公开(公告)号：US10078742B2

公开(公告)日：2018-09-18

申请号：US15362430

申请日：2016-11-28

申请人： Blackberry Limited

发明人： Michael Andrew Goldsmith ,  Aleksandar Papo ,  Robert Joseph Lombardi ,  Jasmin Mulaosmanovic ,  Nazih Almalki ,  Brian Everett McBride ,  Peter Mark Rabinovitch

IPC分类号： G06F21/31 ,  G06F21/32 ,  H04L29/06 ,  G06F21/88 ,  G06N3/08 ,  G06F21/36

CPC分类号： G06F21/316 ,  G06F21/32 ,  G06F21/36 ,  G06F21/88 ,  G06N3/08 ,  H04L63/08

摘要： A mobile communications device includes a plurality of first input devices capable of passively collecting input data, a second input device(s) capable of collecting response data based upon a challenge, and a processor capable of determining a level of assurance (LOA) that possession of the mobile communications device has not changed based upon a statistical behavioral model and the passively received input data, and comparing the LOA with a security threshold. When the LOA is above the security threshold, the processor may be capable of performing a given mobile device operation without requiring response data from the second input device(s). When the LOA falls below the security threshold, the processor may be capable of generating the challenge, performing the given mobile device operation responsive to valid response data, and adding recent input data to the statistical behavioral model responsive to receipt of the valid response data.

公开(公告)号：US20180247034A1

公开(公告)日：2018-08-30

申请号：US15960331

申请日：2018-04-23

申请人： Blackberry Limited

发明人： Michael Andrew Goldsmith ,  Aleksandar Papo ,  Robert Joseph Lombardi ,  Jasmin Mulaosmanovic ,  Nazih Almalki ,  Brian Everett McBride ,  Peter Mark Rabinovitch

IPC分类号： G06F21/31 ,  H04L29/06 ,  G06N3/08 ,  G06F21/88 ,  G06F21/36 ,  G06F21/32

CPC分类号： G06F21/316 ,  G06F21/32 ,  G06F21/36 ,  G06F21/88 ,  G06N3/08 ,  H04L63/08

摘要： A mobile communications device includes a plurality of first input devices capable of passively collecting input data, a second input device(s) capable of collecting response data based upon a challenge, and a processor capable of determining a level of assurance (LOA) that possession of the mobile communications device has not changed based upon a statistical behavioral model and the passively received input data, and comparing the LOA with a security threshold. When the LOA is above the security threshold, the processor may be capable of performing a given mobile device operation without requiring response data from the second input device(s). When the LOA falls below the security threshold, the processor may be capable of generating the challenge, performing the given mobile device operation responsive to valid response data, and adding recent input data to the statistical behavioral model responsive to receipt of the valid response data.

公开(公告)号：US09363272B2

公开(公告)日：2016-06-07

申请号：US14107280

申请日：2013-12-16

申请人： BlackBerry Limited

发明人： Brian Everett McBride ,  Kenneth Jason William Lambert ,  Jérôme Bertrand Nicolas Cornet

IPC分类号： H04M1/66 ,  H04L29/06 ,  H04W12/06

CPC分类号： H04L63/08 ,  H04L63/062 ,  H04L63/0807 ,  H04L63/102 ,  H04L63/12 ,  H04W12/06 ,  H04W12/08

摘要： Systems and methods for managing a user identity on a mobile device are provided. The system comprises the mobile device comprising a user agent and a client application, the user agent and the client application in communication with each other. The system further comprises an identity provider in communication with the mobile device, and a client service in communication with the mobile device. The user agent is configured to communicate with the identity provider and retrieve the user identity for the client application, and the client application is configured to transmit the user identity to the client service.

摘要翻译： 提供了用于在移动设备上管理用户身份的系统和方法。 该系统包括包括用户代理和客户端应用的移动设备，用户代理和客户端应用彼此通信。 该系统还包括与移动设备通信的身份提供者以及与移动设备通信的客户端服务。 所述用户代理被配置为与所述身份提供者进行通信并检索所述客户端应用的用户身份，并且所述客户端应用被配置为将所述用户身份发送给所述客户端服务。

公开(公告)号：US10515198B2

公开(公告)日：2019-12-24

申请号：US15960331

申请日：2018-04-23

申请人： Blackberry Limited

发明人： Michael Andrew Goldsmith ,  Aleksandar Papo ,  Robert Joseph Lombardi ,  Jasmin Mulaosmanovic ,  Nazih Almalki ,  Brian Everett McBride ,  Peter Mark Rabinovitch

IPC分类号： G06F21/31 ,  H04L29/06 ,  G06F21/88 ,  G06N3/08 ,  G06F21/32 ,  G06F21/36

摘要： A mobile communications device includes a plurality of first input devices capable of passively collecting input data, a second input device(s) capable of collecting response data based upon a challenge, and a processor capable of determining a level of assurance (LOA) that possession of the mobile communications device has not changed based upon a statistical behavioral model and the passively received input data, and comparing the LOA with a security threshold. When the LOA is above the security threshold, the processor may be capable of performing a given mobile device operation without requiring response data from the second input device(s). When the LOA falls below the security threshold, the processor may be capable of generating the challenge, performing the given mobile device operation responsive to valid response data, and adding recent input data to the statistical behavioral model responsive to receipt of the valid response data.

