetooth pairing, the barcode is transmitted to the second device, and Bluetooth pairing is performed with the second device. | 02-19-2015 |
20150074752 | System and Method for Secure Control of Resources of Wireless Mobile Communication Devices - Systems and methods for secure control of a wireless mobile communication device are disclosed. Each of a plurality of domains includes at least one wireless mobile communication device asset. When a request to perform an operation affecting at least one of the assets is received, it is determined whether the request is permitted by the domain that includes the at least one affected asset, by determining whether the entity with which the request originated has a trust relationship with the domain, for example. The operation is completed where it is permitted by the domain. Wireless mobile communication device assets include software applications, persistent data, communication pipes, and configuration data, properties or user or subscriber profiles. | 03-12-2015 |