Patent application number | Description | Published |
20080278438 | USER INTERFACE FOR SELECTING A PHOTO TAG - There is disclosed a user interface for selecting a photo tag. In an embodiment, the user interface embodies a method of selecting a photo tag for a tagged photo, comprising: providing a tag entry field for entering a photo tag; in dependence upon a string entered by a user, displaying in a matching tag list any tags from one or more selected tag sources matching the entered string. The method may further comprise displaying a tag type for each tag appearing in the matching tag list. The method may further comprise allowing user selection of a tag in the matching tag list to complete the tag entry field. | 11-13-2008 |
20080282177 | USER INTERFACE FOR EDITING PHOTO TAGS - There is disclosed a user interface for editing photo tags. In an embodiment, the user interface embodies a method of editing photo tags, comprising: displaying a photo on a display; providing a photo tagging mode for editing tags for the displayed photo; and for each tag used to tag a subject or object in the photo, identifying the tag type and associating a unique pointer for each tag type to highlight the corresponding tagged subject or object. The method may further comprise: displaying a tag list of tags used to tag a subject or object in the photo; and identifying the tag type of each tag in the tag list. In an embodiment, context sensitive information may be accessed for each tag depending on the tag type. | 11-13-2008 |
20090055643 | SYSTEM AND METHOD FOR DISPLAYING A SECURITY ENCODING INDICATOR ASSOCIATED WITH A MESSAGE ATTACHMENT - An apparatus and method of displaying a message on a display of a computing device. The message comprises at least a first attachment. At least a portion of the message is displayed to a user. The displayed portion comprises an identifier for the first attachment. In one embodiment, a security encoding indicator is associated with the identifier for the first attachment and displayed to the user. If a security encoding has been applied to the first attachment, the security encoding indicator indicates the security encoding applied to the first attachment. | 02-26-2009 |
20090061912 | SYSTEM AND METHOD FOR PROCESSING ATTACHMENTS TO MESSAGES SENT TO A MOBILE DEVICE - A system and method for processing attachments to messages sent to a mobile device is described herein. Embodiments described herein apply to encrypted messages comprising multiple message parts, in which different encryption keys (e.g. session keys) have been used to encrypt the different message parts. In at least one example embodiment, the encrypted session keys for every message content part comprising an attachment is received at the mobile device. In one embodiment, all of the encrypted session keys are stored together in a main message header. The mobile device may then decrypt the encrypted session key associated with a user requested attachment, and transmits the decrypted session key to one or more remote servers in an attachment request for use in decrypting the requested attachment. Data associated with the requested attachment, in decrypted form, is returned to the mobile device. | 03-05-2009 |
20090080661 | SYSTEM AND METHOD FOR CONTROLLING MESSAGE ATTACHMENT HANDLING FUNCTIONS ON A MOBILE DEVICE - A system and method for controlling message attachment handling functions on a mobile device is described herein. An attachment handling control can be set to identify one of a number of selected attachment handling control modes. Depending on the attachment handling control mode identified, a request for the attachment structure that includes a decrypted session key for an encrypted message received at the mobile device may or may not be automatically sent to a remote server. This may provide the user with increased control over the content of an encrypted message that the remote server may access when determining the attachment structure for a message. | 03-26-2009 |
20090089584 | SYSTEMS, DEVICES, AND METHODS FOR OUTPUTTING ALERTS TO INDICATE THE USE OF A WEAK HASH FUNCTION - Systems, devices, and methods for outputting an alert on a mobile device to indicate the use of a weak hash function are disclosed herein. In one example embodiment, the method comprises receiving data (e.g. from a server) that identifies at least one first hash function, identifying a hash digest generated using a second hash function, determining if the second hash function is weak using the received data, and outputting an alert indicating that the second hash function is weak if it is determined that the second hash function is weak. | 04-02-2009 |
20090165125 | SYSTEM AND METHOD FOR CONTROLLING USER ACCESS TO A COMPUTING DEVICE - A system and method for controlling user access to a computing device (e.g. a mobile device). In some embodiments, access rights are provided to a user based on successfully verified authentication factors, even where the user is unable to provide all the authentication factors typically required for access to the computing device. In one broad aspect, one or more authentication factors are provided by a user, and are received and verified by a security module application residing and executing on the computing device. When less than all of the authentication factors that would typically be expected in authenticating a user for access to the computing device is received and successfully verified, a subset of the available access rights selected from a plurality of different pre-defined subsets of access rights is provided to the user. The specific access rights provided to the user are based on the successfully verified authentication factors. | 06-25-2009 |
20090183230 | SYSTEMS AND METHODS FOR SERVER AIDED PROCESSING OF A SIGNED RECEIPT - A method for processing security communication protocol compliant signed receipts at a mobile communication device linked to a host system is provided. The host system receives an email message linked to a digital signature, and a signed receipt. The host system redirects the signed receipt to the mobile communication device. The host system determines if the email message is available at the mobile communication device, and if not, the host system retrieves the email message and redirects the email message to the mobile communication device. The mobile communication device can then verify the signed receipt based on the email message. Optionally, rather than the email message, the host system retrieves and/or recalculates data elements associated with the email message and required to verify the signed receipt, and redirects these data elements to the mobile communication device. A related system is provided, as well as server computer program for the host system, and device computer program for the mobile communication device. | 07-16-2009 |
