Patent application number | Description | Published |
20090055643 | SYSTEM AND METHOD FOR DISPLAYING A SECURITY ENCODING INDICATOR ASSOCIATED WITH A MESSAGE ATTACHMENT - An apparatus and method of displaying a message on a display of a computing device. The message comprises at least a first attachment. At least a portion of the message is displayed to a user. The displayed portion comprises an identifier for the first attachment. In one embodiment, a security encoding indicator is associated with the identifier for the first attachment and displayed to the user. If a security encoding has been applied to the first attachment, the security encoding indicator indicates the security encoding applied to the first attachment. | 02-26-2009 |
20090061912 | SYSTEM AND METHOD FOR PROCESSING ATTACHMENTS TO MESSAGES SENT TO A MOBILE DEVICE - A system and method for processing attachments to messages sent to a mobile device is described herein. Embodiments described herein apply to encrypted messages comprising multiple message parts, in which different encryption keys (e.g. session keys) have been used to encrypt the different message parts. In at least one example embodiment, the encrypted session keys for every message content part comprising an attachment is received at the mobile device. In one embodiment, all of the encrypted session keys are stored together in a main message header. The mobile device may then decrypt the encrypted session key associated with a user requested attachment, and transmits the decrypted session key to one or more remote servers in an attachment request for use in decrypting the requested attachment. Data associated with the requested attachment, in decrypted form, is returned to the mobile device. | 03-05-2009 |
20090077644 | APPARATUS AND METHOD FOR INTEGRATING AUTHENTICATION PROTOCOLS IN THE ESTABLISHMENT OF CONNECTIONS BETWEEN COMPUTING DEVICES - An apparatus and method for integrating authentication protocols in the establishment of connections between a controlled-access first computing device and at least one second computing device. In one embodiment, network access user authentication data needed to access the at least one second computing device is transmitted to an authentication server automatically if the user has access to use the first computing device, thereby not requiring the user to manually enter the authentication data needed for such access at the first computing device. The network access user authentication data may be, for example, retrieved from a memory store of the first computing device and/or generated in accordance with an authentication data generating algorithm. | 03-19-2009 |
20090080661 | SYSTEM AND METHOD FOR CONTROLLING MESSAGE ATTACHMENT HANDLING FUNCTIONS ON A MOBILE DEVICE - A system and method for controlling message attachment handling functions on a mobile device is described herein. An attachment handling control can be set to identify one of a number of selected attachment handling control modes. Depending on the attachment handling control mode identified, a request for the attachment structure that includes a decrypted session key for an encrypted message received at the mobile device may or may not be automatically sent to a remote server. This may provide the user with increased control over the content of an encrypted message that the remote server may access when determining the attachment structure for a message. | 03-26-2009 |
20090165125 | SYSTEM AND METHOD FOR CONTROLLING USER ACCESS TO A COMPUTING DEVICE - A system and method for controlling user access to a computing device (e.g. a mobile device). In some embodiments, access rights are provided to a user based on successfully verified authentication factors, even where the user is unable to provide all the authentication factors typically required for access to the computing device. In one broad aspect, one or more authentication factors are provided by a user, and are received and verified by a security module application residing and executing on the computing device. When less than all of the authentication factors that would typically be expected in authenticating a user for access to the computing device is received and successfully verified, a subset of the available access rights selected from a plurality of different pre-defined subsets of access rights is provided to the user. The specific access rights provided to the user are based on the successfully verified authentication factors. | 06-25-2009 |
20090177880 | TRANSMISSION OF SECURE ELECTRONIC MAIL FORMATS - A method and system for providing e-mail messages to a receiving e-mail application. The e-mail messages as sent from a sending e-mail application being secure and in opaque signed format. The opaque signed e-mail messages being converted to clear signed e-mail messages by decoding extracting message content and digital signatures. The clear signed e-mails being sent to a receiving e-mail application. | 07-09-2009 |
