公开(公告)号：US09037845B2

公开(公告)日：2015-05-19

申请号：US13866054

申请日：2013-04-19

Applicant: BlackBerry Limited

Inventor： Michael Kenneth Brown ,  Michael Grant Kirkup ,  Herbert Anthony Little

IPC: H04L9/00 ,  H04L29/06 ,  H04L9/08 ,  H04L12/28

CPC classification number: H04L63/062 ,  H04L9/0891 ,  H04L12/2854 ,  H04L63/06 ,  H04L63/068 ,  H04L2209/80

Abstract: Systems and methods for updating status of digital certificate subkeys. A request is made to a key server to verify if a given key is revoked. If it is not, then the key with its subkeys is acquired from the key server. If one or more subkeys or signatures of the subkeys are different in the acquired key, then the key is replaced.

Abstract translation: 更新数字证书子密钥状态的系统和方法。 向密钥服务器发出请求以验证给定密钥是否被撤销。 如果不是，则从密钥服务器获取具有其子密钥的密钥。 如果子密钥中的一个或多个子密钥或签名在获取的密钥中不同，则替换该密钥。

公开(公告)号：US20140351599A1

公开(公告)日：2014-11-27

申请号：US14454249

申请日：2014-08-07

Applicant: BlackBerry Limited

Inventor： Michael Kenneth Brown ,  Herbert Anthony Little ,  Michael Stephen Brown

IPC: H04L9/32

Abstract: Systems and methods for processing encoded messages within a wireless communications system are disclosed. A server within the wireless communications system performs signature verification of an encoded message and provides, together with the message, an indication to the mobile device that the message has been verified. In addition, the server provides supplemental information, such as, for example, a hash of the certificate or certificate chain used to verify the message, to the device, to enable the device to perform additional checks on the certificate, such as, for example, validity checks, trust checks, strength checks, or the like.

Abstract translation: 公开了一种在无线通信系统内处理编码消息的系统和方法。 无线通信系统内的服务器执行编码消息的签名验证，并与消息一起向移动设备提供消息已被验证的指示。 另外，服务器向设备提供补充信息，例如用于验证消息的证书或证书链的散列，以使得设备能够对证书执行额外的检查，例如 ，有效性检查，信任检查，力量检查等。

公开(公告)号：US20130318344A1

公开(公告)日：2013-11-28

申请号：US13957574

申请日：2013-08-02

Applicant: Blackberry Limited

Inventor： Michael Stephen Brown ,  Neil Patrick Adams ,  Michael Kenneth Brown ,  Michael Grant Kirkup ,  Herbert Anthony Little

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L9/3247 ,  G06Q10/107 ,  H04L12/189 ,  H04L51/066 ,  H04L51/38 ,  H04L63/0428 ,  H04L63/0442 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/101 ,  H04L63/126 ,  H04L67/04 ,  H04L67/2823 ,  H04L67/2828 ,  H04L69/329 ,  H04W4/16 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06 ,  H04W24/02 ,  H04W40/02

Abstract: A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device, the message is processed so as to modify the message with respect to one or more encryption and/or authentication aspects. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a host system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the host system to one or more receivers.

Abstract translation: 提供了一种用于在将消息发送到无线移动通信设备之前在主机系统处理加密和/或签名消息的系统和方法。 消息在主机系统从消息发送方接收。 确定任何消息接收机是否具有相应的无线移动通信设备。 对于具有相应的无线移动通信设备的每个消息接收机，处理消息以便相对于一个或多个加密和/或认证方面修改消息。 经处理的消息被发送到对应于第一消息接收器的无线移动通信设备。 该系统和方法可以包括从无线移动通信设备发送到主机系统的后处理消息。 对消息执行认证和/或加密消息处理。 经处理的消息然后可以通过主机系统发送到一个或多个接收器。

公开(公告)号：USRE49721E1

公开(公告)日：2023-11-07

申请号：US17376006

申请日：2021-07-14

Applicant: BlackBerry Limited

Inventor： Neil Patrick Adams ,  Herbert Anthony Little ,  Michael Grant Kirkup

IPC: H04L9/40 ,  H04W12/37 ,  H04W12/033 ,  H04W12/30 ,  H04L51/214 ,  H04M7/00 ,  H04W12/02 ,  H04W12/08 ,  H04W12/63 ,  H04L51/58 ,  H04M3/20

CPC classification number: H04L63/04 ,  H04L51/214 ,  H04L63/105 ,  H04M7/0078 ,  H04W12/02 ,  H04W12/033 ,  H04W12/08 ,  H04W12/30 ,  H04W12/37 ,  H04L51/58 ,  H04M3/205 ,  H04M2203/609 ,  H04W12/63

Abstract: Systems and methods for managing data transfers between a secure location and a less secure location. A data transfer checker operating on a mobile device determines whether an attempted data transfer between two locations is permitted. If it is not permitted, then the data transfer is prevented and the user may be notified of the data transfer prevention.

公开(公告)号：US11030338B2

公开(公告)日：2021-06-08

申请号：US16561132

申请日：2019-09-05

Applicant: Blackberry Limited

Inventor： Michael Kenneth Brown ,  Michael Stephen Brown ,  Herbert Anthony Little ,  Scott William Totzke

IPC: H04L29/06 ,  G06F21/62 ,  G06F21/60 ,  G06F21/88 ,  H04W12/033 ,  H04W12/02 ,  H04W12/08

Abstract: A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level.

