| Patent application number | Description | Published |
|---|
| 20080289001 | POLICY PROXY - In a system with a policy server, a first device able to communicate with the policy server and a second device able to communicate with the first device and unable to communicate with the policy server, the first device is to act as a policy proxy. The policy server may push to the first device a policy for the second device, and the first device may push the policy to the second device. | 11-20-2008 |
| 20080305776 | SYSTEM AND METHOD FOR WIRELESSLY PROVISIONING A MOBILE COMMUNICATION DEVICE - Systems and methods for wirelessly provisioning a mobile communication device are provided. To provision the mobile communication device to operate with an electronic messaging system, a provisioning request message may be generated at the mobile communication device. The provisioning request message may include a wireless identification for identifying the mobile communication device in a wireless network. The provisioning request message may be transmitted from the mobile communication device to the electronic messaging system using a pre-established communication link. In response to detecting the provisioning request message, the electronic messaging system may be provisioned by storing the wireless identification for use in communicating with the mobile communication device. | 12-11-2008 |
| 20080306922 | SYSTEM AND METHOD FOR ENABLING BULK RETRIEVAL OF CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, a certificate synchronization application is programmed to perform certificate searches by querying one or more certificate servers for all of the certificates on those certificate servers. If all of the certificates on a certificate server cannot be successfully retrieved using a single search query, due to a search quota on the certificate server being exceeded for example, the search is re-performed through multiple queries, each corresponding to a narrower subsearch. Embodiments described herein enable large amounts of certificates to be automatically searched for and retrieved from certificate servers, thereby minimizing the need for users to manually search for individual certificates. | 12-11-2008 |
| 20090077644 | APPARATUS AND METHOD FOR INTEGRATING AUTHENTICATION PROTOCOLS IN THE ESTABLISHMENT OF CONNECTIONS BETWEEN COMPUTING DEVICES - An apparatus and method for integrating authentication protocols in the establishment of connections between a controlled-access first computing device and at least one second computing device. In one embodiment, network access user authentication data needed to access the at least one second computing device is transmitted to an authentication server automatically if the user has access to use the first computing device, thereby not requiring the user to manually enter the authentication data needed for such access at the first computing device. The network access user authentication data may be, for example, retrieved from a memory store of the first computing device and/or generated in accordance with an authentication data generating algorithm. | 03-19-2009 |
| 20090095812 | SYSTEM AND METHOD FOR MANAGING MULTIPLE SMART CARD SESSIONS - A system and method is provided for managing multiple smart card sessions with multiple communications or computing devices in association with a single smart card reader. A wireless smart card reader is provided for communicating with a plurality of devices requiring smart card functionality in a number of smart card sessions, in which each smart card session is addressed with an identifier identifying a single device. The smart card session is secured by a wireless connection pairing and by a secure pairing, such that each connection between the smart card reader and a device is secured against all other devices in communication with the smart card reader using a master connection key, which is unique for each device. | 04-16-2009 |
| 20090113543 | AUTHENTICATION CERTIFICATE MANAGEMENT FOR ACCESS TO A WIRELESS COMMUNICATION DEVICE - A system and method for authenticating a user to a user device using one or more-factor authentication with a certificate are provided. The status of the certificate is stored at the user device such that the stored status is queried during the authentication process. The status is updated as a background operation on the user device on a periodic basis. In the event that the user device fails to obtain updated status information, further status update requests are issued by the user device at varying time intervals until a response is received. In the event that the user is authenticated to the device but the certificate is subsequently revoked, access to all or a subset of user data and functions on the user device may be restricted. | 04-30-2009 |
| 20090119511 | AUTOMATED KEY MANAGEMENT SYSTEM AND METHOD - A system and method for automatic key and certificate management is disclosed. In particular, a key store in a base computer contains both new and previously viewed cryptographic keys. In one embodiment, for each new key, if a corresponding certificate matches an existing certificate, the new certificate may be automatically downloaded to a mobile communications device without prompting a user. | 05-07-2009 |
| 20090132827 | DEBUGGING PORT SECURITY INTERFACE - The present invention provides a secure JTAG interface to an application-specific integrated circuit (ASIC). In the preferred embodiment the invention operates through the combined efforts of a Security Module (SM) comprising a state machine that controls the security modes for the ASIC, and a Test Control Module (TCM) which contains the JTAG interface. The TCM operates in either a restricted mode or an unrestricted mode, depending on the state of the SM state machine. In a restricted mode, only limited access to memory content is permitted. In an unrestricted mode, full access to memory content is permitted. | 05-21-2009 |
| 20090187796 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. For example, when the mobile device is being used to decrypt a cryptographically secured electronic message, and a problem is encountered, program logic of the device provides the user with (1) an indication of exactly what problem is preventing opening of the message, for example, a required cryptographic key is not available; (2) an indication of exactly what may be done to overcome the problem, for example, what utilities should be run on the device; and (3) exactly what data, if any, needs to be downloaded to the device, for example, what cryptographic keys should be downloaded. | 07-23-2009 |
| 20090188977 | OPTIMIZED SMART CARD DRIVER PERFORMANCE - By splitting a smart card driver into multiple components, with one component residing on the mobile communication device and another component residing on the smart card reader, the smart card reader driver component is enabled to do more than merely relay communication between the mobile communication device and the smart card. By transferring part of the communication handling of the smart card driver to the smart card reader, a reduction in communication over the connection between the smart card reader and mobile communication device advantageously results in a more efficient transaction. | 07-30-2009 |
