Patents by Inventor Alexander Truskovsky

Alexander Truskovsky has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10075438
    Abstract: Methods and systems for enabling activation of a wireless communication device to operate with a server on a wireless communication network. An activation request to establish a wireless communication service relationship between the device and the server is pushed from the server to the device. After the device verifies the server, a mutually authenticated communication session is established between the device and the server for activation of the device on the server.
    Type: Grant
    Filed: June 6, 2016
    Date of Patent: September 11, 2018
    Assignee: BlackBerry Limited
    Inventors: Alexander Truskovsky, Daryl Joseph Martin
  • Patent number: 9794249
    Abstract: In a general aspect, a digital certificate can be used with multiple cryptography systems (“cryptosystems”). In some cases, the digital certificate includes a public key field, which contains a first public key of an entity. The first public key of the entity is associated with a first cryptosystem. The digital certificate includes a signature value field, which contains a first digital signature of a certificate authority. The first digital signature is associated with the first cryptosystem. The digital certificate includes an extension. The extension contains a second public key of the entity, a second digital signature of the certificate authority or both. The second public key is associated with a second cryptosystem, and the second digital signature is associated with the second cryptosystem.
    Type: Grant
    Filed: April 6, 2017
    Date of Patent: October 17, 2017
    Assignee: ISARA Corporation
    Inventors: Alexander Truskovsky, Atsushi Yamada, Michael Kenneth Brown, Gustav Michael Gutoski
  • Patent number: 9660978
    Abstract: In a general aspect, a digital certificate can be used with multiple cryptography systems (“cryptosystems”). In some cases, the digital certificate includes a public key field, which contains a first public key of an entity. The first public key of the entity is associated with a first cryptosystem. The digital certificate includes a signature value field, which contains a first digital signature of a certificate authority. The first digital signature is associated with the first cryptosystem. The digital certificate includes an extension. The extension contains a second public key of the entity, a second digital signature of the certificate authority or both. The second public key is associated with a second cryptosystem, and the second digital signature is associated with the second cryptosystem.
    Type: Grant
    Filed: August 8, 2016
    Date of Patent: May 23, 2017
    Assignee: ISARA Corporation
    Inventors: Alexander Truskovsky, Atsushi Yamada, Michael Kenneth Brown, Gustav Michael Gutoski
  • Patent number: 9473309
    Abstract: A system for providing security services to a mobile device where the mobile device is in communication with a public network through a first network path that is subject to interference by a third party. The system includes a security server and a private network. The security server is operative to communicate with the mobile device through the private network. The security server is also operative to communicate with the public network through a second network path that is less susceptible to the interference by the third party than is the first network path. The security server communicates with the public network through the second network path to provide security services to the mobile device that are delivered over the private network.
    Type: Grant
    Filed: March 11, 2013
    Date of Patent: October 18, 2016
    Assignees: BlackBerry Limited, Certicom Corp.
    Inventors: Sean Alexander Courtney, Matthew John Campagna, George Ross Staikos, Alexander Truskovsky
  • Publication number: 20160285869
    Abstract: Methods and systems for enabling activation of a wireless communication device to operate with a server on a wireless communication network. An activation request to establish a wireless communication service relationship between the device and the server is pushed from the server to the device. After the device verifies the server, a mutually authenticated communication session is established between the device and the server for activation of the device on the server.
    Type: Application
    Filed: June 6, 2016
    Publication date: September 29, 2016
    Applicant: BlackBerry Limited
    Inventors: Alexander Truskovsky, Daryl Joseph Martin
  • Patent number: 9384341
    Abstract: A system and method for controlling access to a secure resource in a device are disclosed. In some embodiments, the device may include a processor capable of receiving a first request from a first application of a plurality of applications executable by the processor, where the first request requests access to the secure resource, and the first request identifies the plurality of applications. In response to the first request, the processor is capable of generating a ticket associated with the secure resource and with each of the plurality of applications, and then storing the ticket in a memory. After receiving a second request from a second application requesting access to the secure resource, the processor is capable of granting the second application access to the secure resource, if the ticket associated with the secure resource exists and if the ticket is associated with the second application.