20090187796 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. For example, when the mobile device is being used to decrypt a cryptographically secured electronic message, and a problem is encountered, program logic of the device provides the user with (1) an indication of exactly what problem is preventing opening of the message, for example, a required cryptographic key is not available; (2) an indication of exactly what may be done to overcome the problem, for example, what utilities should be run on the device; and (3) exactly what data, if any, needs to be downloaded to the device, for example, what cryptographic keys should be downloaded. | 07-23-2009 |
20090210506 | COMPRESSIBLE DISPLAY OF E-MAIL MESSAGE STRING TO FACILITATE READABILITY - A displayed string of emails is effectively compressed for improved readability by deleting some or all headers and/or by skipping the cursor from one message body to another in response to “hot” key actuation (s) by a user. | 08-20-2009 |
20090224036 | System And Method Of Operation Control On An Electronic Device - Systems and methods of application control for use on an electronic device. A device can be configured to receive an operation request from an application. The device can determine whether the requested operation is allowed to be performed by the application based upon a stored authorization record and an application identifier associated with the application. The application is allowed to perform the requested operation based upon whether the requested operation is determined to be allowed to be performed by the application. | 09-10-2009 |
20090240943 | CHALLENGE RESPONSE-BASED DEVICE AUTHENTICATION SYSTEM AND METHOD - A challenge response scheme authenticates a requesting device by an authenticating device. The authenticating device generates and issues a challenge to the requesting device. The requesting device combines the challenge with a hash of a password provided by a user, and the combination is further hashed in order to generate a requesting encryption key used to encrypt the user supplied password. The encrypted user supplied password is sent to the authenticating device as a response to the issued challenge. The authenticating device generates an authenticating encryption key by generating the hash of a combination of the challenge and a stored hash of an authenticating device password. The authenticating encryption key is used to decrypt the response in order to retrieve the user-supplied password. If the user-supplied password hash matches the stored authenticating device password hash, the requesting device is authenticated and the authenticating device is in possession of the password. | 09-24-2009 |
20090280744 | Controlling Visibility of a Wireless Device in Discoverable Mode - A wireless device in a discoverable mode controls its visibility by determining whether to ignore or respond to an inquiry, received from an inquiring device, based at least in part on one or more properties of the inquiring device. | 11-12-2009 |
20090282247 | METHOD, SYSTEM AND DEVICE FOR AUTHENTICATING A USER - Embodiments described herein relate to a method and device for authenticating a user of a computer and a corresponding system using the method and device. The device is a handheld electronic device configured to receive a first authentication code and to generate a secure identification token. If the received first authentication code and the generated token match, a second authentication code is transmitted to a computer to unlock the computer. | 11-12-2009 |
20090292916 | Certificate Management and Transfer System and Method - A method and system for Certificate management and transfer between messaging clients are disclosed. When communications are established between a first messaging client and a second messaging client, one or more Certificates stored on the first messaging client may be selected and transferred to the second messaging client. Messaging clients may thereby share Certificates. Certificate management functions such as Certificate deletions, Certificate updates and Certificate status checks may also be provided. | 11-26-2009 |
20100031371 | System and Method for Handling Peripheral Connections to Mobile Devices - Systems and methods for establishing a data connection between a mobile device and a peripheral. The mobile device is configured to determine whether to handle user approval of the data connection between the mobile device and the peripheral. Through the mobile device, an input mechanism is provided for the user to provide input. The input is used in determining whether to approve the data connection between the mobile device and the peripheral. | 02-04-2010 |
20100082976 | SYSTEM AND METHOD FOR RETRIEVING RELATED CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, a certificate synchronization application is programmed to perform certificate searches by querying one or more certificate servers for all certificate authority (CA) certificates and cross-certificates on the certificate servers. In another embodiment, all certificates related to an identified certificate are retrieved from the certificate servers automatically by the certificate synchronization application, where the related certificates comprise at least one of one or more CA certificates and one or more cross-certificates. Embodiments of the invention facilitate at least partial automation of the downloading and establishment of certificate chains, thereby minimizing the need for users to manually search for individual certificates. | 04-01-2010 |
