公开(公告)号：WO2013127014A1

公开(公告)日：2013-09-06

申请号：PCT/CA2013/050150

申请日：2013-02-28

Applicant: CERTICOM CORP.

Inventor： CAMPAGNA, Matthew John ,  BROWN, Daniel Richard L. ,  ZAVERUCHA, Gregory Marc

IPC: H04L12/12 ,  H04L9/30 ,  H04L9/32

CPC classification number: H04L63/0823 ,  H04L9/0847 ,  H04L9/0869 ,  H04L9/3066 ,  H04L63/08 ,  H04L63/126 ,  H04L63/166 ,  H04L63/18 ,  H04L67/14

Abstract: A system and method are provided for enabling a client device to connect to a network. The method comprises: obtaining an authorization code via a communication channel different from the network, the authorization code corresponding to the client device; and after detecting initiation of a security negotiation protocol by the client device, using the authorization code in at least one security negotiation operation.

Abstract translation: 提供了一种用于使客户端设备能够连接到网络的系统和方法。 该方法包括：经由与网络不同的通信信道获得授权码，与客户端设备对应的授权码; 并且在检测到客户端设备发起安全协商协议之后，在至少一个安全协商操作中使用授权码。

公开(公告)号：WO2013044088A1

公开(公告)日：2013-03-28

申请号：PCT/US2012/056653

申请日：2012-09-21

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： PECEN, Mark, E. ,  ANDERSEN, Niels Peter Skov ,  PERIYALWAR, Shalini Suresh ,  CAMPAGNA, Matthew John

IPC: H04W28/16

CPC classification number: H04W48/08 ,  H04L47/745 ,  H04L47/803 ,  H04L47/824 ,  H04L63/0823 ,  H04L63/123 ,  H04W4/50 ,  H04W4/60 ,  H04W12/08

Abstract: Methods, systems, and computer programs for managing mobile device applications are described. In some aspects, a mobile device application is prevented from accessing resources of a wireless network. For example, a wireless network operator system can determine that one or more mobile device applications are disapproved for use in the wireless network. In some implementations, the wireless network operator denies the disapproved mobile device applications access to the wireless network resources. In some implementations, mobile devices disable access to the wireless network by the disapproved mobile device applications.

Abstract translation: 描述了用于管理移动设备应用的方法，系统和计算机程序。 在一些方面，防止移动设备应用访问无线网络的资源。 例如，无线网络运营商系统可以确定一个或多个移动设备应用被拒绝在无线网络中使用。 在一些实现中，无线网络运营商拒绝被拒绝的移动设备应用访问无线网络资源。 在一些实施方式中，移动设备通过拒绝的移动设备应用来禁止对无线网络的访问。

公开(公告)号：WO2013009288A1

公开(公告)日：2013-01-17

申请号：PCT/US2011/043538

申请日：2011-07-11

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP. ,  LAZARIDIS, Mihal ,  PECEN, Mark E. ,  VANSTONE, Scott Alexander ,  CAMPAGNA, Matthew John ,  ROSATI, Anthony

Inventor： LAZARIDIS, Mihal ,  PECEN, Mark E. ,  VANSTONE, Scott Alexander ,  CAMPAGNA, Matthew John ,  ROSATI, Anthony

IPC: H04W12/06 ,  H04L29/06

CPC classification number: H04W12/10 ,  H04L63/0492 ,  H04L63/0823 ,  H04L63/126 ,  H04W4/80 ,  H04W12/06 ,  H04W92/18

Abstract: Methods, systems, and computer programs for trusted communication among mobile devices are described. In some aspects, information is wirelessly transmitted from a first mobile device to a second mobile device. The information permits the second mobile device to detect proximity of the first mobile device. In some implementations, the information can be wirelessly transmitted by a proximity- activated wireless interface, such as, for example, a Near Field Communication (NFC) interface. In response to the information, the first mobile device receives a message and a first authentication value wirelessly transmitted from the second mobile device to the first mobile device. A second authentication value is generated at the first mobile device based on the message and the shared secret value. Integrity of the message is verified based on comparing the first authentication value and the second authentication value.