| 20090190802 | Optimized biometric authentication method and system - An efficient exchange of messages in a system for authenticating access to a base device is facilitated through the selection of a particular biometric template from among a plurality of biometric templates. Rather than transmitting the template to a peripheral device, an indication of a location of the particular biometric template within the plurality of biometric templates is transmitted to the peripheral device. At the peripheral device, once the indication of the location and a biometric candidate are received, the particular biometric template may be located and compared to the biometric candidate. Finally, an indication of a result of the comparing may be transmitted to the base device. | 07-30-2009 |
| 20090193151 | Optimized Biometric Authentication Method and System - An efficient exchange of messages in a system for authenticating access to a base device is facilitated through the selection of a particular biometric template from among a plurality of biometric templates. Rather than transmitting the template to a peripheral device, an indication of a location of the particular biometric template within the plurality of biometric templates is transmitted to the peripheral device. At the peripheral device, once the indication of the location and a biometric candidate are received, the particular biometric template may be located and compared to the biometric candidate. Finally, an indication of a result of the comparing may be transmitted to the base device. | 07-30-2009 |
| 20090199007 | PROVIDING CERTIFICATE MATCHING IN A SYSTEM AND METHOD FOR SEARCHING AND RETRIEVING CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one broad aspect, certificate identification data that uniquely identifies a certificate associated with a message is generated. The certificate identification data can then be used to determine whether the certificate is stored on a computing device. Only the certificate identification data is needed to facilitate the determination alleviating the need for a user to download the entire message to the computing device in order to make the determination. | 08-06-2009 |
| 20090210718 | SYSTEM AND METHOD FOR UPDATING MESSAGE TRUST STATUS - Systems and methods for processing encoded messages within a wireless communications system are disclosed. A server within the wireless communications system performs signature verification of an encoded message and provides, together with the message, an indication to the mobile device that the message has been verified. In addition, the server provides supplemental information, such as, for example, a hash of the certificate or certificate chain used to verify the message, to the device, to enable the device to perform additional checks on the certificate, such as, for example, validity checks, trust checks, strength checks, or the like. | 08-20-2009 |
| 20090210729 | Automated Power Management of a Peripheral Device - Based on bounds of a period of reduced operation for a base device, a base device generates a power management message for transmission to a peripheral device. In the power management message, the base device inserts bounds of a period of reduced operation for the peripheral device. As a result, the periods of reduced operation conserve battery power in both devices and the two devices may reestablish a communications channel upon reaching the end of the period of reduced operation and resuming normal operations. | 08-20-2009 |
| 20090210936 | SYSTEM AND METHOD FOR PROVIDING REMOTE DATA ACCESS FOR A MOBILE COMMUNICATION DEVICE - In one exemplary embodiment, a system for providing data access between an information source and a mobile communication device includes a transcoding system and a first network device. The transcoding system includes a plurality of transcoders, and each transcoder is operable to transcode information content from a respective first content type into a respective second content type. The first network device is in communication with the transcoding system and includes a connection handler system. The connection handler system is operable to receive connection data for a connection between the information source and the mobile communication device and to select a corresponding connection handler. The connection handler is operable to select one or more transcoders from the plurality of transcoders to transcode the information content. | 08-20-2009 |
| 20090217044 | AUTOMATED KEY MANAGEMENT SYSTEM AND METHOD - A system and method for automatic key and certificate management is disclosed. In particular, a key store in a base computer contains both new and previously viewed cryptographic keys. In one embodiment, for each new key, if a corresponding certificate matches an existing certificate, the new certificate may be automatically downloaded to a mobile communications device without prompting a user. | 08-27-2009 |
| 20090224036 | System And Method Of Operation Control On An Electronic Device - Systems and methods of application control for use on an electronic device. A device can be configured to receive an operation request from an application. The device can determine whether the requested operation is allowed to be performed by the application based upon a stored authorization record and an application identifier associated with the application. The application is allowed to perform the requested operation based upon whether the requested operation is determined to be allowed to be performed by the application. | 09-10-2009 |
| 20090234931 | System and Method for Selecting Messaging Settings On A Messaging Client - A system and method of selecting messaging settings on a messaging client are provided. A data store configured to operate in conjunction with the messaging client stores records comprising messaging settings or characteristics for previously received and/or sent messages. The messaging client is configured to send outgoing messages, each of the messages having message characteristics, to determine whether a record for an addressed recipient of an outgoing message exists in the data store, and to select messaging settings to control the message characteristics of the outgoing message based on the record where a record exists. | 09-17-2009 |
| 20090240888 | SYSTEM AND METHOD FOR OBSCURING HAND-HELD DEVICE DATA TRAFFIC INFORMATION - Increasing security for a hand-held data processing device with communication functionality where such a device includes an access-ordered memory cache relating to communications carried out by the device. The hand-held data processing device has a locked state that is entered by the device receiving or initiating a trigger. On occurrence of the trigger to enter the locked state the memory cache is reordered so as to disrupt the access-ordering of the cache to obscure device traffic information and thus increase the security of the device in the locked state. | 09-24-2009 |