20100100932 | SYSTEM AND METHOD FOR DETERMINING A SECURITY ENCODING TO BE APPLIED TO OUTGOING MESSAGES - A system and method for determining a security encoding to be applied to a message being sent by a user of a computing device, such as a mobile device, for example. In one broad aspect, the method comprises determining, at the computing device, whether a general message encoding configuration setting thereon indicates that the security encoding to be applied to the message is to be established by a policy engine; if the general message encoding configuration setting on the computing device indicates that the security encoding to be applied to the message is to be established by the policy engine, determining the security encoding to be applied to the message by querying the policy engine for the security encoding to be applied to the message; applying the determined security encoding to the message; and transmitting the message to which the security encoding has been applied to the at least one recipient. In one embodiment, the policy engine is a PGP Universal Server. | 04-22-2010 |
20100121931 | METHOD AND APPARATUS FOR PROCESSING DIGITALLY SIGNED MESSAGES TO DETERMINE ADDRESS MISMATCHES - A method and apparatus for processing digitally signed messages in which address mismatch errors are detected. In at least one aspect, the number of address mismatch errors reported to a user for a message may be minimized for messages that properly incorporate message portions signed by someone other than the sender of the message, as may be the case where the message contains a conversation thread for example, by performing at least one pre-determined action for digital signatures corresponding to signed data appearing after a message separator. The message separator may indicate that the message contains data from an older forwarded message or from an older message that has been replied to, for example. The at least one-predetermined action may comprise bypassing verification of address matches for those digital signatures, or verifying address matches for those digital signatures but suppressing user notification of any address mismatch errors, for example. | 05-13-2010 |
20100169979 | System and Method for Handling Restoration Operations on Mobile Devices - Systems and methods for handling restoration operations for a mobile device. A mobile device receives a kill pill command, wherein the command causes some or all data on the mobile device to be wiped. An indicator is stored to indicate that the kill pill command was sent to the mobile device. The indicator is used to determine whether a program should be wiped from the mobile device. | 07-01-2010 |
20100197292 | DEVICE AND METHOD FOR GENERATING USER NOTIFICATIONS ASSOCIATED WITH TASKS THAT ARE PENDING COMPLETION - A device and method for generating user notifications associated with tasks that are pending completion on a mobile device. When additional input is required from a user of the mobile device to complete performance of a task and is not being received from the user within a predefined time period, at least one form of user notification is generated. The particular form or forms of user notification are defined by a user profile associated with the user. User notifications may comprise visual, audible, and/or vibratory alerts, and different forms of these user notifications may be generated in a sequence. The volume of audible alerts or the period between periodic user notifications may vary over time. | 08-05-2010 |
20100232321 | Controlling Visibility of a Wireless Device in Discoverable Mode - A wireless device in a discoverable mode controls its visibility by determining whether to ignore or respond to an inquiry, received from an inquiring device, based at least in part on one or more properties of the inquiring device. | 09-16-2010 |
20100242086 | SYSTEM AND METHOD FOR HANDLING DATA TRANSFERS - Systems and methods for managing data transfers between a secure location and a less secure location. A data transfer checker operating on a mobile device determines whether an attempted data transfer between two locations is permitted. If it is not permitted, then the data transfer is prevented and the user may be notified of the data transfer prevention. | 09-23-2010 |
20100275133 | COMPRESSIBLE DISPLAY OF E-MAIL MESSAGE STRING TO FACILITTE READABILITY - A displayed string of emails is effectively compressed for improved readability by deleting some or all headers and/or by skipping the cursor from one message body to another in response to “hot” key actuation(s) by a user. | 10-28-2010 |
20100281128 | SYSTEM AND METHOD FOR PROCESSING MESSAGES BEING COMPOSED BY A USER - A system and method for processing messages being composed by a user of a computing device (e.g. a mobile device). Embodiments are described in which the performance of certain tasks is initiated before a direction is received from a user to send a message being composed by the user. This may involve, for example, “pre-fetching” security-related data that will be required in order to send a message that is in the process of being composed by the user securely. Such data may include security policy data, certificate data, and/or certificate status data, for example. | 11-04-2010 |