20090209243 | Message Filter Program For A Communication Device - A communication device is configured to receive messages. The communication device may comprise a display screen upon which messages are displayed. A microprocessor configured to execute at least one message management program on the communication device, filters incoming messages. The message management program comprising a message filter application filters received messages based on a comparison of sender identification data associated with a received message to approved sender identification data. | 08-20-2009 |
20090210718 | SYSTEM AND METHOD FOR UPDATING MESSAGE TRUST STATUS - Systems and methods for processing encoded messages within a wireless communications system are disclosed. A server within the wireless communications system performs signature verification of an encoded message and provides, together with the message, an indication to the mobile device that the message has been verified. In addition, the server provides supplemental information, such as, for example, a hash of the certificate or certificate chain used to verify the message, to the device, to enable the device to perform additional checks on the certificate, such as, for example, validity checks, trust checks, strength checks, or the like. | 08-20-2009 |
20090216678 | SYSTEM AND METHOD FOR FACILITATING SECURE COMMUNICATION OF MESSAGES ASSOCIATED WITH A PROJECT - Embodiments of a system and method for facilitating the secure communication of messages associated with a project between computing devices, including for example, a first mobile device and at least a second mobile device are disclosed. One or more intermediate computing devices coupled to the first and second mobile devices are configured to receive and verify registration requests received from the mobile devices, and to assign addresses associated with mobile device users to a distribution list associated with the project. When a message that has been sent from a first user and addressed to at least a second user is received at the one or more intermediate computing devices, a determination is made as to whether the message is associated with the project, and if so, in one example embodiment, the message is transmitted to the second user only if both the address associated with the first user and the address associated with the second user have been assigned to the distribution list. | 08-27-2009 |
20100031028 | SYSTEMS AND METHODS FOR SELECTING A CERTIFICATE FOR USE WITH SECURE MESSAGES - Systems and methods for selecting a certificate for use in securing a message to be transmitted from a computing device is described herein. A set of certificates is determined and the certificates are ranked based on one or more predetermined ranking criteria. At least the highest ranking certificate is displayed, and a certificate is selected for securing the message. | 02-04-2010 |
20100232321 | Controlling Visibility of a Wireless Device in Discoverable Mode - A wireless device in a discoverable mode controls its visibility by determining whether to ignore or respond to an inquiry, received from an inquiring device, based at least in part on one or more properties of the inquiring device. | 09-16-2010 |
20100317324 | AUTOMATIC SECURITY ACTION INVOCATION FOR MOBILE COMMUNICATIONS DEVICE - A mobile communications device, method and computer program product for providing security are described. In one embodiment, the device comprises: a processor; a communications subsystem; a storage element having application modules and data; and a security module operable to detect a locked state of the device and initiate a lockout data protection timer for a predetermined duration upon detection of the locked state. The security module is operable to, after the lockout data protection timer has been initiated, detect if a password is entered through a user input device within the predetermined duration and to terminate the lockout data protection timer if entry of the password is detected to perform a security action comprising erasing or encrypting at least some of the data if entry of the password is not detected. | 12-16-2010 |
20110009133 | System and Method for Managing Items in a List Shared by a Group of Mobile Devices - A method and system are provided for sharing data amongst a group of a plurality of mobile devices without requiring a database or server to centrally store the shared data. The shared data is instead stored by each group member individually while controlling the manner in which the shared data is updated. The shared data can be used to manage tasks in a group project. To manage updates, the shared data is atomized such that individual databases in the shared data are separated or otherwise delineated into one or more records, each record having associated therewith, a value. To maintain a common copy of the shared data at each device, any update is sent to all group members using an intermediate message exchange service that is capable of transmitting a sent message to more than one recipient if necessary. In this way, the updates are multicast to the group. To manage the content of the shared data, each update comprises one or more changes to a current copy of a corresponding record. | 01-13-2011 |
20110010340 | System and Method for Managing Items in a List Shared by a Group of Mobile Devices - A method and system are provided for sharing data amongst a group of a plurality of mobile devices without requiring a database or server to centrally store the shared data. The shared data is instead stored by each group member individually while controlling the manner in which the shared data is updated. The shared data can be used to manage tasks in a group project. To manage updates, the shared data is atomized such that individual databases in the shared data are separated or otherwise delineated into one or more records, each record having associated therewith, a value. To maintain a common copy of the shared data at each device, any update is sent to all group members using an intermediate message exchange service that is capable of transmitting a sent message to more than one recipient if necessary. In this way, the updates are multicast to the group. To manage the content of the shared data, each update comprises one or more changes to a current copy of a corresponding record. | 01-13-2011 |
20110010554 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. For example, when the mobile device is being used to decrypt a cryptographically secured electronic message, and a problem is encountered, program logic of the device provides the user with (1) an indication of exactly what problem is preventing opening of the message, for example, a required cryptographic key is not available; (2) an indication of exactly what may be done to overcome the problem, for example, what utilities should be run on the device; and (3) exactly what data, if any, needs to be downloaded to the device, for example, what cryptographic keys should be downloaded. | 01-13-2011 |