| 20090240943 | CHALLENGE RESPONSE-BASED DEVICE AUTHENTICATION SYSTEM AND METHOD - A challenge response scheme authenticates a requesting device by an authenticating device. The authenticating device generates and issues a challenge to the requesting device. The requesting device combines the challenge with a hash of a password provided by a user, and the combination is further hashed in order to generate a requesting encryption key used to encrypt the user supplied password. The encrypted user supplied password is sent to the authenticating device as a response to the issued challenge. The authenticating device generates an authenticating encryption key by generating the hash of a combination of the challenge and a stored hash of an authenticating device password. The authenticating encryption key is used to decrypt the response in order to retrieve the user-supplied password. If the user-supplied password hash matches the stored authenticating device password hash, the requesting device is authenticated and the authenticating device is in possession of the password. | 09-24-2009 |
| 20090240958 | SYSTEM AND METHOD FOR GENERATING A SECURE STATE INDICATOR ON A DISPLAY - A system and method for generating a security indicator on a display of a computing device (e.g. a mobile device), to indicate when the computing device is in a secure state while locked. A determination is made (e.g. by a data protection system) as to whether at least some of the secure data stored on the computing device can be decrypted by any applications on the computing device, while the computing device is in the locked state. An icon or other identifier can be displayed to indicate that the secure state has been attained. In one embodiment, the secure state is considered to have been attained, if it is determined that all tickets that have been issued to applications on the computing device while the computing device was unlocked have been released, and any decrypted encryption keys that may be used to decrypt the secure data have been deleted. | 09-24-2009 |
| 20090282247 | METHOD, SYSTEM AND DEVICE FOR AUTHENTICATING A USER - Embodiments described herein relate to a method and device for authenticating a user of a computer and a corresponding system using the method and device. The device is a handheld electronic device configured to receive a first authentication code and to generate a secure identification token. If the received first authentication code and the generated token match, a second authentication code is transmitted to a computer to unlock the computer. | 11-12-2009 |
| 20090292916 | Certificate Management and Transfer System and Method - A method and system for Certificate management and transfer between messaging clients are disclosed. When communications are established between a first messaging client and a second messaging client, one or more Certificates stored on the first messaging client may be selected and transferred to the second messaging client. Messaging clients may thereby share Certificates. Certificate management functions such as Certificate deletions, Certificate updates and Certificate status checks may also be provided. | 11-26-2009 |
| 20090296657 | System And Method For Providing Remote Data Access And Transcoding For A Mobile Communication Device - A system for providing information content over a network to a mobile communication device includes a transcoding system and a first network device. The transcoding system includes a plurality of transcoders. Each transcoder is operable to transcode the information content from a respective input content type into a respective output content type. The first network device is in communication with the transcoding system and includes a connection handler system. The first network device is operable to receive a first connection request that includes transcoder request data and to select a corresponding connection handler. The connection handler is operable to select one or more transcoders from the plurality of transcoders based on the transcoder request data. | 12-03-2009 |
| 20090307498 | USER-DEFINED PASSWORDS HAVING ASSOCIATED UNIQUE VERSION DATA TO ASSIST USER RECALL OF THE PASSWORD - An electronic device includes password protected functionality using a password that can be changed by the user. A user-specified password is stored in association with unique version data that is subsequently provided to help user recall of the password associated therewith. | 12-10-2009 |
| 20090327677 | SYSTEM AND METHOD FOR SURELY BUT CONVENIENTLY CAUSING RESET OF A COMPUTERIZED DEVICE - Enhanced reset logic is included in a user's computerized device so that the device owner (e.g., the user's employer) can assure prompt reset (e.g., to insure device use of newly downloaded software versions or other control or security data) while still allowing user convenience (e.g., some limited continued normal use of the device before reset is forced upon the user thus permitting the user to avoid possibly aggravating losses of data and/or ongoing usage). | 12-31-2009 |
| 20100003972 | Advanced System And Method For Dynamically Discovering, Provisioning And Accessing Host Services On Wireless Data Communication Devices - A system and method for pushing a service book to a mobile device is provided. A service book includes a plurality of fields relating to a host service. At least one mobile device is identified that is to receive the service book. Wireless propagation information is provided that identifies an address for the mobile device to receive the service book. The service book is transmitted over a wireless network using the address for the mobile device, and is received by the mobile device. | 01-07-2010 |
| 20100011417 | SYSTEM AND METHOD FOR PRIVILEGE MANAGEMENT AND REVOCATION - The present disclosure relates generally to the management of privileges associated with certain applications that are accessible by users of electronic equipment, such as, for example, networked computers, mobile wireless communications devices, and the like. In particular, the disclosure is directed to systems and methods for managing privileges associated with particular applications and for revoking these privileges in a timely and robust manner. For example, the device keeps track of which applications get access to which privileges. When policies or application control changes, the system detects which privileges have been revoked for which applications. This can be accomplished by simply comparing the old set of privileges with the new set of privileges. For each revoked privilege for a given application, the system determines if the application has ever accessed that privilege in the past. If an application has accessed a privilege that is now revoked at any time in the past, the device is reset. To ensure that privileges that may be passed between applications are not overlooked, the device is arranged to perform a reset if any revoked privilege accessible by the device is one that may be passed between applications. | 01-14-2010 |
| 20100020697 | METHOD AND SYSTEM FOR MONITORING THE HEALTH OF WIRELESS TELECOMMUNICATION NETWORKS - A method and system for monitoring the health of a wireless telecommunication network. Network health is monitored without placing an administrative burden on the carrier network itself, instead, this burden is placed on components that lie outside the carrier network and pass communications through it. The data service provider infrastructure sends a request to a mobile device, asking that it return data regarding its location. The carrier networks handling the request insert location information into the packet that is sent to the mobile device, but this information is not sent to the data service provider infrastructure itself. The mobile device harvests this location information from the packets it receives and inserts it in a response packet that finds its way back to the data service provider infrastructure. The data service provider infrastructure is able to collate this location data and to analyze it, determining the carrier network's health. | 01-28-2010 |