20100284536 | SYSTEM AND METHOD FOR OBTAINING CERTIFICATE STATUS OF SUBKEYS - Systems and methods for updating status of digital certificate subkeys. A request is made to a key server to verify if a given key is revoked. If it is not, then the key with its subkeys is acquired from the key server. If one or more subkeys or signatures of the subkeys are different in the acquired key, then the key is replaced. | 11-11-2010 |
20100332848 | SYSTEM AND METHOD FOR CODE SIGNING - A system and method for code signing. The entities may be software application developers or other individuals or entities that wish to have applications digitally signed. Signing of the applications may be required in order to enable the applications to access sensitive APIs and associated resources of a computing device when the applications are executed on the computing device. | 12-30-2010 |
20110010554 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. For example, when the mobile device is being used to decrypt a cryptographically secured electronic message, and a problem is encountered, program logic of the device provides the user with (1) an indication of exactly what problem is preventing opening of the message, for example, a required cryptographic key is not available; (2) an indication of exactly what may be done to overcome the problem, for example, what utilities should be run on the device; and (3) exactly what data, if any, needs to be downloaded to the device, for example, what cryptographic keys should be downloaded. | 01-13-2011 |
20110010556 | System and Method of Secure Authentication Information Distribution - A system and method of distributing authentication information for remotely accessing a computer resource. A request for authentication information, including identity information, is received from a user of a remote device. When the user is authenticated based on the identity information, requested authentication information is retrieved and returned to the remote device. The authentication information, or information generated from the authentication information, is then used for remotely accessing the computer resource. | 01-13-2011 |
20110010705 | System and Method of Owner Application Control of Electronic Devices - Systems and methods of owner application control of an electronic device are provided. Owner application control information is stored on the electronic device and/or one or more remote servers. Owner application control information is consulted to determine if one or more required applications are available for execution on the electronic device. If not, one or more required applications not available are downloaded and installed. This could be in a manner transparent to the user of the electronic device. If one or more required applications are not available on the electronic device, the device can be functionally disabled in whole, or in part, until one or more required applications are available. | 01-13-2011 |
20110066845 | TRANSMISSION OF SECURE ELECTRONIC MAIL FORMATS - A method and system for providing e-mail messages to a receiving e-mail application. The e-mail messages as sent from a sending e-mail application being secure and in opaque signed format. The opaque signed e-mail messages being converted to clear signed e-mail messages by decoding extracting message content and digital signatures. The clear signed e-mails being sent to a receiving e-mail application. | 03-17-2011 |
20110099381 | SYSTEM AND METHOD FOR RETRIEVING CERTIFICATES ASSOCIATED WITH SENDERS OF DIGITALLY SIGNED MESSAGES - A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user's computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit. | 04-28-2011 |
20110154028 | SYSTEM AND METHOD FOR ADMINISTERING DIGITAL CERTIFICATE CHECKING - Systems and methods for handling electronic messages. An electronic message that is associated with a digital certificate is to be processed. A decision whether to check the validity of the digital certificate is based upon digital certificate checking criterion. An IT administrator may provide to one or more devices configuration data that establishes the digital certificate checking criterion. | 06-23-2011 |
20110154047 | USER-DEFINED PASSWORDS HAVING ASSOCIATED UNIQUE VERSION DATA TO ASSIST USER RECALL OF THE PASSWORD - An electronic device includes password protected functionality using a password that can be changed by the user. A user-specified password is stored in association with unique version data that is subsequently provided to help user recall of the password associated therewith. | 06-23-2011 |
