摘要:
Systems and methods for providing access to data. When an application needs to perform an action that requires access to data, the application acquires a “ticket” in order to access the data. While the application holds the ticket, it is given access to the data.
摘要:
A system and method for generating a security indicator on a display of a computing device (e.g. a mobile device), to indicate when the computing device is in a secure state while locked. A determination is made (e.g. by a data protection system) as to whether at least some of the secure data stored on the computing device can be decrypted by any applications on the computing device, while the computing device is in the locked state. An icon or other identifier can be displayed to indicate that the secure state has been attained. In one embodiment, the secure state is considered to have been attained, if it is determined that all tickets that have been issued to applications on the computing device while the computing device was unlocked have been released, and any decrypted encryption keys that may be used to decrypt the secure data have been deleted.
摘要:
Authenticity of a proposed future or current participant in a multi-party dialog is checked by splitting an authenticity challenge query into at least two portions wherein none of the portions individually contains sufficient information to fully define the challenge query. These separated portions are then sent to another dialog participant over at least two different communication channels thus enhancing the probability that a successive challenge response is authentic. The authenticity challenge query and splitting thereof into plural portions may include formation of a logical combination (e.g., exclusive-OR) of first and second data strings (one of which may be a challenge question) to produce a resultant third data string where the separated and separately communicated portions include the first and third data strings as separate portions as being sent over respectively different communication channels.
摘要:
Systems and methods for secure e-mail message processing. A device is configured to receive a secure electronic message. The message may then be processed to determine whether the sender's address provided in the message is indicative of the sender's address provided in a sender's security-related certificate. A message's recipient can be notified based upon the determination.
摘要:
Enhanced reset logic is included in a user's computerized device so that the device owner (e.g., the user's employer) can assure prompt reset (e.g., to insure device use of newly downloaded software versions or other control or security data) while still allowing user convenience (e.g., some limited continued normal use of the device before reset is forced upon the user thus permitting the user to avoid possibly aggravating losses of data and/or ongoing usage).
摘要:
Systems and methods for managing data transfers between a secure location and a less secure location. A data transfer checker operating on a mobile device determines whether an attempted data transfer between two locations is permitted. If it is not permitted, then the data transfer is prevented and the user may be notified of the data transfer prevention.
摘要:
Systems and methods for handling electronic messages. An electronic message that is associated with a digital certificate is to be processed. A decision whether to check the validity of the digital certificate is based upon digital certificate checking criterion.
摘要:
A system and method for generating reproducible session keys in a wireless messaging system. The session key is generated based on a hash of a message itself, optionally concatenated with additional information. Since the local server stores the message, it can easily regenerate the same session key in response to each MORE request. The method of the invention can be implemented with the stored original message, a public key, and an algorithm for generating the session key based on a hash of the message.
摘要:
Systems and methods for verifying status of digital certificates received by mobile devices. A message server forwards messages sent to a mobile device. The messages may be encrypted with a digital certificate. A mobile device sends a request to the message server. The message server verifies the status of the certificate by comparing it with a previously downloaded CRL and sends a response with this information back to the mobile device.
摘要:
Authentication of two devices in communication with a third device is achieved where the first and second devices each possess a shared secret value. The authentication includes communication of authentication values from the first device to the second device using the third device. Similarly, there is communication of values from the second device to the first device using the third device. The third device retains the communicated values. The values are calculated to permit the third device to authenticate the first and second devices without the third device receiving the shared secret value. The authentication may be used to establish a communications channel between the first and the second devices.