Abstract translation: 描述了用于移动设备之间的可信通信的方法，系统和计算机程序。 在一些方面，信息从第一移动设备无线传输到第二移动设备。 该信息允许第二移动设备检测第一移动设备的接近度。 在一些实现中，信息可以由接近激活的无线接口（例如近场通信（NFC））接口无线地发送。 响应于该信息，第一移动设备接收从第二移动设备无线发送到第一移动设备的消息和第一认证值。 基于消息和共享秘密值在第一移动设备处生成第二认证值。 通过比较第一认证值和第二认证值来验证消息的完整性。

公开(公告)号：WO2013104072A1

公开(公告)日：2013-07-18

申请号：PCT/CA2013/050015

申请日：2013-01-11

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： BUCKLEY, Michael Eoin ,  ZAVERUCHA, Gregory Marc ,  CAMPAGNA, Matthew John

IPC: H04L9/00 ,  H04W12/04

CPC classification number: H04L9/0861 ,  H04L9/083 ,  H04L9/0869 ,  H04L63/061 ,  H04L63/306 ,  H04L2209/80

Abstract: The present disclosure relates to systems and methods for secure communications. In some aspects, an initiator KMS receives, from an initiator UE, one or more values used in generation of an encryption key, which includes obtaining at least one value associated with a RANDRi. The initiator KMS sends the at least one value associated with the RANDRi to a responder KMS. The responder KMS generates the encryption key using the one or more values.

Abstract translation: 本公开涉及用于安全通信的系统和方法。 在一些方面，发起方KMS从发起方UE接收用于生成加密密钥的一个或多个值，其包括获得与RANDRi相关联的至少一个值。 启动器KMS将与RANDRi相关联的至少一个值发送到响应者KMS。 响应者KMS使用一个或多个值生成加密密钥。

公开(公告)号：WO2013044090A1

公开(公告)日：2013-03-28

申请号：PCT/US2012/056656

申请日：2012-09-21

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： PECEN, Mark E. ,  ANDERSEN, Niels Peter Skov ,  PERIYALWAR, Shalini Suresh ,  CAMPAGNA, Matthew John

IPC: H04W12/08

CPC classification number: H04L63/101 ,  H04W12/08 ,  H04W12/12 ,  H04W88/14

Abstract: Methods, systems, and computer programs for managing mobile device applications are described. In some aspects, a mobile device application is prevented from accessing resources of a wireless network. For example, a wireless network operator system can determine that one or more mobile device applications are disapproved for use in the wireless network. In some implementations, the wireless network operator denies the disapproved mobile device applications access to the wireless network resources. In some implementations, mobile devices disable access to the wireless network by the disapproved mobile device applications.

Abstract translation: 描述了用于管理移动设备应用的方法，系统和计算机程序。 在一些方面，防止移动设备应用访问无线网络的资源。 例如，无线网络运营商系统可以确定一个或多个移动设备应用被拒绝在无线网络中使用。 在一些实现中，无线网络运营商拒绝被拒绝的移动设备应用访问无线网络资源。 在一些实施方式中，移动设备通过拒绝的移动设备应用来禁止对无线网络的访问。

公开(公告)号：WO2012127384A2

公开(公告)日：2012-09-27

申请号：PCT/IB2012/051259

申请日：2012-03-15

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP. ,  LITTLE, Herbert Anthony ,  CAMPAGNA, Matthew John ,  VANSTONE, Scott Alexander ,  BROWN, Daniel Richard L.

Inventor： LITTLE, Herbert Anthony ,  CAMPAGNA, Matthew John ,  VANSTONE, Scott Alexander ,  BROWN, Daniel Richard L.

IPC: H04L9/30 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0844 ,  H04L9/3066 ,  H04L9/3263

Abstract: During generation of an implicit certificate (102, 638) for a requestor (100, 600), a certificate authority (104, 620) incorporates information in the public-key reconstruction data (110), where the public-key reconstruction data is to be used to compute the public key (648) of the requestor. The information may be related to one or more of the requestor, the certificate authority, and the implicit certificate. The certificate authority reversibly encodes the public- key reconstruction data in the implicit certificate and sends it to the requestor. After receiving the implicit certificate from the certificate authority, the requestor can extract the incorporated information from the public-key reconstruction data. The implicit certificate can be made available to a recipient (114, 654), and the recipient can also extract the incorporated information.

Abstract translation: 在为请求者（100,600）生成隐式证书（102,638）期间，证书颁发机构（104,620）将公钥重构数据（110）中的信息合并在一起，其中公钥重构数据为 用于计算请求者的公钥（648）。 信息可能与请求者，证书颁发机构和隐含证书中的一个或多个有关。 认证机构对隐含证书中的公钥重构数据进行可逆编码，并将其发送给请求者。 从认证机构收到隐含证书后，请求者可以从公钥重构数据中提取合并信息。 隐式证书可以提供给收件人（114,654），收件人还可以提取合并的信息。

公开(公告)号：WO2012051076A2

公开(公告)日：2012-04-19

申请号：PCT/US2011/055445

申请日：2011-10-07

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP. ,  CHIDAMBARAM, Avinash ,  CAMPAGNA, Matthew John

Inventor： CHIDAMBARAM, Avinash ,  CAMPAGNA, Matthew John

IPC: G06F21/24

CPC classification number: G06F21/6218 ,  G06F2221/2107

Abstract: A method of securing user credentials in a remote repository is provided. In accordance with one embodiment, there is provided a method comprising generating a first private key and a first public key pair from a registered password; generating a second private key and a second public key pair; generating a storage key from the second private key and the first public key; encrypting a set of credentials using the storage key; creating a encrypted credential signature from the encrypted set of credentials and the first private key; and storing the encrypted set of credentials, the encrypted credential signature, and the second public key in the remote repository.