20110167484 | APPARATUS AND METHOD FOR INTEGRATING AUTHENTICATION PROTOCOLS IN THE ESTABLISHMENT OF CONNECTIONS BETWEEN COMPUTING DEVICES - An apparatus and method for integrating authentication protocols in the establishment of connections between a controlled-access first computing device and at least one second computing device. In one embodiment, network access user authentication data needed to access the at least one second computing device is transmitted to an authentication server automatically if the user has access to use the first computing device, thereby not requiring the user to manually enter the authentication data needed for such access at the first computing device. The network access user authentication data may be, for example, retrieved from a memory store of the first computing device and/or generated in accordance with an authentication data generating algorithm. | 07-07-2011 |
20110191642 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. | 08-04-2011 |
20110191845 | WIRELESS COMMUNICATION DEVICE WITH DURESS PASSWORD PROTECTION AND RELATED METHOD - A wireless communication device (and its related method of operation) includes, if invoked, password protected access to data stored therewithin and/or to normal device operations and further includes duress password checking logic that automatically causes a duress message to be sent if a duress password has been entered. The duress message is preferably sent without maintaining any user accessible indication of such sending. It is also preferred that the password checking logic automatically cause an end-of-duress message to be sent if a normal password is entered after a duress password has been entered. A plurality of different duress passwords may be entered into a duress password portion of data memory in the device. | 08-04-2011 |
20110195690 | SYSTEM AND METHOD FOR PROCESSING ATTACHMENTS TO MESSAGES SENT TO A MOBILE DEVICE - A system and method for processing attachments to messages sent to a mobile device is described herein. Embodiments described herein apply to encrypted messages comprising multiple message parts, in which different encryption keys (e.g. session keys) have been used to encrypt the different message parts. In at least one example embodiment, the encrypted session keys for every message content part comprising an attachment is received at the mobile device. In one embodiment, all of the encrypted session keys are stored together in a main message header. The mobile device may then decrypt the encrypted session key associated with a user requested attachment, and transmits the decrypted session key to one or more remote servers in an attachment request for use in decrypting the requested attachment. Data associated with the requested attachment, in decrypted form, is returned to the mobile device. | 08-11-2011 |
20110231646 | SYSTEM AND METHOD FOR PROCESSING ENCODED MESSAGES FOR EXCHANGE WITH A MOBILE DATA COMMUNICATION DEVICE - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device, the message is processed so as to modify the message with respect to one or more encryption and/or authentication aspects. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a host system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the host system to one or more receivers. | 09-22-2011 |
20110271115 | CERTIFICATE INFORMATION STORAGE SYSTEM AND METHOD - A system and method of storing in a computer device digital certificate data from a digital certificate are provided. When a digital certificate is received at the computer device, it is determined whether the digital certificate data in the digital certificate is stored in a first memory store in the computer device. The digital certificate data is stored in the first memory store upon determining that the digital certificate data is not stored in the first memory store. | 11-03-2011 |
20110271322 | System and Method for Configuring Devices for Secure Operations - Systems and methods for establishing a security-related mode of operation for computing devices. A policy data store contains security mode configuration data related to the computing devices. Security mode configuration data is used in establishing a security-related mode of operation for the computing devices. | 11-03-2011 |
20110280401 | SYSTEM AND METHOD FOR EXCHANGING ENCRYPTION KEYS BETWEEN A MOBILE DEVICE AND A PERIPHERAL DEVICE - Embodiments of a system and method for providing additional security for data being transmitted across a wireless connection that has been established using a known wireless protocol (e.g. Bluetooth) are described. An encryption key is exchanged between a computing device (e.g. a mobile device) and a wireless peripheral device (e.g. a keyboard, a printer). In exemplary embodiments, the encryption key is generated at one of the two devices. Data associated with the encryption key is output at the one device, which can be input by the user at the other device. The encryption key is then recovered at the other device from the input, thereby completing the key exchange. The encryption key can then be used to encrypt and decrypt data transmitted over the established wireless connection, providing additional security. | 11-17-2011 |