20110029627 | SYSTEM AND METHOD FOR HANDLING ELECTRONIC MAIL MISMATCHES - A system and method for handling e-mail address mismatches between the address contained within a user's certificate or certificate chain, and the account address actually being used is disclosed. In order to resolve address mismatches a canonical or generic domain name or user name may, for example, be used as a lifelong address of a user that is contained in the user's certificate. Upon detection of an address mismatch, the system and method disclosed herein may automatically re-check the certificate or search for a certificate containing the canonical or generic domain name and/or user name to attempt to resolve the mismatch. This mismatch resolution is preferably transparent to the user and occurs automatically. The canonical or generic domain and/or user names that are available to the device may be typically controlled by IT policy that is in place on the system for the device. While this system is suitable for any type of electronic messaging system, it has particular applicability to systems that use mobile wireless communication devices with electronic messaging capability. | 02-03-2011 |
20110099381 | SYSTEM AND METHOD FOR RETRIEVING CERTIFICATES ASSOCIATED WITH SENDERS OF DIGITALLY SIGNED MESSAGES - A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user's computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit. | 04-28-2011 |
20110126262 | SPECIFYING A SET OF FORBIDDEN PASSWORDS - Various embodiments are described for providing password approval on a device. The password approval includes getting the user password, generating at least one symbolically equivalent password and then comparing the at least one symbolically equivalent password with at least one specified forbidden password. The user password is disapproved if one of the symbolically equivalent passwords corresponds to the at least one forbidden password. | 05-26-2011 |
20110191642 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. | 08-04-2011 |
20110195690 | SYSTEM AND METHOD FOR PROCESSING ATTACHMENTS TO MESSAGES SENT TO A MOBILE DEVICE - A system and method for processing attachments to messages sent to a mobile device is described herein. Embodiments described herein apply to encrypted messages comprising multiple message parts, in which different encryption keys (e.g. session keys) have been used to encrypt the different message parts. In at least one example embodiment, the encrypted session keys for every message content part comprising an attachment is received at the mobile device. In one embodiment, all of the encrypted session keys are stored together in a main message header. The mobile device may then decrypt the encrypted session key associated with a user requested attachment, and transmits the decrypted session key to one or more remote servers in an attachment request for use in decrypting the requested attachment. Data associated with the requested attachment, in decrypted form, is returned to the mobile device. | 08-11-2011 |
20110196989 | SYNCHRONIZING CERTIFICATES BETWEEN A DEVICE AND SERVER - Systems and methods for processing messages within a wireless communications system are disclosed. A server within the wireless communications system maintains a list of certificates contained in devices that use the server. The server synchronizes or updates the list of certificates based on information contained in message to and from the device. By providing a server with certificates associated with devices that use the server, and providing a system and method for synchronizing the certificates between the device and server, the server can implement powerful features that will improve the efficiency, speed and user satisfaction of the devices. The exemplary embodiments also enable advantageous bandwidth savings by preventing transmission of certificates unnecessarily | 08-11-2011 |
20110231646 | SYSTEM AND METHOD FOR PROCESSING ENCODED MESSAGES FOR EXCHANGE WITH A MOBILE DATA COMMUNICATION DEVICE - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device, the message is processed so as to modify the message with respect to one or more encryption and/or authentication aspects. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a host system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the host system to one or more receivers. | 09-22-2011 |
20110258446 | SYSTEMS AND METHODS FOR SERVER AIDED PROCESSING OF A SIGNED RECEIPT - A method for processing security communication protocol compliant signed receipts at a mobile communication device linked to a host system is provided. The host system receives an email message linked to a digital signature, and a signed receipt. The host system redirects the signed receipt to the mobile communication device. The host system determines if the email message is available at the mobile communication device, and if not, the host system retrieves the email message and redirects the email message to the mobile communication device. The mobile communication device can then verify the signed receipt based on the email message. Optionally, rather than the email message, the host system retrieves and/or recalculates data elements associated with the email message and required to verify the signed receipt, and redirects these data elements to the mobile communication device. A related system is provided, as well as server computer program for the host system, and device computer program for the mobile communication device. | 10-20-2011 |
20110258707 | E-MAIL WITH SECURE MESSAGE PARTS - A method for preventing a recipient of an electronically transmitted message from taking at least one action in relation to the message is disclosed. The message has at least two parts with one of the parts having a higher level of security than the other part. The method includes the step of extracting information from the message. The information indicates that the higher level security part is not permitted to have the action taken on it while the other part is so permitted. The method also includes the step of preventing the higher level security part from having the action taken on it in reaction to said recipient making an offending request. | 10-20-2011 |
20110280401 | SYSTEM AND METHOD FOR EXCHANGING ENCRYPTION KEYS BETWEEN A MOBILE DEVICE AND A PERIPHERAL DEVICE - Embodiments of a system and method for providing additional security for data being transmitted across a wireless connection that has been established using a known wireless protocol (e.g. Bluetooth) are described. An encryption key is exchanged between a computing device (e.g. a mobile device) and a wireless peripheral device (e.g. a keyboard, a printer). In exemplary embodiments, the encryption key is generated at one of the two devices. Data associated with the encryption key is output at the one device, which can be input by the user at the other device. The encryption key is then recovered at the other device from the input, thereby completing the key exchange. The encryption key can then be used to encrypt and decrypt data transmitted over the established wireless connection, providing additional security. | 11-17-2011 |
