公开(公告)号：US09342699B2

公开(公告)日：2016-05-17

申请号：US14072939

申请日：2013-11-06

Applicant: BLACKBERRY LIMITED ,  QNX SOFTWARE SYSTEMS LIMITED

Inventor： Roger Paul Bowman ,  Sivakumar Nagarajan ,  Christopher Lyle Bender ,  Timothy Lee Segato

IPC: G06F12/14 ,  G06F21/60 ,  G11B20/00

CPC classification number: G06F21/602 ,  G11B20/0021

Abstract: A method and apparatus for controlling access to encrypted data is provided. The device comprises: a processor and a memory, the processor configured to: control access to encrypted data, stored at the memory, the encrypted data categorized according to a plurality of categories, using a respective encryption key for each category in the plurality of categories; and, control access to a given encryption key according to given criteria associated with a given category, respective criteria different for each respective category, access to the given encryption key including one or more of, when the respective criteria are met: generating the given encryption key and decrypting the given encryption key.

Abstract translation: 提供了一种用于控制对加密数据的访问的方法和装置。 该设备包括：处理器和存储器，所述处理器被配置为：使用针对所述多个类别中的每个类别的相应加密密钥来控制对存储在存储器中的加密数据的访问，根据多个类别分类的加密数据 ; 并且根据与给定类别相关联的给定标准控制对给定加密密钥的访问，对于每个相应类别不同的​​相应标准，对满足相应标准的包括一个或多个的给定加密密钥的访问：生成给定加密 密钥并解密给定的加密密钥。

公开(公告)号：USRE49194E1

公开(公告)日：2022-08-30

申请号：US15982921

申请日：2018-05-17

Applicant: BLACKBERRY LIMITED

Inventor： Roger Paul Bowman ,  Sivakumar Nagarajan ,  Christopher Lyle Bender ,  Timothy Lee Segato

IPC: G06F12/14 ,  G06F21/60 ,  G11B20/00

Abstract: A method and apparatus for controlling access to encrypted data is provided. The device comprises: a processor and a memory, the processor configured to: control access to encrypted data, stored at the memory, the encrypted data categorized according to a plurality of categories, using a respective encryption key for each category in the plurality of categories; and, control access to a given encryption key according to given criteria associated with a given category, respective criteria different for each respective category, access to the given encryption key including one or more of, when the respective criteria are met, generating the given encryption key and decrypting the given encryption key.

公开(公告)号：US10348502B2

公开(公告)日：2019-07-09

申请号：US15255921

申请日：2016-09-02

Applicant: BlackBerry Limited ,  2236008 Ontario Inc.

Inventor： Roger Paul Bowman ,  Dmitri Pechkin ,  David Hughston Rodrigue Sarrazin ,  Timothy Lee Segato

IPC: H04L9/14 ,  H04L9/06 ,  H04L9/08 ,  H04L9/16

Abstract: Systems, methods, and software can be used to encrypt and decrypt data. In some aspects, a first primary secret key based on a primary ephemeral key pair and a primary master public key is generated by a primary data service application on an electronic device. A first primary ciphertext is generated by encrypting a first portion of the data using the first primary secret key. A second primary secret key is generated based on the first primary secret key. The first primary secret key is deleted. The first primary ciphertext is sent from the primary data service application to a secondary data service application. A first encrypted text is received from the secondary data service application. The first encrypted text is generated by encrypting the first primary ciphertext.