20110294471 | DEVICE AND METHOD FOR GENERATING USER NOTIFICATIONS ASSOCIATED WITH TASKS THAT ARE PENDING COMPLETION - A device and method for generating user notifications associated with tasks that are pending completion on a mobile device. When additional input is required from a user of the mobile device to complete performance of a task and is not being received from the user within a predefined time period, at least one form of user notification is generated. The particular form or forms of user notification are defined by a user profile associated with the user. User notifications may comprise visual, audible, and/or vibratory alerts, and different forms of these user notifications may be generated in a sequence. The volume of audible alerts or the period between periodic user notifications may vary over time. | 12-01-2011 |
20120005293 | SYSTEM AND METHOD FOR PROCESSING MESSAGES BEING COMPOSED BY A USER - A system and method for processing messages being composed by a user of a computing device (e.g. a mobile device). Embodiments are described in which the performance of certain tasks is initiated before a direction is received from a user to send a message being composed by the user. This may involve, for example, “pre-fetching” security-related data that will be required in order to send a message that is in the process of being composed by the user securely. Such data may include security policy data, certificate data, and/or certificate status data, for example. | 01-05-2012 |
20120042161 | SYSTEM AND METHOD FOR SENDING SECURE MESSAGES - Electronic messages are sent from a sending system to an identified recipient and are encrypted using information contained in a certificate for that recipient. An electronic device and method are provided for detecting receipt of a command to initiate transmission of a composed message to a recipient, and after said detection but prior to transmitting the message, determining that no valid digital certificate for said recipient is available at the communication device; retrieving a valid digital certificate for said recipient from a source over a network; and encrypting said composed message using the valid digital certificate; then initiating transmission of the encrypted, composed message to the recipient. Retrieval of the valid digital certificate can include repeated retrieval and validation of certificates until a valid certificate is obtained. | 02-16-2012 |
20120045057 | CHALLENGE RESPONSE-BASED DEVICE AUTHENTICATION SYSTEM AND METHOD - A challenge response scheme authenticates a requesting device by an authenticating device. The authenticating device generates and issues a challenge to the requesting device. The requesting device combines the challenge with a hash of a password provided by a user, and the combination is further hashed in order to generate a requesting encryption key used to encrypt the user supplied password. The encrypted user supplied password is sent to the authenticating device as a response to the issued challenge. The authenticating device generates an authenticating encryption key by generating the hash of a combination of the challenge and a stored hash of an authenticating device password. The authenticating encryption key is used to decrypt the response in order to retrieve the user-supplied password. If the user-supplied password hash matches the stored authenticating device password hash, the requesting device is authenticated and the authenticating device is in possession of the password. | 02-23-2012 |
20120060026 | CERTIFICATE MANAGEMENT AND TRANSFER SYSTEM AND METHOD - A method and system for Certificate management and transfer between messaging clients are disclosed. When communications are established between a first messaging client and a second messaging client, one or more Certificates stored on the first messaging client may be selected and transferred to the second messaging client. Messaging clients may thereby share Certificates. Certificate management functions such as Certificate deletions, Certificate updates and Certificate status checks may also be provided. | 03-08-2012 |
20120084376 | METHOD AND APPARATUS FOR PROCESSING DIGITALLY SIGNED MESSAGES TO DETERMINE ADDRESS MISMATCHES - A method and apparatus for processing digitally signed messages in which address mismatch errors are detected. In at least one aspect, the number of address mismatch errors reported to a user for a message may be minimized for messages that properly incorporate message portions signed by someone other than the sender of the message, as may be the case where the message contains a conversation thread for example, by performing at least one pre-determined action for digital signatures corresponding to signed data appearing after a message separator. The message separator may indicate that the message contains data from an older forwarded message or from an older message that has been replied to, for example. The at least one-predetermined action may comprise bypassing verification of address matches for those digital signatures, or verifying address matches for those digital signatures but suppressing user notification of any address mismatch errors, for example. | 04-05-2012 |