20110283109 | SYSTEM AND METHOD FOR SELECTING MESSAGING SETTINGS ON A MESSAGING CLIENT - A system and method of selecting messaging settings on a messaging client are provided. A data store configured to operate in conjunction with the messaging client stores records comprising messaging settings or characteristics for previously received and/or sent messages. The messaging client is configured to send outgoing messages, each of the messages having message characteristics, to determine whether a record for an addressed recipient of an outgoing message exists in the data store, and to select messaging settings to control the message characteristics of the outgoing message based on the record where a record exists. | 11-17-2011 |
20110299687 | AUTOMATED KEY MANAGEMENT SYSTEM AND METHOD - A system and method for automatic key and certificate management is disclosed. In particular, a key store in a base computer contains both new and previously viewed cryptographic keys. In one embodiment, for each new key, if a corresponding certificate matches an existing certificate, the new certificate may be automatically downloaded to a mobile communications device without prompting a user. | 12-08-2011 |
20110302407 | SYSTEM AND METHOD FOR SENDING ENCRYPTED MESSAGES TO A DISTRIBUTION LIST - A system and method for sending encrypted messages to a distribution list that facilitates the sending of such messages only to individuals or other entities associated with the distribution list that will be able to read the message. In one embodiment, the method comprises the steps of: identifying a distribution list address in a message; determining one or more member addresses associated with the distribution list address; for each member address, determining if a public key for a member identified by the respective member address is available on the computing device; encrypting the message to each member identified by the one or more member addresses for which a public key for the respective member is available on the computing device; sending the encrypted message to the distribution list address if each of the one or more member addresses associated with the distribution list identifies a member for which a public key is available on the computing device; and sending the message to each of the one or more member addresses that identifies a member for which a public key is available on the computing device otherwise. | 12-08-2011 |
20110320807 | SYSTEM AND METHOD FOR PROCESSING ENCODED MESSAGES - Systems and methods for processing encoded messages at a message receiver. A received encoded message is decoded and stored in a memory. The stored decoded message can subsequently be displayed or otherwise processed without repeating the decoding operations. Decoding operations may include signature verification, decryption, other types of decoding, or some combination thereof. | 12-29-2011 |
20110321171 | Deleting Confidential Information Used to Secure a Communication Link - A system includes a first wireless-enabled device that transparently stores confidential information and a second wireless-enabled device that stores the same confidential information. The confidential information is to be used to secure a wireless communication link between the first device and the second device. One or both of the first device and the second device is to delete the confidential information upon fulfillment of one or more conditions related to the communication link. | 12-29-2011 |
20120036582 | SYSTEM AND METHOD TO FORCE A MOBILE DEVICE INTO A SECURE STATE - Embodiments relate to systems and methods for implementation on a mobile device to force the mobile device into a secure state upon detection or determination of a triggering event. Once it is determined that a triggering event has occurred, each application operating on the mobile device is caused to immediately unreference sensitive objects and a secure garbage collection operation is performed upon the unreferenced sensitive objects to render data associated therewith unreadable. The mobile device is then caused to enter a secure state, in which the mobile device cannot be accessed without authorization. A microprocessor within the mobile device is configured to determine the existence of the triggering event according to a configuration data structure and to perform the secure garbage collection. | 02-09-2012 |
20120042161 | SYSTEM AND METHOD FOR SENDING SECURE MESSAGES - Electronic messages are sent from a sending system to an identified recipient and are encrypted using information contained in a certificate for that recipient. An electronic device and method are provided for detecting receipt of a command to initiate transmission of a composed message to a recipient, and after said detection but prior to transmitting the message, determining that no valid digital certificate for said recipient is available at the communication device; retrieving a valid digital certificate for said recipient from a source over a network; and encrypting said composed message using the valid digital certificate; then initiating transmission of the encrypted, composed message to the recipient. Retrieval of the valid digital certificate can include repeated retrieval and validation of certificates until a valid certificate is obtained. | 02-16-2012 |
20120045057 | CHALLENGE RESPONSE-BASED DEVICE AUTHENTICATION SYSTEM AND METHOD - A challenge response scheme authenticates a requesting device by an authenticating device. The authenticating device generates and issues a challenge to the requesting device. The requesting device combines the challenge with a hash of a password provided by a user, and the combination is further hashed in order to generate a requesting encryption key used to encrypt the user supplied password. The encrypted user supplied password is sent to the authenticating device as a response to the issued challenge. The authenticating device generates an authenticating encryption key by generating the hash of a combination of the challenge and a stored hash of an authenticating device password. The authenticating encryption key is used to decrypt the response in order to retrieve the user-supplied password. If the user-supplied password hash matches the stored authenticating device password hash, the requesting device is authenticated and the authenticating device is in possession of the password. | 02-23-2012 |