| 20100031371 | System and Method for Handling Peripheral Connections to Mobile Devices - Systems and methods for establishing a data connection between a mobile device and a peripheral. The mobile device is configured to determine whether to handle user approval of the data connection between the mobile device and the peripheral. Through the mobile device, an input mechanism is provided for the user to provide input. The input is used in determining whether to approve the data connection between the mobile device and the peripheral. | 02-04-2010 |
| 20100056228 | AUTHORIZATION STATUS FOR SMART BATTERY USED IN MOBILE COMMUNICATION DEVICE - A mobile communication device is capable of communicating with a battery authorization server. Determining an authorization status of a smart battery currently powering the mobile communication device involves an initial authorization process and a subsequent authorization process. The initial authorization process is conducted between the mobile communication device and the smart battery. If the initial authorization process is successful, it is followed by a subsequent authorization process between the mobile communication device and the battery authorization server. | 03-04-2010 |
| 20100082976 | SYSTEM AND METHOD FOR RETRIEVING RELATED CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, a certificate synchronization application is programmed to perform certificate searches by querying one or more certificate servers for all certificate authority (CA) certificates and cross-certificates on the certificate servers. In another embodiment, all certificates related to an identified certificate are retrieved from the certificate servers automatically by the certificate synchronization application, where the related certificates comprise at least one of one or more CA certificates and one or more cross-certificates. Embodiments of the invention facilitate at least partial automation of the downloading and establishment of certificate chains, thereby minimizing the need for users to manually search for individual certificates. | 04-01-2010 |
| 20100088504 | System and Method for Implementing an Enhanced Transport Layer Security Protocol - A system and method for implementing an enhanced transport layer security (ETLS) protocol is provided. The system includes a primary server, an ETLS servlet and an ETLS software module. The primary server operates on a computer network and is configured to communicate over the computer network using a non-proprietary security protocol. The ETLS servlet also operates on the computer network and is securely coupled to the primary server. The ETLS servlet is configured to communicate over the computer network using an ETLS security protocol. The ETLS software module operates on a mobile device, and is configured to communicate over the computer network using either the non-proprietary security protocol or the ETLS security protocol. Operationally, the ETLS software module initially contacts the server over the computer network using the non-proprietary security protocol, and subsequently contacts the server through the ETLS servlet using the ETLS security protocol. | 04-08-2010 |
| 20100091992 | ADDING RANDOMNESS INTERNALLY TO A WIRELESS MOBILE COMMUNICATION DEVICE - A mobile communication device is provided with an integral transducer used to refresh a random data pool without connection to an external source of new random data. | 04-15-2010 |
| 20100095352 | Message Service Indication System and Method - Systems and methods for displaying messages to a user, the messages having different levels of security, are provided herein. One method of displaying to a user messages having different levels of security includes receiving a message over a network includes examining an attribute of the message to determine a security-related level associated with the message. A visual indication for display to a device user is generated by the device. Such visual indication is indicative of the determined security-related level, and is configured to be visible during scrolling through a majority of the message text. | 04-15-2010 |
| 20100100730 | SYSTEM AND METHOD FOR SEARCHING AND RETRIEVING CERTIFICATES - A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one broad aspect, a method is provided in which a certificate search request is received, a search of one or more certificate servers for certificates satisfying the request is performed, located certificates are retrieved and processed at a first computing device to determine data that uniquely identifies each located certificate, and search result data comprising the determined data is communicated to a second device (e.g. a mobile device) for use in determining whether each located certificate is already stored on the second device. | 04-22-2010 |
| 20100104102 | Systems and Methods to Securely Generate Shared Keys - A method for secure bidirectional communication between two systems is described. A first key pair and a second key pair are generated, the latter including a second public key that is generated based upon a shared secret. First and second public keys are sent to a second system, and third and fourth public keys are received from the second system. The fourth public key is generated based upon the shared secret. A master key for encrypting messages is calculated based upon a first private key, a second private key, the third public key and the fourth public key. For re-keying, a new second key pair having a new second public key and a new second private key is generated, and a new fourth public key is received. A new master key is calculated using elliptic curve calculations using the new second private key and the new fourth public key. | 04-29-2010 |
| 20100106970 | DEVICE AUTHENTICATION - Authentication of two devices in communication with a third device is achieved where the first and second devices each possess a shared secret value. The authentication includes communication of authentication values from the first device to the second device using the third device. Similarly, there is communication of values from the second device to the first device using the third device. The third device retains the communicated values. The values are calculated to permit the third device to authenticate the first and second devices without the third device receiving the shared secret value. The authentication may be used to establish a communications channel between the first and the second devices. | 04-29-2010 |
| 20100115264 | System and Method for Processing Encoded Messages for Exchange with a Mobile Data Communication Device - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device, the message is processed so as to modify the message with respect to one or more encryption and/or authentication aspects. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a host system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the host system to one or more receivers. | 05-06-2010 |
