公开(公告)号：EP2073430B1

公开(公告)日：2013-07-24

申请号：EP07124019.6

申请日：2007-12-21

申请人： Research In Motion Limited

发明人： Sherkin, Alexander

IPC分类号： H04L9/08 ,  H04L9/32

CPC分类号： H04L9/0844 ,  H04L9/3242 ,  H04L9/3263

公开(公告)号：EP2197168A1

公开(公告)日：2010-06-16

申请号：EP08171131.9

申请日：2008-12-09

申请人： Research In Motion Limited

发明人： Sherkin, Alexander ,  Franco, Will D.

IPC分类号： H04L29/06 ,  H04L9/32 ,  G06F21/00

CPC分类号： H04L63/0807 ,  H04L63/0815

摘要： A mobile communication device operates in a wireless communication network with use of a communication service provided by a service provider (e.g. a wireless carrier for voice telephony, or data service provider for data synchronization). An application server receives, via the wireless network, a message from the mobile device. The message has a field for inclusion of a token having a digital signature corresponding to the service provider. The application server performs token validation of the message, which includes a verification step for verifying the digital signature of the token with a public key corresponding to the service provider. The application server then grants or denies access to an application service depending on the outcome of the token validation. In one embodiment, the application service is an e-commerce transaction service, wherein a proof-of-work (POW) test (e.g. a Captcha test) otherwise utilized for the service is bypassed or excluded.

摘要翻译： 一种移动通信设备工作在与使用由服务提供商（例如，用于语音电话的无线载体，或用于数据同步的数据的服务提供商）提供的通信服务的无线通信网络。 应用程序服务器接收，通过无线网络，从所述移动设备的消息。 该消息对包括具有数字签名相当于服务提供商的令牌的领域。 应用程序服务器执行消息，其包括用于与一个公钥对应于服务提供者验证该令牌的数字签名的验证步骤的令牌验证。 然后应用服务器授予或取决于令牌验证的结果，拒绝访问的应用服务。 在一个，实施例的应用服务是电子商务交易服务，worin一个验证的工作（POW）测试（例如，验证码检验）否则用于该服务被旁路或排除。

公开(公告)号：EP2116953A1

公开(公告)日：2009-11-11

申请号：EP08155746.4

申请日：2008-05-06

申请人： Research in Motion Limited

发明人： Sherkin, Alexander ,  Brown, Michael

IPC分类号： G06F21/24

CPC分类号： G06F21/64

摘要： Systems, devices, and methods for modifying a signed bundle and verifying the modified bundle are disclosed. A signed bundle may be modified by removing a file specified in a server file list from a plurality of files in the bundle. The signed bundle comprises a catalog of files in the signed bundle and their associated hashes. The modified bundle includes the remaining files of the signed bundle that are not specified in the server file list and the catalog file of the signed bundle, the catalog signature of the signed bundle. The modified bundle may be verified by verifying the catalog signature of the modified signed bundle, and checking that the files specified in the catalog are either in the modified signed bundle or specified in the server file list. The hashes of the files in the modified signed bundle may also be checked to verify the modified signed bundle.

摘要翻译： 公开了用于修改签名的包并验证修改的包的系统，设备和方法。 可以通过从捆绑中的多个文件中删除服务器文件列表中指定的文件来修改签名的捆绑包。 签名捆绑包包括签名捆绑包中的文件目录及其关联的哈希值。 修改的包包括未在服务器文件列表中指定的签名包的剩余文件以及签名包的目录文件，即签名包的目录签名。 可以通过验证修改的签名包的目录签名并检查目录中指定的文件是修改的签名包或在服务器文件列表中指定的来验证修改的包。 还可以检查修改的签名包中的文件的散列，以验证修改的签名包。

公开(公告)号：EP2073484A1

公开(公告)日：2009-06-24

申请号：EP07124018.8

申请日：2007-12-21

申请人： Research In Motion Limited

发明人： Sherkin, Alexander

IPC分类号： H04L29/06

CPC分类号： H04L63/0869 ,  H04L63/0823 ,  H04L63/083

摘要： Methods and systems for secure channel initialization between a client network element and a server network element are disclosed. In accordance with one embodiment of the present disclosure, the method includes: sending a secure channel initialization request from the client network element to the server network element; receiving the secure channel initialization request at the server network element; creating a server credential and a client credential at the server network element; and sending a secure channel initialization response from the server network element to the client network element, the secure channel initialization response including the server credential and the client credential, wherein said server credential and said client credential are used to establish a secure session.