20120060026 | CERTIFICATE MANAGEMENT AND TRANSFER SYSTEM AND METHOD - A method and system for Certificate management and transfer between messaging clients are disclosed. When communications are established between a first messaging client and a second messaging client, one or more Certificates stored on the first messaging client may be selected and transferred to the second messaging client. Messaging clients may thereby share Certificates. Certificate management functions such as Certificate deletions, Certificate updates and Certificate status checks may also be provided. | 03-08-2012 |
20120066505 | SYSTEM AND METHOD FOR REMOTE RESET OF PASSWORD AND ENCRYPTION KEY - A method and system are provided for resetting a password using a first device and a second device. The second device stores data encrypted using a content protection key, which itself is stored in encrypted form using the password, and is also stored in encrypted form using a key encryption key. The first device receives a public key from a second device. The first device uses the public key and a stored private key to generate a further public key. The further public key and a new password are sent to the second device. The second device uses the further public key to generate the key encryption key, which is then used to decrypt the encrypted content protection key. A new content encryption key is created, and encrypted using the new password. | 03-15-2012 |
20120079269 | SYNCHRONIZING CERTIFICATES BETWEEN A DEVICE AND SERVER - Systems and methods for processing messages within a wireless communications system are disclosed. A server within the wireless communications system maintains a list of certificates contained in devices that use the server. The server synchronizes or updates the list of certificates based on information contained in message to and from the device. By providing a server with certificates associated with devices that use the server, and providing a system and method for synchronizing the certificates between the device and server, the server can implement powerful features that will improve the efficiency, speed and user satisfaction of the devices. The exemplary embodiments also enable advantageous bandwidth savings by preventing transmission of certificates unnecessarily | 03-29-2012 |
20120079603 | SELECTIVELY WIPING A REMOTE DEVICE - A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level. | 03-29-2012 |
20120084376 | METHOD AND APPARATUS FOR PROCESSING DIGITALLY SIGNED MESSAGES TO DETERMINE ADDRESS MISMATCHES - A method and apparatus for processing digitally signed messages in which address mismatch errors are detected. In at least one aspect, the number of address mismatch errors reported to a user for a message may be minimized for messages that properly incorporate message portions signed by someone other than the sender of the message, as may be the case where the message contains a conversation thread for example, by performing at least one pre-determined action for digital signatures corresponding to signed data appearing after a message separator. The message separator may indicate that the message contains data from an older forwarded message or from an older message that has been replied to, for example. The at least one-predetermined action may comprise bypassing verification of address matches for those digital signatures, or verifying address matches for those digital signatures but suppressing user notification of any address mismatch errors, for example. | 04-05-2012 |
20120084556 | SYSTEM AND METHOD FOR RETRIEVING RELATED CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, all certificates related to an identified certificate are retrieved from the certificate servers automatically by the certificate synchronization application, where the related certificates comprise at least one of one or more CA certificates and one or more cross-certificates. Embodiments described herein facilitate at least partial automation of the downloading and establishment of certificate chains, thereby minimizing the need for users to manually search for individual certificates. | 04-05-2012 |
20120117616 | WIRELESS/WIRED MOBILE COMMUNICATION DEVICE WITH OPTION TO AUTOMATICALLY BLOCK WIRELESS COMMUNICATION WHEN CONNECTED FOR WIRED COMMUNICATION - A mobile wireless communication device also has at least one wired communication port. Enhanced security is achieved by permitting the device to automatically disable one or more wireless ports when connected to a wired port. Specific combinations/permutations of such automatic control may be effected by use of an IT Policy also resident on the device. | 05-10-2012 |
20120124371 | SYSTEM AND METHOD FOR AUTHENTICATING STREAMED DATA - One embodiment of a method of authenticating data comprises: receiving, at a device, data in a plurality of indexed packets transmitted by a data server, the data of the indexed packets being at least a portion of a larger data stream; receiving, at the device, from a data authentication server connected to the device by a network, a server-computed authentication value based on a subset of the data transmitted by the data server, the data authentication server having access to the data that was transmitted from the data server to the device; and comparing a device-computed authentication value based on a subset of the received data, corresponding to the subset of the data transmitted by the data server, with the server-computed authentication value in order to determine whether the subset of the data received at the device is authentic. | 05-17-2012 |
20120137341 | SYSTEM AND METHOD FOR DETERMINING A SECURITY ENCODING TO BE APPLIED TO OUTGOING MESSAGES - A system and method for determining a security encoding to be applied to a message being sent by a user of a computing device. In one broad aspect, the device comprises a processor configured to: determine whether a general message encoding configuration setting indicates that when a security encoding is to be applied to a message then the security encoding is to be established by a policy engine; if the general message encoding configuration setting so indicates, query the policy engine for the security encoding to be applied to the message; otherwise, determine the security encoding to be applied to the message in accordance with a user-selected security encoding; and apply the determined security encoding to the message prior to transmission of the message to at least one recipient. | 05-31-2012 |
20120143975 | MESSAGE FILTER PROGRAM FOR A COMMUNICATION DEVICE - A communication device is configured to receive messages. The communication device may comprise a display screen upon which messages are displayed. A microprocessor configured to execute at least one message management program on the communication device, filters incoming messages. The message management program comprising a message filter application filters received messages based on a comparison of sender identification data associated with a received message to approved sender identification data. | 06-07-2012 |