| 20100122089 | SYSTEM AND METHOD FOR COMPRESSING SECURE E-MAIL FOR EXCHANGE WITH A MOBILE DATA COMMUNICATION DEVICE - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device: the message is processed so as to modify the message with respect to encryption and/or authentication aspect. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a remote system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the remote system to one or more receivers. | 05-13-2010 |
| 20100124333 | System and Method for Processing Encoded Messages for Exchange with a Mobile Data Communication Device - A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device, the message is processed so as to modify the message with respect to one or more encryption and/or authentication aspects. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a host system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the host system to one or more receivers. | 05-20-2010 |
| 20100138930 | System and Method of Secure Garbage Collection on a Mobile Device - A method and system for performing garbage collection involving sensitive information on a mobile device. Secure information is received at a mobile device over a wireless network. The sensitive information is extracted from the secure information. A software program operating on the mobile device uses an object to access the sensitive information. Secure garbage collection is performed upon the object after the object becomes unreachable. | 06-03-2010 |
| 20100146270 | System and Method of Indicating the Strength of Encryption - A method and system are provided for secure messaging on mobile computing devices. The method and system provide for an indication of a security trust level associated with a security method used with an electronic message. | 06-10-2010 |
| 20100148721 | BATTERY PACK AUTHENTICATION FOR A MOBILE DEVICE - Various embodiments are described herein for a mobile communication device that authenticates a smart battery prior to use. The mobile device includes a main processor and a device memory. The device memory stores first and second portions of security information used for authentication. The smart battery includes a battery processor and a battery memory. The battery memory stores a third portion of security information used for authentication. The main processor sends an authentication request including the first portion of security information to the battery processor, and the battery processor generates a response based on the first and third portions of security information and sends the generated response to the main processor. The smart battery is authenticated if the generated response matches the second portion of security information. | 06-17-2010 |
| 20100169979 | System and Method for Handling Restoration Operations on Mobile Devices - Systems and methods for handling restoration operations for a mobile device. A mobile device receives a kill pill command, wherein the command causes some or all data on the mobile device to be wiped. An indicator is stored to indicate that the kill pill command was sent to the mobile device. The indicator is used to determine whether a program should be wiped from the mobile device. | 07-01-2010 |
| 20100211888 | METHOD AND APPARATUS FOR PROVIDING MINIMAL STATUS DISPLAY - A method and apparatus are provided for a user of a mobile wireless communications device to have the option of viewing security status messages in a large or small format depending upon the user's preferences, form factor of the mobile communications device, or the like. In accordance with an exemplary aspect of the invention, a user may opt to display status icons on one row of a display and include an abbreviated text associated with each icon that is displayed when a particular icon is highlighted by the user. If no icon is highlighted by the user, the most important status text (determined based on predetermined criteria) is displayed. The user has the option of switching to a large status display to view additional information relating to the status icons. | 08-19-2010 |
| 20100223331 | SYSTEMS AND METHODS FOR PROTECTING HEADER FIELDS IN A MESSAGE - Embodiments of the systems and methods described herein facilitate the transmitting, receiving, and processing of encoded messages wherein the header fields in the message header are protected. In one embodiment, the contents of the header fields to be protected are inserted into the message body as one or more additional lines of text, for example, prior to encoding and transmitting the message to a message recipient. Upon receipt of the message, the message recipient processes the encoded message such that the contents of the protected header fields can be extracted from the message body. Accordingly, by inserting the contents of the header fields to be protected into the message body, the header fields may be protected using existing standards and protocols for facilitating secure message communication. | 09-02-2010 |
| 20100223342 | SYSTEMS AND METHODS FOR PROTECTING HEADER FIELDS IN A MESSAGE - Embodiments of the systems and methods described herein facilitate the transmitting, receiving, and processing of encoded messages wherein the header fields in the message header are protected. In one embodiment, the contents of the header fields to be protected are inserted into the message body as one or more additional lines of text, for example, prior to encoding and transmitting the message to a message recipient. Upon receipt of the message, the message recipient processes the encoded message such that the contents of the protected header fields can be extracted from the message body. Accordingly, by inserting the contents of the header fields to be protected into the message body, the header fields may be protected using existing standards and protocols for facilitating secure message communication. | 09-02-2010 |
| 20100235628 | System and Method for Accessing Keys for Secure Messaging - Methods and systems for handling on an electronic device a secure message to be sent to a recipient. Data is accessed about a security key associated with the recipient. The received data is used to perform a validity check related to sending a secure message to the recipient. The validity check may uncover an issue that exists with sending a secure message to the recipient. A reason is determined for the validity check issue and is provided to the mobile device's user. | 09-16-2010 |
| 20100235893 | SYSTEM AND METHOD FOR ASSOCIATING MESSAGE ADDRESSES WITH CERTIFICATES - A system and method for associating message addresses with certificates, in which one or more secondary message addresses are identified and associated with a user-selected certificate. The secondary message addresses are saved in a data structure that resides in a secure data store on a computing device, such as a mobile device. When a message is to be encrypted and sent to an individual using a particular certificate, an address mismatch would not be detected so long as the address to which the message is to be sent matches any of the message addresses associated with the certificate. The message addresses associated with the certificate include any message addresses contained within the certificate itself (“primary message addresses”) as well as any secondary message addresses that have been subsequently associated with the certificate. | 09-16-2010 |