公开(公告)号：US10540520B2

公开(公告)日：2020-01-21

申请号：US16187065

申请日：2018-11-12

Applicant: Blackberry Limited

Inventor： Michael Kenneth Brown ,  Michael Stephen Brown ,  Herbert Anthony Little ,  Scott William Totzke

IPC: H04L29/06 ,  G06F21/62 ,  H04W12/02 ,  G06F21/60 ,  G06F21/88 ,  H04W12/08 ,  H04W12/00

Abstract: A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level.

公开(公告)号：US10484870B2

公开(公告)日：2019-11-19

申请号：US15336437

申请日：2016-10-27

Applicant: BlackBerry Limited

Inventor： Michael Kenneth Brown ,  Michael Grant Kirkup ,  Neil Patrick Adams ,  Herbert Anthony Little ,  Christopher Pattenden

IPC: H04W12/06 ,  G06F21/31 ,  G06F21/34 ,  H04L29/06 ,  G06Q10/00 ,  G06Q20/38 ,  G06F21/60 ,  H04M1/725 ,  G06F21/10 ,  G06F21/12 ,  H04W12/08

Abstract: Systems and methods for establishing a data connection between a mobile device and a peripheral. The mobile device is configured to determine whether to handle user approval of the data connection between the mobile device and the peripheral. Through the mobile device, an input mechanism is provided for the user to provide input. The input is used in determining whether to approve the data connection between the mobile device and the peripheral.

公开(公告)号：US09734308B2

公开(公告)日：2017-08-15

申请号：US15063019

申请日：2016-03-07

Applicant: BlackBerry Limited

Inventor： Neil Patrick Adams ,  Herbert Anthony Little

IPC: G06F21/62 ,  G06F21/12 ,  H04L29/06 ,  H04L29/12

CPC classification number: G06F21/121 ,  G06F21/6218 ,  H04L63/10 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/20

Abstract: This disclosure relates to management of privileges associated with applications accessible by users of electronic devices. In one aspect, an electronic device detects that a privilege has been revoked, shuts down any application running on the electronic device that has previously accessed the privilege, and restarts any application that was shut down, the restarted application no longer having any access to the revoked privilege. In another aspect, an electronic device keeps a log of which applications have previously accessed which privileges, receives a new set of privileges associated with applications, determines that a privilege has been revoked, and if the log indicates that an application previously accessed the privilege, resets the electronic device. In a further aspect, a method sets privileges associated with applications, records which electronic devices have which applications, revokes a privilege, and instructs those electronic devices having applications to which the privilege is associated to reset themselves.

公开(公告)号：US09603010B2

公开(公告)日：2017-03-21

申请号：US14791901

申请日：2015-07-06

Applicant: BlackBerry Limited

Inventor： Michael Stephen Brown ,  Neil Patrick Adams ,  Herbert Anthony Little ,  Steven Henry Fyke

IPC: G06F21/30 ,  G06F21/62 ,  G06F21/88 ,  H04L9/00 ,  H04L29/06 ,  H04W12/02 ,  H04W12/08 ,  H04W12/12 ,  H04W8/02 ,  H04W8/24

CPC classification number: H04W12/02 ,  G06F21/305 ,  G06F21/6218 ,  G06F21/88 ,  G06F2221/2143 ,  H04L9/00 ,  H04L63/102 ,  H04L2209/80 ,  H04W8/02 ,  H04W8/245 ,  H04W12/08 ,  H04W12/12

Abstract: A mobile communications device, method, and computer program product for providing security on a mobile communications device are described. In accordance with one example embodiment, the mobile communications device comprises: a processor; a communications subsystem connected to the processor operable to exchange signals with a wireless network and with the processor; a storage element connected to the processor and having a plurality of application modules and data stored thereon, the data comprising at least user application data associated with the application modules and service data including data for establishing communications with the wireless network; and a security module operable to determine if a battery level falls below a predetermined threshold and perform a security action comprising erasing or encrypting at least some of the data on the storage element if the battery power falls below the predetermined threshold.

公开(公告)号：US20170048712A1

公开(公告)日：2017-02-16

申请号：US15336437

申请日：2016-10-27

Applicant: BlackBerry Limited

Inventor： Michael Kenneth Brown ,  Michael Grant Kirkup ,  Neil Patrick Adams ,  Herbert Anthony Little ,  Christopher Pattenden

IPC: H04W12/06 ,  H04M1/725 ,  H04L29/06

CPC classification number: H04W12/06 ,  G06F21/10 ,  G06F21/123 ,  G06F21/31 ,  G06F21/34 ,  G06F21/606 ,  G06Q10/00 ,  G06Q20/382 ,  H04L29/06 ,  H04L63/0272 ,  H04L63/08 ,  H04L63/083 ,  H04L63/168 ,  H04M1/72527 ,  H04W12/08

Abstract: Systems and methods for establishing a data connection between a mobile device and a peripheral. The mobile device is configured to determine whether to handle user approval of the data connection between the mobile device and the peripheral. Through the mobile device, an input mechanism is provided for the user to provide input. The input is used in determining whether to approve the data connection between the mobile device and the peripheral.

Abstract translation: 用于在移动设备和外围设备之间建立数据连接的系统和方法。 移动设备被配置为确定是否处理用户对移动设备和外围设备之间的数据连接的批准。 通过移动设备，为用户提供输入机制以提供输入。 该输入用于确定是否批准移动设备和外围设备之间的数据连接。