20120159150 | SYSTEM AND METHOD FOR IMPLEMENTING AN ENHANCED TRANSPORT LAYER SECURITY PROTOCOL - A system and method for implementing an enhanced transport layer security (ETLS) protocol is provided. The system includes a primary server, an ETLS servlet and an ETLS software module. The primary server operates on a computer network and is configured to communicate over the computer network using a non-proprietary security protocol. The ETLS servlet also operates on the computer network and is securely coupled to the primary server. The ETLS servlet is configured to communicate over the computer network using an ETLS security protocol. The ETLS software module operates on a mobile device, and is configured to communicate over the computer network using either the non-proprietary security protocol or the ETLS security protocol. Operationally, the ETLS software module initially contacts the server over the computer network using the non-proprietary security protocol, and subsequently contacts the server through the ETLS servlet using the ETLS security protocol. | 06-21-2012 |
20120198236 | SYSTEMS, DEVICES, AND METHODS FOR SECURELY TRANSMITTING A SECURITY PARAMETER TO A COMPUTING DEVICE - Embodiments of the systems, devices, and methods described herein generally facilitate the secure transmittal of security parameters. In accordance with at least one embodiment, a representation of first data comprising a password is generated at the first computing device as an audio signal. The audio signal is transmitted from the first computing device to the second computing device. The password is determined from the audio signal at the second computing device. A key exchange is performed between the first computing device and the second computing device wherein a key is derived at each of the first and second computing devices. In at least one embodiment, one or more security parameters (e.g. one or more public keys) are exchanged between the first and second computing devices, and techniques for securing the exchange of security parameters or authenticating exchanged security parameters are generally disclosed herein. | 08-02-2012 |
20120210389 | AUTOMATIC SECURITY ACTION INVOCATION FOR MOBILE COMMUNICATIONS DEVICE - In one embodiment, there is provided a mobile communications device comprising: a processor; a communications subsystem operable to exchange signals with a wireless network; a storage element having application modules and data stored thereon, the data comprising at least user application data associated with the application modules and service data including data for establishing communications with the wireless network; and a security module operable to detect policy messages received by the device, and to perform a security action if a first policy message to enforce a first data protection policy is received and a subsequent policy message to enforce a second data protection policy is not received within a predetermined duration from the time at which the first policy message is received; wherein the security action comprises erasing or encrypting at least some of the data on the storage element. | 08-16-2012 |
20120213365 | SYSTEM AND METHOD FOR PROCESSING ATTACHMENTS TO MESSAGES SENT TO A MOBILE DEVICE - A system and method for processing attachments to messages sent to a mobile device is described herein. Embodiments described herein apply to encrypted messages comprising multiple message parts, in which different encryption keys (e.g. session keys) have been used to encrypt the different message parts. In at least one example embodiment, the encrypted session keys for every message content part comprising an attachment is received at the mobile device. In one embodiment, all of the encrypted session keys are stored together in a main message header. The mobile device may then decrypt the encrypted session key associated with a user requested attachment, and transmits the decrypted session key to one or more remote servers in an attachment request for use in decrypting the requested attachment. Data associated with the requested attachment, in decrypted form, is returned to the mobile device. | 08-23-2012 |
20120216032 | MULTIPLE-STAGE SYSTEM AND METHOD FOR PROCESSING ENCODED MESSAGES - System and methods for processing encoded messages at a message receiver are described. Encoded message processing is performed in multiple stages. In a first stage, a new received message is at least partially decoded by performing any decoding operations that require no user input and a resulting context object is stored in memory, before a user is notified that the new message has been received. When the user accesses the new message, any further required decoding operations are performed on the stored context object in a second stage of processing. The message can subsequently be displayed or otherwise processed relatively quickly, without repeating the first stage decoding operations. Decoding operations may include signature verification, decryption, other types of decoding, or some combination thereof. | 08-23-2012 |
20120216042 | System and Method for Provisioning Device Certificates - A method is provided for provisioning a device certificate. A device certificate request is transmitted from a communication device to a server in a communication network using an established communications channel between the communication device and the server. The device certificate request comprises at least a user identifier and a device identifier. The server provides to the communication device a device certificate that includes the user identifier and the device identifier and that is signed by a private key of a certificate authority. | 08-23-2012 |
20120246706 | SYSTEMS, DEVICES, AND METHODS FOR SECURELY TRANSMITTING A SECURITY PARAMETER TO A COMPUTING DEVICE - Embodiments of the systems, devices, and methods described herein generally facilitate the secure transmittal of security parameters. In accordance with at least one embodiment, a representation of first data comprising a password is generated at the first computing device as an image or audio signal. The image or audio signal is transmitted from the first computing device to the second computing device. The password is determined from the image or audio signal at the second computing device. A key exchange is performed between the first computing device and the second computing device wherein a key is derived at each of the first and second computing devices. In at least one embodiment, one or more security parameters (e.g. one or more public keys) are exchanged between the first and second computing devices, and techniques for securing the exchange of security parameters or authenticating exchanged security parameters are generally disclosed herein. | 09-27-2012 |