Abstract translation: 提供了一种在远程存储库中保护用户凭据的方法。 根据一个实施例，提供了一种方法，包括从注册密码生成第一私钥和第一公开密钥对; 生成第二私钥和第二公钥对; 从所述第二私钥和所述第一公钥生成存储密钥; 使用存储密钥加密一组凭证; 从加密的凭证集合和第一私钥中创建加密的凭证签名; 以及将加密的一组凭证，加密凭证签名和第二公钥存储在远程存储库中。

公开(公告)号：WO2011032261A1

公开(公告)日：2011-03-24

申请号：PCT/CA2010/001393

申请日：2010-09-09

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP. ,  LITTLE, Herbert Anthony ,  CAMPAGNA, Matthew John ,  ROSATI, Anthony ,  VANSTONE, Scott Alexander

Inventor： LITTLE, Herbert Anthony ,  CAMPAGNA, Matthew John ,  ROSATI, Anthony ,  VANSTONE, Scott Alexander

IPC: H04L9/32 ,  H04L9/30 ,  H04W12/06

CPC classification number: H04L9/3066 ,  H04L9/3263

Abstract: A method and system for providing and issuing credentials wherein the first credential conforms to a first specified format and incorporates supplemental information to permit a requester or recipient of the first credential to create and utilize a second credential that conforms to a second specified format wherein the second specified format is different from the first specified format

Abstract translation: 一种用于提供和发布凭证的方法和系统，其中所述第一凭证符合第一指定格式并且包括补充信息以允许所述第一凭证的请求者或接收者创建和利用符合第二指定格式的第二凭证，其中所述第二凭证 指定格式与第一个指定格式不同

公开(公告)号：WO2013104070A1

公开(公告)日：2013-07-18

申请号：PCT/CA2013/050013

申请日：2013-01-11

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： BUCKLEY, Michael Eoin ,  ZAVERUCHA, Gregory Marc ,  CAMPAGNA, Matthew John

IPC: H04L9/12 ,  H04L9/00 ,  H04L9/08

CPC classification number: H04L9/08 ,  H04L9/083 ,  H04L9/0869 ,  H04L9/12 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/306 ,  H04L2209/80

Abstract: The present disclosure relates to systems and methods for secure communications. In some aspects, one or more values used to generate an encryption key used to encrypt a packet are stored in a header of the packet. The packet is transmitted with the encrypted data portion in a communication. In some aspects, one or more values used to generate an encryption key are received. The encryption key is regenerated using the one or more values.

Abstract translation: 本公开涉及用于安全通信的系统和方法。 在一些方面，用于生成用于加密分组的加密密钥的一个或多个值被存储在分组的报头中。 在通信中与加密数据部分一起发送分组。 在一些方面，接收用于生成加密密钥的一个或多个值。 使用一个或多个值重新生成加密密钥。

公开(公告)号：WO2013044107A2

公开(公告)日：2013-03-28

申请号：PCT/US2012/056676

申请日：2012-09-21

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： PECEN, Mark E. ,  ANDERSEN, Niels Peter Skov ,  PERIYALWAR, Shalini Suresh ,  CAMPAGNA, Matthew John

IPC: H04W12/08

CPC classification number: H04W12/08 ,  H04L63/1458 ,  H04M3/42 ,  H04W4/16

Abstract: Methods, systems, and computer programs for managing mobile device applications are described. In some aspects, a mobile device application is prevented from accessing resources of a wireless network. For example, a wireless network operator system can determine that one or more mobile device applications are disapproved for use in the wireless network. In some implementations, the wireless network operator denies the disapproved mobile device applications access to the wireless network resources. In some implementations, mobile devices disable access to the wireless network by the disapproved mobile device applications.

Abstract translation: 描述了用于管理移动设备应用的方法，系统和计算机程序。 在一些方面，防止移动设备应用访问无线网络的资源。 例如，无线网络运营商系统可以确定一个或多个移动设备应用被拒绝用于无线网络。 在一些实现中，无线网络运营商拒绝拒登的移动设备应用访问无线网络资源。 在一些实现中，移动设备禁止被拒登的移动设备应用程序访问无线网络。