公开(公告)号：US20050255838A1

公开(公告)日：2005-11-17

申请号：US11118791

申请日：2005-04-29

申请人： Neil Adams ,  Herbert Little ,  Michael Kirkup

发明人： Neil Adams ,  Herbert Little ,  Michael Kirkup

IPC分类号： H04L9/32 ,  H04L12/22 ,  H04L12/58 ,  H04L29/06 ,  H04M3/00 ,  H04M3/20 ,  H04M7/00 ,  H04W12/02

CPC分类号： H04L63/04 ,  H04L51/14 ,  H04L51/38 ,  H04L63/105 ,  H04M3/205 ,  H04M7/0078 ,  H04M2203/609 ,  H04W12/02 ,  H04W12/08

摘要： Systems and methods for managing data transfers between a secure location and a less secure location. A data transfer checker operating on a mobile device determines whether an attempted data transfer between two locations is permitted. If it is not permitted, then the data transfer is prevented and the user may be notified of the data transfer prevention.

摘要翻译： 用于管理安全位置和较不安全位置之间的数据传输的系统和方法。 在移动设备上操作的数据传输检查器确定是否允许在两个位置之间尝试的数据传送。 如果不允许，则防止数据传输，并且可以通知用户防止数据传输。

公开(公告)号：US20070074033A1

公开(公告)日：2007-03-29

申请号：US11237726

申请日：2005-09-29

申请人： Neil Adams ,  Michael Kirkup ,  Herbert Little ,  Michael Rybak ,  David Tapuska

发明人： Neil Adams ,  Michael Kirkup ,  Herbert Little ,  Michael Rybak ,  David Tapuska

IPC分类号： H04L9/00

CPC分类号： G06F21/629 ,  H04L9/3247 ,  H04L2209/56 ,  H04L2209/80

摘要： A system and method for providing code signing services to software application developers or to other individuals or entities that wish to have applications digitally signed. Signing of the applications may be required in order to enable the applications to access sensitive APIs and associated resources of a computing device when the applications are executed on the computing device. In one embodiment, a method of providing code signing services will comprise at least some steps relating to registering the entities that seek access to sensitive APIs as controlled by the code signing authority, and managing the accounts of the registered entities.

摘要翻译： 一种用于向软件应用程序开发人员或希望对应用程序进行数字签名的其他个人或实体提供代码签名服务的系统和方法。 可能需要签署应用程序，以便在应用程序在计算设备上执行时，使应用程序能够访问计算设备的敏感API和相关资源。 在一个实施例中，提供代码签名服务的方法将包括至少一些步骤，其涉及登记由代码签名机构控制的敏感API的访问的实体，以及管理注册实体的帐户。

公开(公告)号：US20070074031A1

公开(公告)日：2007-03-29

申请号：US11237724

申请日：2005-09-29

申请人： Neil Adams ,  Michael Kirkup ,  Herbert Little ,  Michael Rybak ,  David Tapuska

发明人： Neil Adams ,  Michael Kirkup ,  Herbert Little ,  Michael Rybak ,  David Tapuska

IPC分类号： H04L9/00

CPC分类号： G06F21/629

摘要： A system and method for providing code signing services to software application developers or to other individuals or entities that wish to have applications digitally signed. Signing of the applications may be required in order to enable the applications to access sensitive APIs and associated resources of a computing device when the applications are executed on the computing device. In one embodiment, a method of providing code signing services will comprise at least some steps relating to registering the entities that seek access to sensitive APIs as controlled by the code signing authority. These steps are performed in order to establish trust relationships with those entities. The method of providing code signing services will also comprise additional steps relating to receiving and processing the code signing requests from such entities.

摘要翻译： 一种用于向软件应用程序开发人员或希望对应用程序进行数字签名的其他个人或实体提供代码签名服务的系统和方法。 可能需要签署应用程序，以便在应用程序在计算设备上执行时，使应用程序能够访问计算设备的敏感API和相关资源。 在一个实施例中，提供代码签名服务的方法将包括至少一些步骤，其涉及登记由代码签名机构控制的敏感API访问的实体。 执行这些步骤以便与这些实体建立信任关系。 提供代码签名服务的方法还将包括与从这些实体接收和处理代码签名请求相关的附加步骤。

公开(公告)号：US20070038820A1

公开(公告)日：2007-02-15

申请号：US11202786

申请日：2005-08-11

申请人： Michael Brown ,  Herbert Little ,  Michael Brown

发明人： Michael Brown ,  Herbert Little ,  Michael Brown

IPC分类号： G06F13/28

CPC分类号： G06F21/79 ,  G06F12/0802 ,  G06F12/1408

摘要： Increasing security for a hand-held data processing device with communication functionality where such a device includes an access-ordered memory cache relating to communications carried out by the device. The hand-held data processing device has a locked state that is entered by the device receiving or initiating a trigger. On occurrence of the trigger to enter the locked state the memory cache is reordered so as to disrupt the access-ordering of the cache to obscure device traffic information and thus increase the security of the device in the locked state.

