Patent application number | Description | Published |
20080289001 | POLICY PROXY - In a system with a policy server, a first device able to communicate with the policy server and a second device able to communicate with the first device and unable to communicate with the policy server, the first device is to act as a policy proxy. The policy server may push to the first device a policy for the second device, and the first device may push the policy to the second device. | 11-20-2008 |
20080310633 | METHOD AND DEVICES FOR PROVIDING SECURE DATA BACKUP FROM A MOBILE COMMUNICATION DEVICE TO AN EXTERNAL COMPUTING DEVICE - A method and devices for providing secure data backup from a mobile communication device to an external computing device is described. In accordance with one example embodiment, there is provided a method of backing up data from a mobile communication device to an external computing device, the mobile communication device being connected to the external computing device for exchanging data with each other, the method comprising: receiving a request to backup one or more data items in a plurality of data items stored on the mobile communication device; encrypting a data item using an encryption key stored in memory of the mobile communication device; transferring the encrypted data item to the external computing device; and storing a backup file comprising the encrypted data item in the memory of the external computing device. A method of restoring backup data to a mobile communication device from an external computing device is also provided, as are mobile communication devices and computing devices configured for implementing the backup and restore operations. | 12-18-2008 |
20090034729 | SECURE MESSAGE HANDLING ON A MOBILE DEVICE - Systems, methods, and software for providing digital security to a child message transmitted from a mobile device to a messaging server, where the mobile device typically does not transmit the parent message with the child message to the messaging server. Whether to apply digital security, such as encryption or a digital signature, or both, is determined, and if the mobile device does not include a complete copy of a parent message for insertion into the child message, the mobile device selectively downloads the parent message from the messaging server prior to the computation of a digital signature or prior to encryption. The systems and methods may also provide a check of the child message size, when the child message includes inserted parent content, to ensure that the child message does not exceed any prescribed limits on message size. | 02-05-2009 |
20090055643 | SYSTEM AND METHOD FOR DISPLAYING A SECURITY ENCODING INDICATOR ASSOCIATED WITH A MESSAGE ATTACHMENT - An apparatus and method of displaying a message on a display of a computing device. The message comprises at least a first attachment. At least a portion of the message is displayed to a user. The displayed portion comprises an identifier for the first attachment. In one embodiment, a security encoding indicator is associated with the identifier for the first attachment and displayed to the user. If a security encoding has been applied to the first attachment, the security encoding indicator indicates the security encoding applied to the first attachment. | 02-26-2009 |
20090061912 | SYSTEM AND METHOD FOR PROCESSING ATTACHMENTS TO MESSAGES SENT TO A MOBILE DEVICE - A system and method for processing attachments to messages sent to a mobile device is described herein. Embodiments described herein apply to encrypted messages comprising multiple message parts, in which different encryption keys (e.g. session keys) have been used to encrypt the different message parts. In at least one example embodiment, the encrypted session keys for every message content part comprising an attachment is received at the mobile device. In one embodiment, all of the encrypted session keys are stored together in a main message header. The mobile device may then decrypt the encrypted session key associated with a user requested attachment, and transmits the decrypted session key to one or more remote servers in an attachment request for use in decrypting the requested attachment. Data associated with the requested attachment, in decrypted form, is returned to the mobile device. | 03-05-2009 |
20090077644 | APPARATUS AND METHOD FOR INTEGRATING AUTHENTICATION PROTOCOLS IN THE ESTABLISHMENT OF CONNECTIONS BETWEEN COMPUTING DEVICES - An apparatus and method for integrating authentication protocols in the establishment of connections between a controlled-access first computing device and at least one second computing device. In one embodiment, network access user authentication data needed to access the at least one second computing device is transmitted to an authentication server automatically if the user has access to use the first computing device, thereby not requiring the user to manually enter the authentication data needed for such access at the first computing device. The network access user authentication data may be, for example, retrieved from a memory store of the first computing device and/or generated in accordance with an authentication data generating algorithm. | 03-19-2009 |
20090080661 | SYSTEM AND METHOD FOR CONTROLLING MESSAGE ATTACHMENT HANDLING FUNCTIONS ON A MOBILE DEVICE - A system and method for controlling message attachment handling functions on a mobile device is described herein. An attachment handling control can be set to identify one of a number of selected attachment handling control modes. Depending on the attachment handling control mode identified, a request for the attachment structure that includes a decrypted session key for an encrypted message received at the mobile device may or may not be automatically sent to a remote server. This may provide the user with increased control over the content of an encrypted message that the remote server may access when determining the attachment structure for a message. | 03-26-2009 |
20090089584 | SYSTEMS, DEVICES, AND METHODS FOR OUTPUTTING ALERTS TO INDICATE THE USE OF A WEAK HASH FUNCTION - Systems, devices, and methods for outputting an alert on a mobile device to indicate the use of a weak hash function are disclosed herein. In one example embodiment, the method comprises receiving data (e.g. from a server) that identifies at least one first hash function, identifying a hash digest generated using a second hash function, determining if the second hash function is weak using the received data, and outputting an alert indicating that the second hash function is weak if it is determined that the second hash function is weak. | 04-02-2009 |