| 20100241867 | SYSTEM AND METHOD FOR ENCRYPTED SMART CARD PIN ENTRY - A smart card, system, and method for securely authorizing a user or user device using the smart card is provided. The smart card is configured to provide, upon initialization or a request for authentication, a public key to the user input device such that the PIN or password entered by the user is encrypted before transmission to the smart card via a smart card reader. The smart card then decrypts the PIN or password to authorize the user. Preferably, the smart card is configured to provide both a public key and a nonce to the user input device, which then encrypts a concatenation or other combination of the nonce and the user-input PIN or password before transmission to the smart card. The smart card reader thus never receives a copy of the PIN or password in the clear, allowing the smart card to be used with untrusted smart card readers. | 09-23-2010 |
| 20100242086 | SYSTEM AND METHOD FOR HANDLING DATA TRANSFERS - Systems and methods for managing data transfers between a secure location and a less secure location. A data transfer checker operating on a mobile device determines whether an attempted data transfer between two locations is permitted. If it is not permitted, then the data transfer is prevented and the user may be notified of the data transfer prevention. | 09-23-2010 |
| 20100250948 | SYSTEM AND METHOD FOR CHECKING DIGITAL CERTIFICATE STATUS - A method for handling digital certificate status requests between a client system and a proxy system is provided. The method includes the steps of receiving at the proxy system digital certificate status request data transmitted from the client system and generating query data for the digital certificate status in response to receiving the digital certificate status request data. The query data is transmitted to a status provider system, and status data from the status provider system in response to the query data is received at the proxy system. Digital certificate status data based on the status data received is generated and transmitting to the client system. | 09-30-2010 |
| 20100259549 | SYSTEMS, DEVICES, AND METHODS FOR DISPLAYING A BARCODE AT A COMPUTING DEVICE - Embodiments of the systems, devices, and methods described herein generally facilitate the display of a barcode at a computing device for capture by another computing device. In accordance with one example embodiment, a barcode is generated at a first computing device, the barcode is displayed on a display screen associated with the first computing device, and one or more display properties of the barcode are dynamically modified while it is displayed at the first computing device until the barcode is successfully captured (e.g. by a camera) at a second computing device. | 10-14-2010 |
| 20100262579 | Reducing Transmission of Location Updates Based on Loitering - The mobile communications device may reduce the amount of location updates transmitted by applying algorithm-based filters. By setting a minimum distance threshold applied to a location update, the mobile communication device reduces the amount of location updates transmitted when the mobile communication device is “loitering” at a specific location. This disclosure describes a use of a minimum threshold used in loitering analysis and improvements to loitering calculations. | 10-14-2010 |
| 20100262657 | METHOD OF SHARING IMAGE BASED FILES BETWEEN A GROUP OF COMMUNICATION DEVICES - Methods and associated mobile devices are disclosed for sharing an image based file between a group of communication devices. The image based file is scaled based on a display capacity of the devices within the group. The group of communication devices including a sending mobile communications device. The method includes: accessing from a memory of the sending mobile communication device a display capacity of each of the devices in the group, determining whether the resolution of the image based file exceeds an image resolution threshold based on the display capacity of the devices in the group, and if so scaling the image based file to within the image resolution threshold, and sending the image based file from the sending mobile communication device to one or more receiving communication devices in the group. | 10-14-2010 |
| 20100262660 | METHOD, SYSTEM AND MOBILE DEVICE FOR IMPLEMENTING A SERVERLESS PRESENCE SYSTEM - A method, system and mobile communication device for implementing a serverless presence system are provided. In accordance with one embodiment, there is provided a method of sharing presence information between a group of mobile communication devices configured to communicate over a wireless network, the mobile communication devices defining the group members of the group, the method comprising: sending a data packet from a sending group member to at least one of the other group members; determining a presence status in accordance with whether a delivery acknowledgement is received by the sending group member from each of the other group members to which the data packet was sent within a predetermined duration from the sending of the data packet; storing the determined presence status in memory; and sending a presence update comprising the determined presence status of at least some of the group members to all of the group members. | 10-14-2010 |
| 20100262828 | SYSTEMS, DEVICES, AND METHODS FOR SECURELY TRANSMITTING A SECURITY PARAMETER TO A COMPUTING DEVICE - Embodiments of the systems, devices, and methods described herein generally facilitate the secure transmittal of security parameters. In accordance with at least one embodiment, a representation of first data comprising a password is generated at the first computing device as an image or audio signal. The image or audio signal is transmitted from the first computing device to the second computing device. The password is determined from the image or audio signal at the second computing device. A key exchange is performed between the first computing device and the second computing device wherein a key is derived at each of the first and second computing devices. In at least one embodiment, one or more security parameters (e.g. one or more public keys) are exchanged between the first and second computing devices, and techniques for securing the exchange of security parameters or authenticating exchanged security parameters are generally disclosed herein. | 10-14-2010 |
| 20100262829 | SYSTEMS, DEVICES, AND METHODS FOR SECURELY TRANSMITTING A SECURITY PARAMETER TO A COMPUTING DEVICE - Embodiments of the systems, devices, and methods described herein generally facilitate the secure transmittal of security parameters. In accordance with at least one embodiment, a representation of first data comprising a password is generated at the first computing device as an image or audio signal. The image or audio signal is transmitted from the first computing device to the second computing device. The password is determined from the image or audio signal at the second computing device. A key exchange is performed between the first computing device and the second computing device wherein a key is derived at each of the first and second computing devices. In at least one embodiment, one or more security parameters (e.g. one or more public keys) are exchanged between the first and second computing devices, and techniques for securing the exchange of security parameters or authenticating exchanged security parameters are generally disclosed herein. | 10-14-2010 |