20120084556 | SYSTEM AND METHOD FOR RETRIEVING RELATED CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, all certificates related to an identified certificate are retrieved from the certificate servers automatically by the certificate synchronization application, where the related certificates comprise at least one of one or more CA certificates and one or more cross-certificates. Embodiments described herein facilitate at least partial automation of the downloading and establishment of certificate chains, thereby minimizing the need for users to manually search for individual certificates. | 04-05-2012 |
20120117616 | WIRELESS/WIRED MOBILE COMMUNICATION DEVICE WITH OPTION TO AUTOMATICALLY BLOCK WIRELESS COMMUNICATION WHEN CONNECTED FOR WIRED COMMUNICATION - A mobile wireless communication device also has at least one wired communication port. Enhanced security is achieved by permitting the device to automatically disable one or more wireless ports when connected to a wired port. Specific combinations/permutations of such automatic control may be effected by use of an IT Policy also resident on the device. | 05-10-2012 |
20120137341 | SYSTEM AND METHOD FOR DETERMINING A SECURITY ENCODING TO BE APPLIED TO OUTGOING MESSAGES - A system and method for determining a security encoding to be applied to a message being sent by a user of a computing device. In one broad aspect, the device comprises a processor configured to: determine whether a general message encoding configuration setting indicates that when a security encoding is to be applied to a message then the security encoding is to be established by a policy engine; if the general message encoding configuration setting so indicates, query the policy engine for the security encoding to be applied to the message; otherwise, determine the security encoding to be applied to the message in accordance with a user-selected security encoding; and apply the determined security encoding to the message prior to transmission of the message to at least one recipient. | 05-31-2012 |
20120191978 | SYSTEM AND METHOD FOR SECURING DATA FOR REDIRECTING AND TRANSPORTING OVER A WIRELESS NETWORK - A system and method for securing data for redirecting and transporting over a wireless network are generally described herein. In accordance with some embodiments, when it is determined that an electronic message that is protected with a first encryption algorithm is to be transported over a wireless network to a wireless device, the electronic message is converted to a data structure that is recognizable by the wireless device and the data structure is encrypted with a second encryption algorithm using a random session key. The second encryption algorithm has a stronger security than the first encryption algorithm. The random session key is encrypted with a public key and packets that comprise the encrypted data structure and the encrypted random session key are transmitted to the wireless device over the wireless network. | 07-26-2012 |
20120213365 | SYSTEM AND METHOD FOR PROCESSING ATTACHMENTS TO MESSAGES SENT TO A MOBILE DEVICE - A system and method for processing attachments to messages sent to a mobile device is described herein. Embodiments described herein apply to encrypted messages comprising multiple message parts, in which different encryption keys (e.g. session keys) have been used to encrypt the different message parts. In at least one example embodiment, the encrypted session keys for every message content part comprising an attachment is received at the mobile device. In one embodiment, all of the encrypted session keys are stored together in a main message header. The mobile device may then decrypt the encrypted session key associated with a user requested attachment, and transmits the decrypted session key to one or more remote servers in an attachment request for use in decrypting the requested attachment. Data associated with the requested attachment, in decrypted form, is returned to the mobile device. | 08-23-2012 |
20120271947 | System And Method Of Communication Control for Wireless Mobile Communication Devices - Systems and methods of connection control for wireless mobile communication devices enabled for communication via a plurality of communication connections are provided. Connection control information associates software applications with communication connections. When a connection request specifying a requested connection is received from a software application, it is determined whether the requested connection is permitted by the connection control information. Where the requested connection is permitted by the connection control information, the requested connection is opened. If the requested connection is a first connection opened by the software application, then the software application is associated with the requested connection in the connection control information. | 10-25-2012 |
20120290844 | SYSTEM AND METHOD FOR CONTROLLING MESSAGE ATTACHMENT HANDLING FUNCTIONS ON A MOBILE DEVICE - A system and method for controlling message attachment handling functions on a mobile device is described herein. An attachment handling control can be set to identify one of a number of selected attachment handling control modes. Depending on the attachment handling control mode identified, a request for the attachment structure that includes a decrypted session key for an encrypted message received at the mobile device may or may not be automatically sent to a remote server. This may provide the user with increased control over the content of an encrypted message that the remote server may access when determining the attachment structure for a message. | 11-15-2012 |