摘要翻译： 公开了用于客户端网络元件和服务器网络元件之间的安全通道初始化的方法和系统。 根据本公开的一个实施例，该方法包括：从客户网络元件向服务器网元发送安全信道初始化请求; 在所述服务器网元处接收所述安全信道初始化请求; 在服务器网元上创建服务器凭证和客户端凭证; 以及从所述服务器网络元件向所述客户端网络元件发送安全信道初始化响应，所述安全信道初始化响应包括所述服务器凭证和所述客户端凭证，其中所述服务器凭证和所述客户端证书用于建立安全会话。

公开(公告)号：EP2597902A1

公开(公告)日：2013-05-29

申请号：EP13156152.4

申请日：2011-11-16

申请人： Research In Motion Limited

发明人： Vats, Nikhil ,  Singh, Ravi ,  Sherkin, Alexander ,  Adams, Neil Patrick

IPC分类号： H04W12/10 ,  H04L12/58

CPC分类号： H04W12/10 ,  H04L9/3247 ,  H04L51/063 ,  H04L51/30 ,  H04L51/38 ,  H04L63/12

摘要： Often, for reasons of wireless bandwidth conservation, incomplete messages are provided to wireless messaging devices. Employing cryptography, for secrecy or authentication purposes, when including a received message that has been incompletely received can lead to lack of context on the receiver's end. By automatically obtaining the entirety of the message to be included, an outgoing message that includes the received message can be processed in a manner that securely and accurately represents the intended outgoing message. Alternatively, a server can assemble a composite message from a new message and an original message and, in cooperation with a wireless messaging device, sign the composite message. In both the above contexts, handling message receipts when message processing ahead of message transmission involved more than one component may be facilitated by storing appropriate expected receipt content during the message processing, either on the device or the server. Validation of the receipt can then be accomplished through use of the stored expected receipt content in a manner that retains the benefits of message processing ahead of message transmission that involves more than one component.

公开(公告)号：EP2456146A3

公开(公告)日：2012-05-30

申请号：EP11189589.2

申请日：2011-11-17

申请人： Research In Motion Limited

发明人： Sherkin, Alexander ,  Vats, Nikhil ,  Singh, Ravi ,  Adams, Neil Patrick

IPC分类号： H04L12/58

CPC分类号： H04L12/58 ,  H04L51/00 ,  H04L63/12

摘要： Often, for reasons of wireless bandwidth conservation, incomplete messages are provided to wireless messaging devices. Employing cryptography, for confidentiality or authentication purposes, when including a received message that has been incompletely received can lead to lack of context on the receiver's end. By automatically obtaining the entirety of the message to be included, an outgoing message that includes the received message can be processed in a manner that securely and accurately represents the intended outgoing message. Alternatively, a server can assemble a composite message from a new message and an original message and, in cooperation with a wireless messaging device, construct a cryptographic message syntax message.

摘要翻译： 通常，出于无线带宽保护的原因，向无线消息设备提供不完整的消息。 为了保密或认证目的，使用密码术时，如果包含收到的未完整接收的消息，可能会导致接收方的上下文缺乏。 通过自动获得要包括的消息的全部，可以以安全且准确地表示预期的传出消息的方式来处理包括接收到的消息的传出消息。 可选地，服务器可以从新消息和原始消息中组装复合消息，并且与无线消息收发设备协作构建加密消息语法消息。

公开(公告)号：EP2453689A1

公开(公告)日：2012-05-16

申请号：EP11189310.3

申请日：2011-11-16

申请人： Research in Motion Limited

发明人： Vats, Nikhil ,  Singh, Ravi ,  Sherkin, Alexander ,  Adams, Neil Patrick

IPC分类号： H04W12/10 ,  H04L12/58

CPC分类号： H04W12/10 ,  H04L9/3247 ,  H04L51/063 ,  H04L51/30 ,  H04L51/38 ,  H04L63/12

摘要： Often, for reasons of wireless bandwidth conservation, incomplete messages are provided to wireless messaging devices. Employing cryptography, for secrecy or authentication purposes, when including a received message that has been incompletely received can lead to lack of context on the receiver's end. By automatically obtaining the entirety of the message to be included, an outgoing message that includes the received message can be processed in a manner that securely and accurately represents the intended outgoing message. Alternatively, a server can assemble a composite message from a new message and an original message and, in cooperation with a wireless messaging device, sign the composite message. In both the above contexts, handling message receipts when message processing ahead of message transmission involved more than one component may be facilitated by storing appropriate expected receipt content during the message processing, either on the device or the server. Validation of the receipt can then be accomplished through use of the stored expected receipt content in a manner that retains the benefits of message processing ahead of message transmission that involves more than one component.