公开(公告)号：US09953146B2

公开(公告)日：2018-04-24

申请号：US15362430

申请日：2016-11-28

申请人： Blackberry Limited

发明人： Michael Andrew Goldsmith ,  Aleksandar Papo ,  Robert Joseph Lombardi ,  Jasmin Mulaosmanovic ,  Nazih Almalki ,  Brian Everett McBride ,  Peter Mark Rabinovitch

IPC分类号： G06F21/31 ,  H04L29/06 ,  G06F21/88 ,  G06N3/08 ,  G06F21/32 ,  G06F21/36

摘要： A mobile communications device includes a plurality of first input devices capable of passively collecting input data, a second input device(s) capable of collecting response data based upon a challenge, and a processor capable of determining a level of assurance (LOA) that possession of the mobile communications device has not changed based upon a statistical behavioral model and the passively received input data, and comparing the LOA with a security threshold. When the LOA is above the security threshold, the processor may be capable of performing a given mobile device operation without requiring response data from the second input device(s). When the LOA falls below the security threshold, the processor may be capable of generating the challenge, performing the given mobile device operation responsive to valid response data, and adding recent input data to the statistical behavioral model responsive to receipt of the valid response data.

公开(公告)号：US09507925B2

公开(公告)日：2016-11-29

申请号：US14887315

申请日：2015-10-19

申请人： BLACKBERRY LIMITED

发明人： Michael Andrew Goldsmith ,  Aleksandar Papo ,  Robert Joseph Lombardi ,  Jasmin Mulaosmanovic ,  Nazih Almalki ,  Brian Everett McBride ,  Peter Mark Rabinovitch

IPC分类号： G06F21/31 ,  H04L29/06 ,  G06F21/88 ,  G06N3/08

CPC分类号： G06F21/316 ,  G06F21/32 ,  G06F21/36 ,  G06F21/88 ,  G06N3/08 ,  H04L63/08

摘要： A mobile communications device includes a plurality of first input devices capable of passively collecting input data, a second input device(s) capable of collecting response data based upon a challenge, and a processor capable of determining a level of assurance (LOA) that possession of the mobile communications device has not changed based upon a statistical behavioral model and the passively received input data, and comparing the LOA with a security threshold. When the LOA is above the security threshold, the processor may be capable of performing a given mobile device operation without requiring response data from the second input device(s). When the LOA falls below the security threshold, the processor may be capable of generating the challenge, performing the given mobile device operation responsive to valid response data, and adding recent input data to the statistical behavioral model responsive to receipt of the valid response data.

摘要翻译： 一种移动通信设备包括能够被动地收集输入数据的多个第一输入设备，能够基于挑战收集响应数据的第二输入设备，以及能够确定所拥有的保证级别（LOA）的处理器 的移动通信设备没有根据统计行为模型和被动接收的输入数据进行改变，并且将LOA与安全阈值进行比较。 当LOA高于安全阈值时，处理器可能能够执行给定的移动设备操作，而不需要来自第二输入设备的响应数据。 当LOA低于安全阈值时，处理器可以能够产生挑战，响应于有效响应数据执行给定的移动设备操作，以及响应于接收到有效响应数据将最近的输入数据添加到统计行为模型。

公开(公告)号：US11170082B2

公开(公告)日：2021-11-09

申请号：US16704070

申请日：2019-12-05

申请人： BlackBerry Limited

发明人： Michael Andrew Goldsmith ,  Aleksandar Papo ,  Robert Joseph Lombardi ,  Jasmin Mulaosmanovic ,  Nazih Almalki ,  Brian Everett McBride ,  Peter Mark Rabinovitch

IPC分类号： G06F21/31 ,  H04L29/06 ,  G06F21/88 ,  G06N3/08 ,  G06F21/32 ,  G06F21/36

摘要： A method of operation and non-transitory computer readable medium are provided for a mobile communications device which includes memory storing program instructions and a processor coupled to a first input that passively collects input data and a second input that collects response data based on a challenge. A statistical behavioral model is generated based upon passively collected input data for the user. A level of assurance (LOA) is determined based upon the statistical behavioral model and the passively collected input data from the first input. The LOA is compared with a threshold and based on the comparison: the mobile device operation is enabled as a result of determining that the LOA meets or exceeds the threshold without requiring response data from the at least one second input, otherwise, the challenge is generated and the mobile device operation is enabled responsive to valid response data from the second input.