20090095812 | SYSTEM AND METHOD FOR MANAGING MULTIPLE SMART CARD SESSIONS - A system and method is provided for managing multiple smart card sessions with multiple communications or computing devices in association with a single smart card reader. A wireless smart card reader is provided for communicating with a plurality of devices requiring smart card functionality in a number of smart card sessions, in which each smart card session is addressed with an identifier identifying a single device. The smart card session is secured by a wireless connection pairing and by a secure pairing, such that each connection between the smart card reader and a device is secured against all other devices in communication with the smart card reader using a master connection key, which is unique for each device. | 04-16-2009 |
20090177880 | TRANSMISSION OF SECURE ELECTRONIC MAIL FORMATS - A method and system for providing e-mail messages to a receiving e-mail application. The e-mail messages as sent from a sending e-mail application being secure and in opaque signed format. The opaque signed e-mail messages being converted to clear signed e-mail messages by decoding extracting message content and digital signatures. The clear signed e-mails being sent to a receiving e-mail application. | 07-09-2009 |
20090187796 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. For example, when the mobile device is being used to decrypt a cryptographically secured electronic message, and a problem is encountered, program logic of the device provides the user with (1) an indication of exactly what problem is preventing opening of the message, for example, a required cryptographic key is not available; (2) an indication of exactly what may be done to overcome the problem, for example, what utilities should be run on the device; and (3) exactly what data, if any, needs to be downloaded to the device, for example, what cryptographic keys should be downloaded. | 07-23-2009 |
20090266883 | Gathering Randomness in a Wireless Smart Card Reader - A device coupled to a smart card reader may request random data from a smart card inserted into the smart card reader, and the smart card reader may incorporate the random data into its randomness pool. A device having a source of random data may have a driver installed thereon for the smart card reader. The device may generate a random session key to encrypt traffic between the device and the smart card reader. The device may send an encrypted version of the random session key to the smart card reader. The smart card reader may decrypt the encrypted version and incorporate the random session key into its randomness pool. A smart card reader may incorporate random data received from a smart card inserted therein into its randomness pool. | 10-29-2009 |
20090280744 | Controlling Visibility of a Wireless Device in Discoverable Mode - A wireless device in a discoverable mode controls its visibility by determining whether to ignore or respond to an inquiry, received from an inquiring device, based at least in part on one or more properties of the inquiring device. | 11-12-2009 |
20090282247 | METHOD, SYSTEM AND DEVICE FOR AUTHENTICATING A USER - Embodiments described herein relate to a method and device for authenticating a user of a computer and a corresponding system using the method and device. The device is a handheld electronic device configured to receive a first authentication code and to generate a secure identification token. If the received first authentication code and the generated token match, a second authentication code is transmitted to a computer to unlock the computer. | 11-12-2009 |
20090307498 | USER-DEFINED PASSWORDS HAVING ASSOCIATED UNIQUE VERSION DATA TO ASSIST USER RECALL OF THE PASSWORD - An electronic device includes password protected functionality using a password that can be changed by the user. A user-specified password is stored in association with unique version data that is subsequently provided to help user recall of the password associated therewith. | 12-10-2009 |
20100134274 | ANTICIPATORY RESPONSES TO COMMANDS - Responsive to intercepting an outbound command, a command interceptor may, upon determining that the command is associated with a particular category of commands, transmit an anticipatory response to the source of the command, for example, to prematurely indicate that the command has met with success. Accordingly, a given application whose further execution is dependent upon the successful completion of the command may further execute earlier than would be the case if the given application was to await the transmission of the command, the generation of a response indicating success and the receipt of the response indicating success. | 06-03-2010 |
20100138667 | AUTHENTICATION USING STORED BIOMETRIC DATA - A method is provided for storing a biometric template extracted a smart card for use on a user computing device. The biometric template is extracted from the smart card using a smart card reader. The biometric template is encrypted using a content protection key. The content protection key is encrypted using at least one of a device password or a smart card password. The password may be hashed. The encrypted biometric template, the encrypted content protection key and the hashed password may then be stored in a cache. A method for using the stored biometric template to access the user computer device is also provided. | 06-03-2010 |
20100159876 | SYSTEM AND METHOD TO PROVISION A MOBILE DEVICE - A system and method for enabling functions on a primary mobile device from a secondary mobile device are described. The primary mobile device is configured to enable at least selected functions of the mobile communications device if authorization information is received at the primary mobile device at periodic intervals of time. The method comprises: storing at the secondary mobile device the authorization information; establishing a short range direct wireless communications link between the secondary mobile device and the primary mobile device; and periodically transmitting the authorization information to the primary mobile device to enable the at least selected functions of the mobile communications device. | 06-24-2010 |
20100169979 | System and Method for Handling Restoration Operations on Mobile Devices - Systems and methods for handling restoration operations for a mobile device. A mobile device receives a kill pill command, wherein the command causes some or all data on the mobile device to be wiped. An indicator is stored to indicate that the kill pill command was sent to the mobile device. The indicator is used to determine whether a program should be wiped from the mobile device. | 07-01-2010 |
