公开(公告)号：US20060053306A1

公开(公告)日：2006-03-09

申请号：US10933234

申请日：2004-09-03

申请人： Neil Adams ,  Michael Brown ,  Herbert Little

发明人： Neil Adams ,  Michael Brown ,  Herbert Little

IPC分类号： G06F12/14 ,  G06F11/30 ,  H04L9/32

CPC分类号： G06F21/57 ,  G06F2221/2105 ,  H04L9/0894 ,  H04L2209/80

摘要： A system and method for generating a security indicator on a display of a computing device (e.g. a mobile device), to indicate when the computing device is in a secure state while locked. A determination is made (e.g. by a data protection system) as to whether at least some of the secure data stored on the computing device can be decrypted by any applications on the computing device, while the computing device is in the locked state. An icon or other identifier can be displayed to indicate that the secure state has been attained. In one embodiment, the secure state is considered to have been attained, if it is determined that all tickets that have been issued to applications on the computing device while the computing device was unlocked have been released, and any decrypted encryption keys that may be used to decrypt the secure data have been deleted.

公开(公告)号：US20060294368A1

公开(公告)日：2006-12-28

申请号：US11280235

申请日：2005-11-17

申请人： Neil Adams ,  Michael Brown ,  Herbert Little

发明人： Neil Adams ,  Michael Brown ,  Herbert Little

IPC分类号： H04L9/00

CPC分类号： H04L63/0823 ,  H04L9/3265 ,  H04L51/28 ,  H04L51/38 ,  H04L63/0428 ,  H04L2209/80 ,  H04W12/02 ,  H04W12/06

摘要： A system and method for associating message addresses with certificates, in which one or more secondary message addresses are identified and associated with a user-selected certificate. The secondary message addresses are saved in a data structure that resides in a secure data store on a computing device, such as a mobile device. When a message is to be encrypted and sent to an individual using a particular certificate, an address mismatch would not be detected so long as the address to which the message is to be sent matches any of the message addresses associated with the certificate. The message addresses associated with the certificate include any message addresses contained within the certificate itself (“primary message addresses”) as well as any secondary message addresses that have been subsequently associated with the certificate.

摘要翻译： 用于将消息地址与证书相关联的系统和方法，其中识别一个或多个辅助消息地址并与用户选择的证书相关联。 辅助消息地址被保存在位于诸如移动设备的计算设备上的安全数据存储中的数据结构中。 当使用特定证书将消息加密并发送给个人时，只要要发送消息的地址与证书相关联的任何消息地址匹配，就不会检测到地址不匹配。 与证书相关联的消息地址包括证书本身（“主消息地址”）中包含的任何消息地址以及随后与证书相关联的任何辅助消息地址。

公开(公告)号：US20080005561A1

公开(公告)日：2008-01-03

申请号：US11750789

申请日：2007-05-18

申请人： Michael Brown ,  Neil Adams ,  Steven Fyke ,  Herbert Little

发明人： Michael Brown ,  Neil Adams ,  Steven Fyke ,  Herbert Little

IPC分类号： H04L9/00

CPC分类号： H04W12/02 ,  G06F21/305 ,  G06F21/6218 ,  G06F21/88 ,  G06F2221/2143 ,  H04L9/00 ,  H04L63/102 ,  H04L2209/80 ,  H04W8/02 ,  H04W8/245 ,  H04W12/08 ,  H04W12/12

摘要： A mobile communications device, server, and method for providing security on a mobile communications device are described. In accordance with one example embodiment, the mobile communications device comprises: a processor; a communications subsystem connected to the processor operable to exchange signals with a wireless network and with the processor; a storage element connected to the processor and having a plurality of application modules and data stored thereon, the data comprising at least user application data associated with the application modules and service data including data for establishing communications with the wireless network; and a security module operable to detect policy messages received by the mobile communications device, wherein the security module is further operable to perform a security action if a first policy message to enforce a first data protection policy is received and a subsequent policy message to enforce a second data protection policy is not received within a predetermined duration from the time at which the first policy message is received; and wherein the security action comprises erasing or encrypting at least some of the data on the storage element.

摘要翻译： 描述了用于在移动通信设备上提供安全性的移动通信设备，服务器和方法。 根据一个示例实施例，移动通信设备包括：处理器; 连接到处理器的通信子系统可操作以与无线网络和处理器交换信号; 连接到所述处理器并具有存储在其上的多个应用模块和数据的存储元件，所述数据至少包括与所述应用模块相关联的用户应用数据和包括用于建立与所述无线网络的通信的数据的服务数据; 以及可操作以检测由移动通信设备接收的策略消息的安全模块，其中如果接收到用于强制执行第一数据保护策略的第一策略消息以及后续的策略消息来执行安全模块，则安全模块还可操作以执行安全动作 在从接收到第一策略消息的时间起的预定持续时间内没有接收到第二数据保护策略; 并且其中所述安全动作包括擦除或加密所述存储元件上的所述数据中的至少一些。