20120303731 | SYSTEM AND METHOD FOR PROCESSING MESSAGES BEING COMPOSED BY A USER - A system and method for processing messages being composed by a user of a computing device (e.g. a mobile device). Embodiments are described in which the performance of certain tasks is initiated before a direction is received from a user to send a message being composed by the user. This may involve, for example, “pre-fetching” security-related data that will be required in order to send a message that is in the process of being composed by the user securely. Such data may include security policy data, certificate data, and/or certificate status data, for example. | 11-29-2012 |
20120331079 | COMPRESSIBLE DISPLAY OF E-MAIL MESSAGE STRING TO FACILITATE READABILITY - A displayed string of emails is effectively compressed for improved readability by deleting some or all headers and/or by skipping the cursor from one message body to another in response to hot key actuation(s) by a user. | 12-27-2012 |
20130007445 | SYSTEM AND METHOD FOR RETRIEVING CERTIFICATES ASSOCIATED WITH SENDERS OF DIGITALLY SIGNED MESSAGES - A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user's computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit. | 01-03-2013 |
20130007446 | SYSTEM AND METHOD FOR PROCESSING CERTIFICATES LOCATED IN A CERTIFICATE SEARCH - A system and method for processing certificates located in a certificate search. Certificates located in a certificate search are processed at a data server (e.g. a mobile data server) coupled to a computing device (e.g. a mobile device) to determine status data that can be used to indicate the status of those certificates to a user of the computing device, without having to download those certificates to the computing device in their entirety. The data server is further adapted to transmit the status data to the computing device. In one embodiment, at least one status property of the certificates is verified at the data server in determining the status data. In another embodiment, additional certificate data is determined and transmitted to the computing device, which can be used by the computing device to verify, at the computing device, at least one other status property of the certificates. | 01-03-2013 |
20130013918 | SYSTEM AND METHOD FOR RETRIEVING CERTIFICATES ASSOCIATED WITH SENDERS OF DIGITALLY SIGNED MESSAGES - A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user's computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit. | 01-10-2013 |
20130013919 | UPDATING CERTIFICATE STATUS IN A SYSTEM AND METHOD FOR PROCESSING CERTIFICATES LOCATED IN A CERTIFICATE SEARCH - A system and method for processing certificates located in a certificate search. Certificates located in a certificate search are processed at a data server (e.g. a mobile data server) coupled to a computing device (e.g. a mobile device) to determine status data that can be used to indicate the status of those certificates to a user of the computing device. Selected certificates may be downloaded to the computing device for storage, and the downloaded certificates are tracked by the data server. This facilitates the automatic updating of the status of one or more certificates stored on the computing device by the data server, in which updated status data is pushed from the data server to the computing device. | 01-10-2013 |
20130014250 | WIRELESS COMMUNICATION DEVICE WITH PASSWORD PROTECTION AND RELATED METHOD - A wireless communication device (and its related method of operation) includes, if invoked, password protected access to data stored therewithin and/or to normal device operations and further includes duress password checking logic that automatically causes a duress message to be sent if a duress password has been entered. The duress message is preferably sent without maintaining any user accessible indication of such sending. It is also preferred that the password checking logic automatically cause an end-of-duress message to be sent if a normal password is entered after a duress password has been entered. A plurality of different duress passwords may be entered into a duress password portion of data memory in the device. | 01-10-2013 |
20130019318 | System and Method of Owner Application Control of Electronic Devices - Systems and methods of owner application control of an electronic device are provided. Owner application control information is stored on the electronic device and/or one or more remote servers. Owner application control information is consulted to determine if one or more required applications are available for execution on the electronic device. If not, one or more required applications not available are downloaded and installed. This could be in a manner transparent to the user of the electronic device. If one or more required applications are not available on the electronic device, the device can be functionally disabled in whole, or in part, until one or more required applications are available. | 01-17-2013 |