摘要翻译： 提高具有通信功能的手持式数据处理设备的安全性，其中这样的设备包括与由设备执行的通信相关的访问有序的存储器高速缓存。 手持式数据处理装置具有被接收或发起触发的装置输入的锁定状态。 在发生触发器进入锁定状态时，存储器高速缓存被重新排序，以便中断高速缓存的访问排序以模糊设备交通信息，从而增加处于锁定状态的设备的安全性。

公开(公告)号：US20050251680A1

公开(公告)日：2005-11-10

申请号：US11118236

申请日：2005-04-29

申请人： Michael Brown ,  Herbert Little ,  David MacFarlane ,  Michael Brown ,  Dinah Davis

发明人： Michael Brown ,  Herbert Little ,  David MacFarlane ,  Michael Brown ,  Dinah Davis

IPC分类号： H04L9/00 ,  H04L9/30 ,  H04L29/06

CPC分类号： H04L9/08 ,  H04L9/002 ,  H04L9/0841 ,  H04L9/0844 ,  H04L9/3066 ,  H04L9/3215 ,  H04L9/3226 ,  H04L63/061 ,  H04L63/083 ,  H04L63/18 ,  H04L2209/80 ,  H04W12/04 ,  H04W12/06

摘要： A method for secure bidirectional communication between two systems is described. A first key pair and a second key pair are generated, the latter including a second public key that is generated based upon a shared secret. First and second public keys are sent to a second system, and third and fourth public keys are received from the second system. The fourth public key is generated based upon the shared secret. A master key for encrypting messages is calculated based upon a first private key, a second private key, the third public key and the fourth public key. For re-keying, a new second key pair having a new second public key and a new second private key is generated, and a new fourth public key is received. A new master key is calculated using elliptic curve calculations using the new second private key and the new fourth public key.

摘要翻译： 描述了两个系统之间的安全双向通信的方法。 产生第一密钥对和第二密钥对，后者包括基于共享秘密生成的第二公钥。 第一和第二公钥被发送到第二系统，并且从第二系统接收第三和第四公钥。 第四个公钥是基于共享的秘密生成的。 基于第一私钥，第二私钥，第三公钥和第四公钥来计算用于加密消息的主密钥。 为了重新键入，生成具有新的第二公钥和新的第二私钥的新的第二密钥对，并接收新的第四公钥。 使用新的第二私钥和新的第四公钥，使用椭圆曲线计算来计算新的主密钥。

公开(公告)号：US20050071508A1

公开(公告)日：2005-03-31

申请号：US10916098

申请日：2004-08-11

申请人： Michael Brown ,  Michael Brown ,  Herbert Little

发明人： Michael Brown ,  Michael Brown ,  Herbert Little

IPC分类号： G06F20060101 ,  G06F11/30 ,  G06F12/14 ,  G06F15/16 ,  H04L9/00 ,  H04L12/24 ,  H04L12/54 ,  H04W12/10

CPC分类号： H04L63/123 ,  H04L51/38 ,  H04L63/0272 ,  H04L63/0442 ,  H04L63/0823 ,  H04L63/168 ,  H04W12/10

摘要： Systems and methods for processing encoded messages within a wireless communication system. A server within the wireless communication system provides one or more indications to a mobile device as to certain conditions existing with respect to an encoded message. The mobile device performs a different message processing function based upon whether the indication is provided. The indications may include indicating whether a message exceeds a message size threshold and/or may indicate whether a partial message is being sent.

摘要翻译： 用于处理无线通信系统内的编码消息的系统和方法。 无线通信系统内的服务器根据对编码的消息存在的某些条件向移动设备提供一个或多个指示。 移动设备基于是否提供指示来执行不同的消息处理功能。 指示可以包括指示消息是否超过消息大小阈值和/或可以指示是否正在发送部分消息。

公开(公告)号：US20050254658A1

公开(公告)日：2005-11-17

申请号：US11058259

申请日：2005-02-16

申请人： Michael Brown ,  Michael Brown ,  Herbert Little

发明人： Michael Brown ,  Michael Brown ,  Herbert Little

IPC分类号： H04L9/00 ,  H04L9/08 ,  H04L9/28 ,  H04L9/30

CPC分类号： H04L9/0825 ,  H04L9/0861 ,  H04L2209/80

摘要： A system and method for generating reproducible session keys in a wireless messaging system. The session key is generated based on a hash of a message itself, optionally concatenated with additional information. Since the local server stores the message, it can easily regenerate the same session key in response to each MORE request. The method of the invention can be implemented with the stored original message, a public key, and an algorithm for generating the session key based on a hash of the message.