公开(公告)号：US20070298767A1

公开(公告)日：2007-12-27

申请号：US11750594

申请日：2007-05-18

申请人： Michael Brown ,  Neil Adams ,  Steven Fyke ,  Herbert Little

发明人： Michael Brown ,  Neil Adams ,  Steven Fyke ,  Herbert Little

IPC分类号： H04M1/66

CPC分类号： H04W12/02 ,  G06F21/305 ,  G06F21/6218 ,  G06F21/88 ,  G06F2221/2143 ,  H04L9/00 ,  H04L63/102 ,  H04L2209/80 ,  H04W8/02 ,  H04W8/245 ,  H04W12/08 ,  H04W12/12

摘要： A mobile communications device, method and computer program product for providing security on a mobile communications device are described. In accordance with one example embodiment, the mobile communications device comprises: a processor; a communications subsystem connected to the processor operable to exchange signals with a wireless network and with the processor; a storage element connected to the processor and having a plurality of application modules and data stored thereon, the data comprising at least user application data associated with the application modules and service data including data for establishing communications with the wireless network; and a security module operable to detect a locked state of the mobile communications device and initiate a lockout data protection timer for a predetermined duration upon detection of the locked state; and wherein the security module is operable to, after the lockout data protection timer has been initiated, detect if a password shared by the user and the mobile communications device is entered through a user input device within the predetermined duration of the lockout data protection timer; wherein the security module is operable to terminate the lockout data protection timer if entry of the password is detected within the predetermined duration; and wherein the security module is operable to perform a security action comprising erasing or encrypting at least some of the data on the storage element if entry of the password is not detected within the predetermined duration.

摘要翻译： 描述了用于在移动通信设备上提供安全性的移动通信设备，方法和计算机程序产品。 根据一个示例实施例，移动通信设备包括：处理器; 连接到处理器的通信子系统可操作以与无线网络和处理器交换信号; 连接到所述处理器并具有存储在其上的多个应用模块和数据的存储元件，所述数据至少包括与所述应用模块相关联的用户应用数据和包括用于建立与所述无线网络的通信的数据的服务数据; 以及安全模块，其可操作以检测所述移动通信设备的锁定状态，并且在检测到所述锁定状态时在预定持续时间内启动锁定数据保护定时器; 并且其中所述安全模块可操作以在所述锁定数据保护定时器已被启动之后，在所述锁定数据保护定时器的所述预定持续时间内检测用户和所述移动通信设备共享的密码是否通过用户输入设备进入; 其中所述安全模块可操作以在所述预定持续时间内检测到所述密码的输入时终止所述锁定数据保护定时器; 并且其中所述安全模块可操作以执行安全动作，包括擦除或加密所述存储元件上的所述数据中的至少一些，如果在所述预定持续时间内没有检测到所述口令的输入。

公开(公告)号：US20070028118A1

公开(公告)日：2007-02-01

申请号：US11196340

申请日：2005-08-04

申请人： Michael Brown ,  Neil Adams ,  Herbert Little

发明人： Michael Brown ,  Neil Adams ,  Herbert Little

IPC分类号： H04L9/00 ,  H04K1/00

CPC分类号： G07F7/1008 ,  G06Q20/341 ,  G06Q20/4012 ,  G06Q20/40975 ,  G07F7/1025

摘要： A smart card, system, and method for securely authorizing a user or user device using the smart card is provided. The smart card is configured to provide, upon initialization or a request for authentication, a public key to the user input device such that the PIN or password entered by the user is encrypted before transmission to the smart card via a smart card reader. The smart card then decrypts the PIN or password to authorize the user. Preferably, the smart card is configured to provide both a public key and a nonce to the user input device, which then encrypts a concatenation or other combination of the nonce and the user-input PIN or password before transmission to the smart card. The smart card reader thus never receives a copy of the PIN or password in the clear, allowing the smart card to be used with untrusted smart card readers.

摘要翻译： 提供了一种使用智能卡安全授权用户或用户设备的智能卡，系统和方法。 智能卡被配置为在初始化或请求验证时向用户输入设备提供公共密钥，使得在经由智能卡读卡器传输到智能卡之前，由用户输入的PIN或密码被加密。 智能卡然后解密PIN或密码以授权用户。 优选地，智能卡被配置为向用户输入设备提供公开密钥和随机数，该用户输入设备然后在发送到智能卡之前加密随机数和用户输入的PIN或密码的级联或其他组合。 因此，智能卡读卡器从未收到PIN或密码的副本，允许智能卡与不可信的智能卡读卡器一起使用。

公开(公告)号：US20060036848A1

公开(公告)日：2006-02-16

申请号：US10913693

申请日：2004-08-09

申请人： Michael Brown ,  Neil Adams ,  David Tapuska ,  Herbert Little

发明人： Michael Brown ,  Neil Adams ,  David Tapuska ,  Herbert Little

IPC分类号： H04L9/00

CPC分类号： H04L9/3263 ,  H04L61/1523 ,  H04L63/0823 ,  H04L2209/80 ,  H04W12/04 ,  Y10S707/99933

摘要： A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, a certificate synchronization application is programmed to perform certificate searches by querying one or more certificate servers for all of the certificates on those certificate servers. If all of the certificates on a certificate server cannot be successfully retrieved using a single search query, due to a search quota on the certificate server being exceeded for example, the search is re-performed through multiple queries, each corresponding to a narrower subsearch. The invention enables users to large amounts of certificates to be automatically searched for and retrieved from certificate servers, thereby minimizing the need for users to manually search for individual certificates.