| 20100262915 | PUBLISHING LOCATION FOR A LIMITED TIME - A method and user device for limiting a time for which location data sharing is enabled for a user device of a data sharing group, the data sharing group comprising at least two user devices inclusive of the user device, each user device of the data sharing group configured to store data shared by user devices of the data sharing group on the respective user device and to maintain a list of the user devices in the data sharing group. The method comprises receiving an instruction through a user interface on the user device indicating that location data sharing is to be enabled for a limited time period after which location sharing is to be disabled, obtaining location data for the user device during the limited time period; and sending the location data to at least one other user device of the sharing group during the limited time period. | 10-14-2010 |
| 20100275029 | SYSTEM AND METHOD OF INSTALLING SOFTWARE APPLICATIONS ON ELECTRONIC DEVICES - In at least one embodiment, there is provided a mobile wireless device comprising: a microprocessor and memory, the memory comprising a set of control settings used to control a plurality of device operations; wherein the microprocessor is configured to: receive a first digital signature key for verifying digital signatures on software applications to be installed on the device; determine if any digital signature keys for verifying digital signatures on software applications to be installed on the device exist on the device, and if not, store the received first digital signature key in the memory; receive a software application for installation on the device; verify a digital signature on the received software application using the first digital signature key; and install the software application on the device if the digital signature on the received software application is successfully verified. | 10-28-2010 |
| 20100284536 | SYSTEM AND METHOD FOR OBTAINING CERTIFICATE STATUS OF SUBKEYS - Systems and methods for updating status of digital certificate subkeys. A request is made to a key server to verify if a given key is revoked. If it is not, then the key with its subkeys is acquired from the key server. If one or more subkeys or signatures of the subkeys are different in the acquired key, then the key is replaced. | 11-11-2010 |
| 20100288839 | METHOD, SYSTEM AND SMART CARD READER FOR MANAGEMENT OF ACCESS TO A SMART CARD - The described embodiments relate generally to devices, methods and systems for managing access to a memory card, such as a smart card, by a plurality of accessing devices. Certain embodiments relate to a smart card reader (SCR) for managing access to a smart card by a plurality of accessing devices. The SCR comprises: a processor; a channel manager responsive to the processor for interfacing with the smart card; and a communication interface responsive to the channel manager for communicating with the plurality of accessing devices. | 11-18-2010 |
| 20100325741 | System and Method of Owner Control of Electronic Devices - A system and method of owner control of an electronic device are provided. Owner identification information, such as data integrity and source authentication information, is stored on the electronic device. Received owner control information is stored on the electronic device where the integrity of the received owner control information is verified and/or the source is authenticated using the owner identification information. In one embodiment, owner identification information comprises an owner signature private key. | 12-23-2010 |
| 20100332824 | SYSTEM AND METHOD OF MOBILE LIGHTWEIGHT CRYPTOGRAPHIC DIRECTORY ACCESS - A system for handling an LDAP service request to an LDAP server for an LDAP service comprises a client program executable on a client system and a handler program executable on a handler system. The client program is operable to generate LDAP service request data corresponding to the LDAP service and provide the LDAP service request data for transmission from the client system, and further operable to receive LDAP service reply data in response to the LDAP service request data. The handler program is operable to receive the LDAP service request data transmitted from the client system and execute the LDAP service request to the LDAP server, receive LDAP service reply data from the LDAP server during one or more passes, and upon completion of the LDAP service, provide the LDAP service reply data for transmission to the client system in a single pass. | 12-30-2010 |
| 20100332848 | SYSTEM AND METHOD FOR CODE SIGNING - A system and method for code signing. The entities may be software application developers or other individuals or entities that wish to have applications digitally signed. Signing of the applications may be required in order to enable the applications to access sensitive APIs and associated resources of a computing device when the applications are executed on the computing device. | 12-30-2010 |
| 20110009133 | System and Method for Managing Items in a List Shared by a Group of Mobile Devices - A method and system are provided for sharing data amongst a group of a plurality of mobile devices without requiring a database or server to centrally store the shared data. The shared data is instead stored by each group member individually while controlling the manner in which the shared data is updated. The shared data can be used to manage tasks in a group project. To manage updates, the shared data is atomized such that individual databases in the shared data are separated or otherwise delineated into one or more records, each record having associated therewith, a value. To maintain a common copy of the shared data at each device, any update is sent to all group members using an intermediate message exchange service that is capable of transmitting a sent message to more than one recipient if necessary. In this way, the updates are multicast to the group. To manage the content of the shared data, each update comprises one or more changes to a current copy of a corresponding record. | 01-13-2011 |
| 20110010340 | System and Method for Managing Items in a List Shared by a Group of Mobile Devices - A method and system are provided for sharing data amongst a group of a plurality of mobile devices without requiring a database or server to centrally store the shared data. The shared data is instead stored by each group member individually while controlling the manner in which the shared data is updated. The shared data can be used to manage tasks in a group project. To manage updates, the shared data is atomized such that individual databases in the shared data are separated or otherwise delineated into one or more records, each record having associated therewith, a value. To maintain a common copy of the shared data at each device, any update is sent to all group members using an intermediate message exchange service that is capable of transmitting a sent message to more than one recipient if necessary. In this way, the updates are multicast to the group. To manage the content of the shared data, each update comprises one or more changes to a current copy of a corresponding record. | 01-13-2011 |