摘要翻译： 通常，为了无线带宽保护的原因，向无线消息收发设备提供不完整的消息。 为了保密或认证目的采用加密技术，当包含已经不完整接收到的接收到的消息时，可能导致接收端的缺少上下文。 通过自动获得要包括的消息的整体，可以以安全且准确地表示预期传出消息的方式处理包括接收到的消息的传出消息。 或者，服务器可以组合来自新消息和原始消息的复合消息，并且与无线消息收发设备协作，对复合消息进行签名。 在上述两个上下文中，当在消息传输之前的消息处理涉及多于一个组件时处理消息收据可以通过在消息处理期间在设备或服务器上存储适当的预期接收内容来实现。 然后可以通过使用存储的预期接收内容以在消息传输之前保留消息处理的益处的方式来实现验收，该消息处理涉及多于一个组件。

公开(公告)号：EP2453688A1

公开(公告)日：2012-05-16

申请号：EP11189115.6

申请日：2011-11-15

申请人： Research in Motion Limited

发明人： Sherkin, Alexander ,  Singh, Ravi ,  Vats, Nikhil ,  Adams, Neil Patrick

IPC分类号： H04W12/10 ,  H04L12/58 ,  H04L29/06

CPC分类号： H04L9/3247 ,  H04L51/38 ,  H04L63/067 ,  H04L63/068 ,  H04L63/12 ,  H04W12/04 ,  H04W12/10

摘要： Often, for reasons of wireless bandwidth conservation, incomplete messages are provided to wireless messaging devices. Employing cryptography, for secrecy or authentication purposes, when including a received message that has been incompletely received can lead to lack of context on the receiver's end. By automatically obtaining the entirety of the message to be included, an outgoing message that includes the received message can be processed in a manner that securely and accurately represents the intended outgoing message. Alternatively, a server can assemble a composite message from a new message and an original message and, in cooperation with a wireless messaging device, sign the composite message. Since signing the composite message involves access to a private key, access to that private key is secured such that such access to the private key can only be arranged responsive to an explicit request for a hash that is to be signed using the private key.

公开(公告)号：EP2431891A1

公开(公告)日：2012-03-21

申请号：EP10177554.2

申请日：2010-09-20

申请人： Research In Motion Limited

发明人： Sherkin, Alexander

IPC分类号： G06F17/30 ,  G06F17/20

CPC分类号： G06F17/30905

摘要： A method can output content of interest of a structured electronic document (15) from a computer (11,51) or distributed computer system (51) having a processor (1100) and memory (1110). The method includes loading a common expression (3) and a data structure definition (4) into memory (1110), the common expression (3) identifying a content element (13) in a first structured electronic document (15), the data structure definition (4) defined according to the common expression (3); creating in memory (1110) an instance of a data structure (47) defined by the data structure definition (4); applying with the processor (1100) the common expression (3) to a second structured electronic document (15) to extract a content element (13) from the second structured electronic document (15); storing the extracted content element (13) in the instance of the data structure (47); and populating a template structured electronic document (57) using the instance of the data structure (47) to produce an output structured electronic document (800).

摘要翻译： 一种方法可以从具有处理器（1100）和存储器（1110）的计算机（11,51）或分布式计算机系统（51）输出结构化电子文档（15）的感兴趣内容。 所述方法包括将公共表达式（3）和数据结构定义（4）加载到存储器（1110）中，所述公共表达式（3）标识第一结构化电子文档（15）中的内容元素（13），所述数据结构 定义（4）根据通用表达式（3）定义; 在存储器（1110）中创建由数据结构定义（4）定义的数据结构（47）的实例; 将所述公共表达式（3）与所述处理器（1100）一起应用于第二结构化电子文档（15）以从所述第二结构化电子文档（15）提取内容元素（13）; 将提取的内容元素（13）存储在数据结构（47）的实例中; 以及使用所述数据结构（47）的实例填充模板结构化电子文档（57）以产生输出结构化电子文档（800）。

公开(公告)号：EP2453688B1

公开(公告)日：2013-06-19

申请号：EP11189115.6

申请日：2011-11-15

申请人： Research In Motion Limited

发明人： Sherkin, Alexander ,  Singh, Ravi ,  Vats, Nikhil ,  Adams, Neil Patrick

IPC分类号： H04W12/10 ,  H04L12/58 ,  H04L29/06

CPC分类号： H04L9/3247 ,  H04L51/38 ,  H04L63/067 ,  H04L63/068 ,  H04L63/12 ,  H04W12/04 ,  H04W12/10