20120290844 | SYSTEM AND METHOD FOR CONTROLLING MESSAGE ATTACHMENT HANDLING FUNCTIONS ON A MOBILE DEVICE - A system and method for controlling message attachment handling functions on a mobile device is described herein. An attachment handling control can be set to identify one of a number of selected attachment handling control modes. Depending on the attachment handling control mode identified, a request for the attachment structure that includes a decrypted session key for an encrypted message received at the mobile device may or may not be automatically sent to a remote server. This may provide the user with increased control over the content of an encrypted message that the remote server may access when determining the attachment structure for a message. | 11-15-2012 |
20120297002 | SYSTEMS AND METHODS FOR PROTECTING HEADER FIELDS IN A MESSAGE - Embodiments of the systems and methods described herein facilitate the transmitting, receiving, and processing of encoded messages wherein the header fields in the message header are protected. In one embodiment, the contents of the header fields to be protected are inserted into the message body as one or more additional lines of text, for example, prior to encoding and transmitting the message to a message recipient. Upon receipt of the message, the message recipient processes the encoded message such that the contents of the protected header fields can be extracted from the message body. Accordingly, by inserting the contents of the header fields to be protected into the message body, the header fields may be protected using existing standards and protocols for facilitating secure message communication. | 11-22-2012 |
20120298744 | SYSTEM AND METHOD FOR MANAGING ITEMS IN A LIST SHARED BY A GROUP OF MOBILE DEVICES - A method and system are provided for operating a mobile device, the method comprising: reading a barcode being displayed by another mobile device, to identify a group, by capturing at least one image of the barcode; and joining the group identified by the barcode. Another method and system are provided, the method comprising: storing a barcode on the mobile device, the barcode identifying a group; and displaying the barcode on a display of the mobile device such that the entire barcode is visible on the display to enable another mobile device to scan the barcode to join the group. Another method and system are provided, the method comprising: reading a barcode being displayed by another mobile device, to identify an individual associated with the other mobile device, by capturing at least one image of the barcode; and inviting the individual identified by the barcode to join a group. | 11-29-2012 |
20120303731 | SYSTEM AND METHOD FOR PROCESSING MESSAGES BEING COMPOSED BY A USER - A system and method for processing messages being composed by a user of a computing device (e.g. a mobile device). Embodiments are described in which the performance of certain tasks is initiated before a direction is received from a user to send a message being composed by the user. This may involve, for example, “pre-fetching” security-related data that will be required in order to send a message that is in the process of being composed by the user securely. Such data may include security policy data, certificate data, and/or certificate status data, for example. | 11-29-2012 |
20120311323 | System and Method of Accessing Keys for Secure Messaging - Methods and systems for handling on an electronic device a secure message to be sent to a recipient. Data is accessed about a security key associate with the recipient. The received data is used to perform a validity cheek related to sending a secure message to the recipient. The validity check may uncover an issue that exists with sending a secure message to the recipient. A reason is determined for the validity check issue and is provided to the mobile device's user. | 12-06-2012 |
20130003974 | DISPLAY OF SECURE MESSAGES ON A MOBILE COMMUNICATION DEVICE - A mobile device for the display of messages receives messages in segments or incrementally from a server, and includes a message viewer application for displaying portions of the message. On determination using the received portion of the message that the message is digitally signed or encrypted, the server is signalled to halt automatic transmission of further segments of the message. When a verify command is received by the mobile device, a command is transmitted to the server so that automatic reception of message segments can be resumed at the mobile device. | 01-03-2013 |
20130007445 | SYSTEM AND METHOD FOR RETRIEVING CERTIFICATES ASSOCIATED WITH SENDERS OF DIGITALLY SIGNED MESSAGES - A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user's computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit. | 01-03-2013 |
20130007446 | SYSTEM AND METHOD FOR PROCESSING CERTIFICATES LOCATED IN A CERTIFICATE SEARCH - A system and method for processing certificates located in a certificate search. Certificates located in a certificate search are processed at a data server (e.g. a mobile data server) coupled to a computing device (e.g. a mobile device) to determine status data that can be used to indicate the status of those certificates to a user of the computing device, without having to download those certificates to the computing device in their entirety. The data server is further adapted to transmit the status data to the computing device. In one embodiment, at least one status property of the certificates is verified at the data server in determining the status data. In another embodiment, additional certificate data is determined and transmitted to the computing device, which can be used by the computing device to verify, at the computing device, at least one other status property of the certificates. | 01-03-2013 |
20130007447 | PROVIDING CERTIFICATE MATCHING IN A SYSTEM AND METHOD FOR SEARCHING AND RETRIEVING CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one broad aspect, certificate identification data that uniquely identifies a certificate associated with a message is generated. The certificate identification data can then be used to determine whether the certificate is stored on a computing device. Only the certificate identification data is needed to facilitate the determination alleviating the need for a user to download the entire message to the computing device in order to make the determination. | 01-03-2013 |
20130007448 | SYSTEM AND METHOD FOR UPDATING MESSAGE TRUST STATUS - Systems and methods for processing encoded messages within a wireless communications system are disclosed. A server within the wireless communications system performs signature verification of an encoded message and provides, together with the message, an indication to the mobile device that the message has been verified. In addition, the server provides supplemental information, such as, for example, a hash of the certificate or certificate chain used to verify the message, to the device, to enable the device to perform additional checks on the certificate, such as, for example, validity checks, trust checks, strength checks, or the like. | 01-03-2013 |