| 20110010554 | METHOD AND APPARATUS FOR PROVIDING INTELLIGENT ERROR MESSAGING - A method and apparatus for providing intelligent error messaging is disclosed wherein a user of a mobile communications device is provided with descriptive error messaging information to assist the user in overcoming errors associated with the processing of electronic messages and data. For example, when the mobile device is being used to decrypt a cryptographically secured electronic message, and a problem is encountered, program logic of the device provides the user with (1) an indication of exactly what problem is preventing opening of the message, for example, a required cryptographic key is not available; (2) an indication of exactly what may be done to overcome the problem, for example, what utilities should be run on the device; and (3) exactly what data, if any, needs to be downloaded to the device, for example, what cryptographic keys should be downloaded. | 01-13-2011 |
| 20110010556 | System and Method of Secure Authentication Information Distribution - A system and method of distributing authentication information for remotely accessing a computer resource. A request for authentication information, including identity information, is received from a user of a remote device. When the user is authenticated based on the identity information, requested authentication information is retrieved and returned to the remote device. The authentication information, or information generated from the authentication information, is then used for remotely accessing the computer resource. | 01-13-2011 |
| 20110010705 | System and Method of Owner Application Control of Electronic Devices - Systems and methods of owner application control of an electronic device are provided. Owner application control information is stored on the electronic device and/or one or more remote servers. Owner application control information is consulted to determine if one or more required applications are available for execution on the electronic device. If not, one or more required applications not available are downloaded and installed. This could be in a manner transparent to the user of the electronic device. If one or more required applications are not available on the electronic device, the device can be functionally disabled in whole, or in part, until one or more required applications are available. | 01-13-2011 |
| 20110022948 | METHOD AND SYSTEM FOR PROCESSING A MESSAGE IN A MOBILE COMPUTER DEVICE - A system and method for converting an initial message residing in a mobile computer device, which is capable of wireless access to a computer network, into a processed message. The system includes a menu option module that prompts a user of the mobile computer device to select a processing option for the initial message. When the user selects an encryption option, text is wirelessly sent to at least one server on the computer network for encryption. | 01-27-2011 |
| 20110072270 | SYSTEM AND METHOD FOR SUPPORTING MULTIPLE CERTIFICATE STATUS PROVIDERS ON A MOBILE COMMUNICATION DEVICE - A method and system for supporting multiple digital certificate status information providers are disclosed. An initial service request is prepared at a proxy system client module and sent to a proxy system service module operating at a proxy system. The proxy system prepares multiple service requests and sends the service requests to respective multiple digital certificate status information providers. One of the responses to the service requests received from the status information providers is selected, and a response to the initial service request is prepared and returned to the proxy system client module based on the selected response. | 03-24-2011 |
| 20110081860 | METHODS AND DEVICES FOR FACILITATING BLUETOOTH PAIRING USING A CAMERA AS A BARCODE SCANNER - Embodiments of the systems, devices and methods described herein generally facilitate performing Bluetooth pairing between a first device and a second device. In accordance with one example embodiment, a first device generates a barcode that encodes Bluetooth pairing data for transmission to the second device, wherein the pairing data comprises a Bluetooth address associated with the first device, and wherein the pairing data further comprises a personal identification number usable to complete the Bluetooth pairing, the barcode is transmitted to the second device, and Bluetooth pairing is performed with the second device. | 04-07-2011 |
| 20110099381 | SYSTEM AND METHOD FOR RETRIEVING CERTIFICATES ASSOCIATED WITH SENDERS OF DIGITALLY SIGNED MESSAGES - A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user's computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit. | 04-28-2011 |
| 20110126013 | Systems and Methods to Securely Generate Shared Keys - A method for secure bidirectional communication between two systems is described. A first key pair and a second key pair are generated, the latter including a second public key that is generated based upon a shared secret. First and second public keys are sent to a second system, and third and fourth public keys are received from the second system. The fourth public key is generated based upon the shared secret. A master key for encrypting messages is calculated based upon a first private key, a second private key, the third public key and the fourth public key. For re-keying, a new second key pair having a new second public key and a new second private key is generated, and a new fourth public key is received. A new master key is calculated using elliptic curve calculations using the new second private key and the new fourth public key. | 05-26-2011 |
| 20110154028 | SYSTEM AND METHOD FOR ADMINISTERING DIGITAL CERTIFICATE CHECKING - Systems and methods for handling electronic messages. An electronic message that is associated with a digital certificate is to be processed. A decision whether to check the validity of the digital certificate is based upon digital certificate checking criterion. An IT administrator may provide to one or more devices configuration data that establishes the digital certificate checking criterion. | 06-23-2011 |
| 20110154047 | USER-DEFINED PASSWORDS HAVING ASSOCIATED UNIQUE VERSION DATA TO ASSIST USER RECALL OF THE PASSWORD - An electronic device includes password protected functionality using a password that can be changed by the user. A user-specified password is stored in association with unique version data that is subsequently provided to help user recall of the password associated therewith. | 06-23-2011 |
| 20110167484 | APPARATUS AND METHOD FOR INTEGRATING AUTHENTICATION PROTOCOLS IN THE ESTABLISHMENT OF CONNECTIONS BETWEEN COMPUTING DEVICES - An apparatus and method for integrating authentication protocols in the establishment of connections between a controlled-access first computing device and at least one second computing device. In one embodiment, network access user authentication data needed to access the at least one second computing device is transmitted to an authentication server automatically if the user has access to use the first computing device, thereby not requiring the user to manually enter the authentication data needed for such access at the first computing device. The network access user authentication data may be, for example, retrieved from a memory store of the first computing device and/or generated in accordance with an authentication data generating algorithm. | 07-07-2011 |