摘要翻译： 用于搜索和检索证书的系统和方法，其可以用于编码消息的处理。 在一个实施例中，证书同步应用程序被编程为通过向一个或多个证书服务器查询那些证书服务器上的所有证书来执行证书搜索。 如果证书服务器上的所有证书都无法使用单个搜索查询成功检索，因为例如超过了证书服务器上的搜索配额，则通过多个查询重新执行搜索，每个查询对应于较窄的子搜索。 本发明使用户能够从证书服务器自动搜索和检索大量的证书，从而最小化用户手动搜索单个证书的需要。

公开(公告)号：US20070167194A1

公开(公告)日：2007-07-19

申请号：US11331338

申请日：2006-01-13

申请人： Michael Brown ,  Neil Adams ,  Herbert Little ,  Scott Totzke

发明人： Michael Brown ,  Neil Adams ,  Herbert Little ,  Scott Totzke

IPC分类号： H04B1/38

CPC分类号： H04L67/125 ,  H04L67/04 ,  H04L67/24

摘要： A portable wireless user communication device is wirelessly coupled to a second device over a monitored link. If the link is lost or endangered, then a user alarm is activated at the portable wireless user device and/or at the second device to which it is linked (which may also be a portable electronic device). The type of monitoring and/or the type of alarming may be user selectable.

摘要翻译： 便携式无线用户通信设备通过被监视的链路无线耦合到第二设备。 如果链路丢失或濒危，则在便携式无线用户设备和/或与其链接的第二设备（其也可以是便携式电子设备）上激活用户警报。 监视类型和/或报警类型可以是用户可选择的。

公开(公告)号：US20070053313A1

公开(公告)日：2007-03-08

申请号：US11218608

申请日：2005-09-06

申请人： Neil Adams ,  Herbert Little ,  Michael Brown

发明人： Neil Adams ,  Herbert Little ,  Michael Brown

IPC分类号： H04J3/08

CPC分类号： H04W8/005 ,  H04M1/66 ,  H04M1/7253 ,  H04M1/72552 ,  H04W88/02

摘要： A first wireless device controls its visibility by disabling its discoverable mode or modes upon ascertaining that a second wireless device does not require the first device to be in a discoverable mode in order to establish connections therebetween.

摘要翻译： 第一无线设备通过在确定第二无线设备不要求第一设备处于可发现模式以便建立其间的连接的情况下禁用其可发现的模式或模式来控制其可见性。

公开(公告)号：US20060036859A1

公开(公告)日：2006-02-16

申请号：US10913499

申请日：2004-08-09

申请人： Neil Adams ,  Michael Brown ,  Herbert Little

发明人： Neil Adams ,  Michael Brown ,  Herbert Little

IPC分类号： H04L9/00

CPC分类号： H04L9/0891 ,  H04L9/3263 ,  H04L63/061 ,  H04L63/0823 ,  H04L2209/80 ,  H04W12/04

摘要： A system and method for automatic key and certificate management is disclosed. In particular, a key store in a base computer contains both new and previously viewed cryptographic keys. When a mobile communications device is to be updated with the new keys, the new keys are automatically identified by comparing the keys stored in the base computer with a list of previously viewed keys to determine which new keys are to be marked for download. Upon marking the new keys, the user may be prompted to download the newly identified keys, or they may be downloaded automatically. Once the new keys have been marked, the list of previously viewed keys is updated to include those marked, so that the next time updating occurs, the previously viewed key list will be correct.

公开(公告)号：US20060030295A1

公开(公告)日：2006-02-09

申请号：US10909842

申请日：2004-08-03

申请人： Neil Adams ,  Michael Brown ,  Herbert Little

发明人： Neil Adams ,  Michael Brown ,  Herbert Little

IPC分类号： H04M3/16

CPC分类号： H04M1/72552 ,  H04L51/38

摘要： A method and apparatus are provided for a user of a mobile wireless communications device to have the option of viewing security status messages in a large or small format depending upon the user's preferences, form factor of the mobile communications device, or the like. In accordance with an exemplary aspect of the invention, a user may opt to display status icons on one row of a display and include an abbreviated text associated with each icon that is displayed when a particular icon is highlighted by the user. If no icon is highlighted by the user, the most important status text (determined based on predetermined criteria) is displayed. The user has the option of switching to a large status display to view additional information relating to the status icons.