20130007454 | SYSTEMS, DEVICES, AND METHODS FOR OUTPUTTING ALERTS TO INDICATE THE USE OF A WEAK HASH FUNCTION - Systems, devices, and methods for outputting an alert on a mobile device to indicate the use of a weak hash function are disclosed herein. In one example embodiment, the method comprises receiving data (e.g. from a server) that identifies at least one first hash function, identifying a hash digest generated using a second hash function, determining if the second hash function is weak using the received data, and outputting an alert indicating that the second hash function is weak if it is determined that the second hash function is weak. | 01-03-2013 |
20130007459 | SYSTEM AND METHOD FOR COMPRESSING SECURE E-MAIL FOR EXCHANGE WITH A MOBILE DATA COMMUNICATION DEVICE - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device: the message is processed so as to modify the message with respect to encryption and/or authentication aspect. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a remote system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the remote system to one or more receivers. | 01-03-2013 |
20130007664 | USER INTERFACE FOR SELECTING A PHOTO TAG - There is disclosed a user interface for selecting a photo tag. In an embodiment, the user interface embodies a method of selecting a photo tag for a tagged photo, comprising: providing a tag entry field for entering a photo tag; in dependence upon a string entered by a user, displaying in a matching tag list any tags from one or more selected tag sources matching the entered string. The method may further comprise displaying a tag type for each tag appearing in the matching tag list. The method may further comprise allowing user selection of a tag in the matching tag list to complete the tag entry field. | 01-03-2013 |
20130012248 | DISPLAY OF SECURE MESSAGES ON A MOBILE COMMUNICATION DEVICE - A mobile device for the display of messages includes a message viewer application for displaying segments of the message received from a server. The message can include content that is encoded in a first encoding that is renderable for display on the device, and the same content encoded in a second encoding. On determination that the received portion of the message includes a first part comprising content encoded in a first encoding and is renderable for display, first displayable portion of the message content, the server is signalled to halt forwarding further segments of the message. | 01-10-2013 |
20130013714 | SYSTEM AND METHOD FOR PROCESSING ENCODED MESSAGES - Systems and methods for processing encoded messages within a wireless communication system. A server within the wireless communication system provides one or more indications to a mobile device as to certain conditions existing with respect to an encoded message. The mobile device performs a different message processing function based upon whether the indication is provided. The indications may include indicating whether a message exceeds a message size threshold and/or may indicate whether a partial message is being sent. | 01-10-2013 |
20130013917 | SYSTEM AND METHOD FOR ENABLING BULK RETRIEVAL OF CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, a certificate synchronization application is programmed to perform certificate searches by querying one or more certificate servers for all of the certificates on those certificate servers. If all of the certificates on a certificate server cannot be successfully retrieved using a single search query, due to a search quota on the certificate server being exceeded for example, the search is re-performed through multiple queries, each corresponding to a narrower subsearch. Embodiments described herein enable large amounts of certificates to be automatically searched for and retrieved from certificate servers, thereby minimizing the need for users to manually search for individual certificates. | 01-10-2013 |
20130013918 | SYSTEM AND METHOD FOR RETRIEVING CERTIFICATES ASSOCIATED WITH SENDERS OF DIGITALLY SIGNED MESSAGES - A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user's computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit. | 01-10-2013 |
20130013919 | UPDATING CERTIFICATE STATUS IN A SYSTEM AND METHOD FOR PROCESSING CERTIFICATES LOCATED IN A CERTIFICATE SEARCH - A system and method for processing certificates located in a certificate search. Certificates located in a certificate search are processed at a data server (e.g. a mobile data server) coupled to a computing device (e.g. a mobile device) to determine status data that can be used to indicate the status of those certificates to a user of the computing device. Selected certificates may be downloaded to the computing device for storage, and the downloaded certificates are tracked by the data server. This facilitates the automatic updating of the status of one or more certificates stored on the computing device by the data server, in which updated status data is pushed from the data server to the computing device. | 01-10-2013 |
20130016833 | SECURELY USING A DISPLAY TO EXCHANGE INFORMATION - A first device has a display that is able to show information. The information is to be exchanged with a second device. The information is cleared from the display following receipt of an indication from the second device that the information has been successfully inputted at the second device. | 01-17-2013 |
20130024683 | SYSTEM AND METHOD FOR SENDING ENCRYPTED MESSAGES TO A DISTRIBUTION LIST - A system and method for sending encrypted messages to a distribution list. In one embodiment, the method comprises: identifying a distribution list address in a message; determining one or more member addresses associated with the distribution list address; for each member address, determining if a public key for a member identified by the member address is available on the computing device; and if so, encrypting the message to the member; sending the encrypted message to the distribution list address only if each of the one or more member addresses associated with the distribution list identifies a member for which a public key is available on the computing device. | 01-24-2013 |
20140059342 | System and Method of Accessing Keys for Secure Messaging - Methods and systems for handling on an electronic device a secure message to be sent to a recipient. Data is accessed about a security key associated with the recipient. The received data is used to perform a validity check related to sending a secure message to the recipient. The validity check may uncover an issue that exists with sending a secure message to the recipient. A reason is determined for the validity check issue and is provided to the mobile device's user. | 02-27-2014 |