    Type: Grant
    Filed: September 15, 2014
    Date of Patent: July 5, 2016
    Assignee: BLACKBERRY LIMITED
    Inventors: Alexander Truskovsky, Neil Patrick Adams, Alexander Sherkin
  • Patent number: 9384342
    Abstract: Methods and devices for providing a warning associated with credentials to be stored in a credential store on a computing device are disclosed herein. In one broad aspect, the method comprises receiving a request to store, in the credential store, at least one credential for a specified service, determining whether a secure connection between the computing device and the specified service is available, associating the specified service with a level of security based on at least one of an availability of the secure connection or one or more properties of the secure connection, and providing a warning in response to determining that at least one credential stored in the credential store corresponds to the at least one credential for the specified service and is for a service that is associated with a level of security different from the level of security with which the specified service is associated.
    Type: Grant
    Filed: May 10, 2013
    Date of Patent: July 5, 2016
    Assignee: BLACKBERRY LIMITED
    Inventors: Jeremy L. Kominar, Neil Patrick Adams, Alexander Truskovsky, Christopher Lyle Bender, Daryl Joseph Martin
  • Patent number: 9363669
    Abstract: Methods and systems for enabling activation of a wireless communication device to operate with a server on a wireless communication network. An activation request is pushed from the server to the device, the activation request being authenticated with a signature signed with a server certificate. After the device verifies the activation request using server certificate and signature, a mutually authenticated communication session is established between the device and the server for activation of the device on the server.
    Type: Grant
    Filed: April 12, 2013
    Date of Patent: June 7, 2016
    Assignee: BlackBerry Limited
    Inventors: Alexander Truskovsky, Daryl Joseph Martin
  • Patent number: 9292314
    Abstract: Methods and devices for controlling system settings of a computing device are described herein. One example embodiment comprises: determining configuration data associated with a software application, wherein the configuration data identifies one or more new system settings to be temporarily enforced on the computing device during an execution of the software application, and wherein the configuration data is digitally signed; and in response to an initiation of the execution of the software application, reconfiguring system settings on the computing device; wherein the reconfiguring comprises verifying at least one digital signature associated with the digitally signed configuration data; wherein if the at least one digital signature associated with the digitally signed configuration data successfully verifies, then the reconfiguring further comprises temporarily enforcing new system settings for the duration of the execution of the software application.
    Type: Grant
    Filed: July 24, 2014
    Date of Patent: March 22, 2016
    Assignee: BLACKBERRY LIMITED
    Inventors: Neil Patrick Adams, Sean Alexander Courtney, Alexander Truskovsky
  • Patent number: 9264235
    Abstract: A device and method are provided for a device that authenticates a server over a network. The device and method are operable to contact the server to initiate a handshaking operation. The device receives certificate information and handshaking information from the server. The device completes the handshaking operations to establish the connection with the server. The device downloads the content from the server through the connection before authenticating the server to establish a secure connection. In some aspects, the device may display a portion of the downloaded content before the server is authenticated.
    Type: Grant
    Filed: November 16, 2010
    Date of Patent: February 16, 2016
    Assignee: BlackBerry Limited
    Inventors: Alexander Truskovsky, Neil Patrick Adams, Eli Omen Jackson
  • Patent number: 9088556
    Abstract: Methods and devices for detecting unauthorized access to credentials of a credential store on a computing device are disclosed herein. In one broad aspect, the method comprises monitoring a plurality of credentials of the credential store accessed within a period associated with a first setting, and responsive to determining that a number of credentials accessed within the period exceeds a threshold associated with a second setting, outputting, in a user interface, an indication of potential unauthorized access to the credential store. In at least one embodiment, each of the credentials accessed within the period is associated with a different user account.