20100241867 | SYSTEM AND METHOD FOR ENCRYPTED SMART CARD PIN ENTRY - A smart card, system, and method for securely authorizing a user or user device using the smart card is provided. The smart card is configured to provide, upon initialization or a request for authentication, a public key to the user input device such that the PIN or password entered by the user is encrypted before transmission to the smart card via a smart card reader. The smart card then decrypts the PIN or password to authorize the user. Preferably, the smart card is configured to provide both a public key and a nonce to the user input device, which then encrypts a concatenation or other combination of the nonce and the user-input PIN or password before transmission to the smart card. The smart card reader thus never receives a copy of the PIN or password in the clear, allowing the smart card to be used with untrusted smart card readers. | 09-23-2010 |
20100281128 | SYSTEM AND METHOD FOR PROCESSING MESSAGES BEING COMPOSED BY A USER - A system and method for processing messages being composed by a user of a computing device (e.g. a mobile device). Embodiments are described in which the performance of certain tasks is initiated before a direction is received from a user to send a message being composed by the user. This may involve, for example, “pre-fetching” security-related data that will be required in order to send a message that is in the process of being composed by the user securely. Such data may include security policy data, certificate data, and/or certificate status data, for example. | 11-04-2010 |
20110029989 | METHOD FOR MODIFYING NOTIFICATIONS IN AN ELECTRONIC DEVICE - An embodiment relates to a novel apparatus and method for changing modes of notification in an electronic device. An electronic device includes a calendar application and a variety of other applications such as the message reader application or the daily alarm application. The device is configured to use the calendar application to track whether and how the user is notified of the receipt of an electronic. In one embodiment, the user specifically associates a profile behavior to the calendar entry when the calendar entry is first created. | 02-03-2011 |
20110058568 | PACKET-BASED COMMUNICATION SYSTEM AND METHOD - A system and method for facilitating communication of packets between one or more applications residing on a first computing device and at least one second computing device. The system comprises a connection manager adapted to receive packets from the at least one second computing device, and a packet cache for storing packets received by the connection manager. The connection manager, upon receiving a packet from a second computing device, transmits the packet to the packet cache for storage and notifies each of the applications of receipt of the packet. Subsequently, the packet is retrievable from the packet cache by a notified application, and verification that the packet is intended for communication to the notified application is made. | 03-10-2011 |
20110066845 | TRANSMISSION OF SECURE ELECTRONIC MAIL FORMATS - A method and system for providing e-mail messages to a receiving e-mail application. The e-mail messages as sent from a sending e-mail application being secure and in opaque signed format. The opaque signed e-mail messages being converted to clear signed e-mail messages by decoding extracting message content and digital signatures. The clear signed e-mails being sent to a receiving e-mail application. | 03-17-2011 |
20120005293 | SYSTEM AND METHOD FOR PROCESSING MESSAGES BEING COMPOSED BY A USER - A system and method for processing messages being composed by a user of a computing device (e.g. a mobile device). Embodiments are described in which the performance of certain tasks is initiated before a direction is received from a user to send a message being composed by the user. This may involve, for example, “pre-fetching” security-related data that will be required in order to send a message that is in the process of being composed by the user securely. Such data may include security policy data, certificate data, and/or certificate status data, for example. | 01-05-2012 |
20120122425 | DISPLAY OF SECURE MESSAGES ON A MOBILE COMMUNICATION DEVICE - A mobile communications device for the display of an incrementally received message includes a message viewer application for scanning the received portions of the message. On determination that the received portion of the message includes a first displayable portion of the message content, the system signals to a message server to halt the message server from forwarding further portions of the message content. The system provides a mechanism for the user of the mobile communications device to cause the mobile communications device to further signal the message server to recommence the forwarding of further portions of the secure message content to permit the verification of the e-mail based on the further portions of the secure message content. | 05-17-2012 |
20120191978 | SYSTEM AND METHOD FOR SECURING DATA FOR REDIRECTING AND TRANSPORTING OVER A WIRELESS NETWORK - A system and method for securing data for redirecting and transporting over a wireless network are generally described herein. In accordance with some embodiments, when it is determined that an electronic message that is protected with a first encryption algorithm is to be transported over a wireless network to a wireless device, the electronic message is converted to a data structure that is recognizable by the wireless device and the data structure is encrypted with a second encryption algorithm using a random session key. The second encryption algorithm has a stronger security than the first encryption algorithm. The random session key is encrypted with a public key and packets that comprise the encrypted data structure and the encrypted random session key are transmitted to the wireless device over the wireless network. | 07-26-2012 |
20130013627 | METHOD FOR MODIFYING NOTIFICATIONS IN AN ELECTRONIC DEVICE - An embodiment relates to a novel apparatus and method for changing modes of notification in an electronic device. An electronic device includes a calendar application and a variety of other applications such as the message reader application or the daily alarm application. The device is configured to use the calendar application to track whether and how the user is notified of the receipt of an electronic message. In one embodiment, the user specifically associates a profile behavior to the calendar entry when the calendar entry is first created. | 01-10-2013 |