公开(公告)号：US09729537B2

公开(公告)日：2017-08-08

申请号：US15174831

申请日：2016-06-06

申请人： BlackBerry Limited

发明人： Brian Everett McBride ,  Kenneth Jason William Lambert ,  Jérôme Bertrand Nicolas Cornet

IPC分类号： H04M1/66 ,  H04L29/06 ,  H04W12/06 ,  H04W12/08

CPC分类号： H04L63/08 ,  H04L63/062 ,  H04L63/0807 ,  H04L63/102 ,  H04L63/12 ,  H04W12/06 ,  H04W12/08

摘要： Systems and methods for managing a user identity on a mobile device are provided. The system comprises the mobile device comprising a user agent and a client application, the user agent and the client application in communication with each other. The system further comprises an identity provider in communication with the mobile device, and a client service in communication with the mobile device. The user agent is configured to communicate with the identity provider and retrieve the user identity for the client application, and the client application is configured to transmit the user identity to the client service.

公开(公告)号：US20170083692A1

公开(公告)日：2017-03-23

申请号：US15362430

申请日：2016-11-28

申请人： Blackberry Limited

发明人： Michael Andrew Goldsmith ,  Aleksandar Papo ,  Robert Joseph Lombardi ,  Jasmin Mulaosmanovic ,  Nazih Almalki ,  Brian Everett McBride ,  Peter Mark Rabinovitch

IPC分类号： G06F21/31 ,  G06N3/08 ,  G06F21/36 ,  G06F21/32

CPC分类号： G06F21/316 ,  G06F21/32 ,  G06F21/36 ,  G06F21/88 ,  G06N3/08 ,  H04L63/08

摘要： A mobile communications device includes a plurality of first input devices capable of passively collecting input data, a second input device(s) capable of collecting response data based upon a challenge, and a processor capable of determining a level of assurance (LOA) that possession of the mobile communications device has not changed based upon a statistical behavioral model and the passively received input data, and comparing the LOA with a security threshold. When the LOA is above the security threshold, the processor may be capable of performing a given mobile device operation without requiring response data from the second input device(s). When the LOA falls below the security threshold, the processor may be capable of generating the challenge, performing the given mobile device operation responsive to valid response data, and adding recent input data to the statistical behavioral model responsive to receipt of the valid response data.

公开(公告)号：US20160042164A1

公开(公告)日：2016-02-11

申请号：US14887315

申请日：2015-10-19

申请人： BLACKBERRY LIMITED

发明人： Michael Andrew Goldsmith ,  Aleksandar Papo ,  Robert Joseph Lombardi ,  Jasmin Mulaosmanovic ,  Nazih Almalki ,  Brian Everett McBride ,  Peter Mark Rabinovitch

IPC分类号： G06F21/31 ,  H04L29/06 ,  G06N3/08 ,  G06F21/88

CPC分类号： G06F21/316 ,  G06F21/32 ,  G06F21/36 ,  G06F21/88 ,  G06N3/08 ,  H04L63/08

摘要： A mobile communications device includes a plurality of first input devices capable of passively collecting input data, a second input device(s) capable of collecting response data based upon a challenge, and a processor capable of determining a level of assurance (LOA) that possession of the mobile communications device has not changed based upon a statistical behavioral model and the passively received input data, and comparing the LOA with a security threshold. When the LOA is above the security threshold, the processor may be capable of performing a given mobile device operation without requiring response data from the second input device(s). When the LOA falls below the security threshold, the processor may be capable of generating the challenge, performing the given mobile device operation responsive to valid response data, and adding recent input data to the statistical behavioral model responsive to receipt of the valid response data.

摘要翻译： 一种移动通信设备包括能够被动地收集输入数据的多个第一输入设备，能够基于挑战收集响应数据的第二输入设备，以及能够确定所拥有的保证级别（LOA）的处理器 的移动通信设备没有根据统计行为模型和被动接收的输入数据进行改变，并且将LOA与安全阈值进行比较。 当LOA高于安全阈值时，处理器可能能够执行给定的移动设备操作，而不需要来自第二输入设备的响应数据。 当LOA低于安全阈值时，处理器可以能够产生挑战，响应于有效响应数据执行给定的移动设备操作，以及响应于接收到有效响应数据将最近的输入数据添加到统计行为模型。