摘要翻译： 一种用于在无线消息收发系统中产生可再现会话密钥的系统和方法。 会话密钥基于消息本身的散列生成，可选地与附加信息连接。 由于本地服务器存储消息，因此可以根据每个MORE请求轻松地重新生成相同的会话密钥。 本发明的方法可以利用存储的原始消息，公共密钥和用于基于消息的散列来生成会话密钥的算法来实现。

公开(公告)号：US20070266258A1

公开(公告)日：2007-11-15

申请号：US11383369

申请日：2006-05-15

申请人： Michael Brown ,  Michael Brown ,  Herbert Little

发明人： Michael Brown ,  Michael Brown ,  Herbert Little

IPC分类号： H04L9/00

CPC分类号： H04L9/0822 ,  H04L9/0891 ,  H04L9/14 ,  H04L63/00 ,  H04L2209/24 ,  H04L2209/60

摘要： A method for securing data and resetting a password using a content protection key is provided, in which the content protection key itself is protected by a password. A content protection key is also protected at a data storage device with a key encryption key generated in collaboration with an additional device such as a server. The server stores a private key required to regenerate the key encryption key, but this private key is not provided from the server to the data storage device; rather, a public key derived from the private key is provided by the server. The data storage device combines the received public key and a further private key to derive the key encryption key; the further private key itself is not stored by the data storage device, but rather its matching public key is stored. The content protection key is then encrypted using a password and the derived key encryption key. If the password is lost, data from the server and from the data storage device may be combined to recreate the key encryption key.

摘要翻译： 提供了一种使用内容保护密钥保护数据和重置密码的方法，其中内容保护密钥本身由密码保护。 在数据存储设备上还保护内容保护密钥，其中使用与诸如服务器的附加设备协作生成的密钥加密密钥。 服务器存储重新生成密钥加密密钥所需的专用密钥，但该私钥没有从服务器提供给数据存储设备; 相反，由私钥导出的公钥由服务器提供。 数据存储装置将接收到的公开密钥和另外的私钥组合以导出密钥加密密钥; 另外的私钥本身不被数据存储设备存储，而是存储其匹配的公钥。 然后使用密码和派生密钥加密密钥对内容保护密钥进行加密。 如果密码丢失，则来自服务器和数据存储设备的数据可以被组合以重新创建密钥加密密钥。

公开(公告)号：US20060053291A1

公开(公告)日：2006-03-09

申请号：US10934765

申请日：2004-09-07

申请人： Michael Brown ,  Michael Brown ,  Herbert Little

发明人： Michael Brown ,  Michael Brown ,  Herbert Little

IPC分类号： H04L9/00

CPC分类号： H04L9/3247 ,  H04L9/3265 ,  H04L63/123 ,  H04L2209/24 ,  H04L2209/72 ,  H04L2209/80

摘要： Systems and methods for processing encoded messages within a wireless communications system are disclosed. A server within the wireless communications system performs signature verification of an encoded message and provides, together with the message, an indication to the mobile device that the message has been verified. In addition, the server provides supplemental information, such as, for example, a hash of the certificate or certificate chain used to verify the message, to the device, to enable the device to perform additional checks on the certificate, such as, for example, validity checks, trust checks, strength checks, or the like.

公开(公告)号：US20070143612A1

公开(公告)日：2007-06-21

申请号：US11304611

申请日：2005-12-16

申请人： Michael Brown ,  Herbert Little ,  David MacFarlane ,  Michael Brown

发明人： Michael Brown ,  Herbert Little ,  David MacFarlane ,  Michael Brown

IPC分类号： H04L9/00

CPC分类号： H04L9/083 ,  H04L2209/80

摘要： A system and method for generating keys that can be used for encrypting and decrypting PIN messages transmitted between mobile devices. In one embodiment, the method comprises defining a function f, where f(x,y)=f(y,x), and for each of first and second mobile devices, evaluating f with one of x and y having the value of the PIN of the respective mobile device. Each one of the first and second mobile devices can then compute a shared messaging key by evaluating f with the other of x and y having the value of the PIN of the other mobile device. The shared key can then be used specifically to encrypt and decrypt PIN messages transmitted between those two mobile devices.

摘要翻译： 一种用于产生可用于加密和解密在移动设备之间传输的PIN消息的密钥的系统和方法。 在一个实施例中，该方法包括定义函数f，其中f（x，y）= f（y，x），并且对于第一和第二移动设备中的每一个，用x和y中的一个对 相应移动设备的PIN。 第一和第二移动设备中的每一个然后可以通过评估f，而x和y中的另一个具有另一移动设备的PIN的值来计算共享的消息传递密钥。 然后，共享密钥可以专门用于加密和解密在这两个移动设备之间传输的PIN消息。