    Type: Grant
    Filed: May 10, 2013
    Date of Patent: July 21, 2015
    Assignee: BlackBerry Limited
    Inventors: Alexander Truskovsky, Christopher Lyle Bender, Daryl Joseph Martin
  • Patent number: 8996855
    Abstract: A client application, when executed by a processor, is operative to create a HyperText Transfer Protocol (HTTP) request containing a target header that includes a confidential value. The HTTP request is to be sent over a Secure Sockets Layer (SSL) 3.0 connection or a Transport Layer Security (TLS) 1.0 connection to a web server. The client application implements at its HTTP layer a countermeasure to a blockwise chosen-boundary attack. The client application generates an additional header having a header name that is not recognizable by the web server and inserts the additional header into the HTTP request ahead of the target header, thus creating a modified HTTP request. The modified HTTP request is to be sent, instead of the unmodified HTTP request, over the SSL 3.0 connection or the TLS 1.0 connection to the web server.
    Type: Grant
    Filed: November 14, 2012
    Date of Patent: March 31, 2015
    Assignees: BlackBerry Limited, Certicom Corp.
    Inventors: Alexander Sherkin, Gregory Marc Zaverucha, Alexander Truskovsky, Michael Matovsky, Osman Zohaib Arfeen
  • Publication number: 20150019857
    Abstract: Methods and devices for controlling system settings of a computing device are described herein. One example embodiment comprises: determining configuration data associated with a software application, wherein the configuration data identifies one or more new system settings to be temporarily enforced on the computing device during an execution of the software application, and wherein the configuration data is digitally signed; and in response to an initiation of the execution of the software application, reconfiguring system settings on the computing device; wherein the reconfiguring comprises verifying at least one digital signature associated with the digitally signed configuration data; wherein if the at least one digital signature associated with the digitally signed configuration data successfully verifies, then the reconfiguring further comprises temporarily enforcing new system settings for the duration of the execution of the software application.
    Type: Application
    Filed: July 24, 2014
    Publication date: January 15, 2015
    Inventors: Neil Patrick Adams, Sean Alexander Courtney, Alexander Truskovsky
  • Publication number: 20150012305
    Abstract: A method, performed by a mobile device, for managing electronic tickets, the method comprising receiving an electronic ticket, identifying private information and public information on the ticket, and displaying the ticket on a display of the mobile device to show only the public information of the ticket. A related method entails displaying an electronic ticket, receiving input to provide payment credentials in relation to the electronic ticket, and transmitting the payment credentials via a short-range transceiver on the mobile device.
    Type: Application
    Filed: July 3, 2013
    Publication date: January 8, 2015
    Inventors: Alexander TRUSKOVSKY, Daryl Joseph MARTIN, Michael MATOVSKY
  • Publication number: 20150007310
    Abstract: A system and method for controlling access to a secure resource in a device are disclosed. In some embodiments, the device may include a processor capable of receiving a first request from a first application of a plurality of applications executable by the processor, where the first request requests access to the secure resource, and the first request identifies the plurality of applications. In response to the first request, the processor is capable of generating a ticket associated with the secure resource and with each of the plurality of applications, and then storing the ticket in a memory. After receiving a second request from a second application requesting access to the secure resource, the processor is capable of granting the second application access to the secure resource, if the ticket associated with the secure resource exists and if the ticket is associated with the second application.
    Type: Application
    Filed: September 15, 2014
    Publication date: January 1, 2015
    Inventors: Alexander Truskovsky, Neil Patrick Adams, Alexander Sherkin
  • Patent number: 8909934
    Abstract: A certificate enrollment assistant module may be provided to inject a challenge password into a certificate signing request to be sent, to a Certificate Authority, from a computing device. The certificate enrollment assistant module, thereby, acts as a trusted proxy to assist the computing device in building a valid certificate signing request without the computing device having access to the challenge password.
    Type: Grant
    Filed: July 29, 2013
    Date of Patent: December 9, 2014
    Assignee: BlackBerry Limited
    Inventors: Alexander Sherkin, Michael Anthony Carrara, Alexander Truskovsky
  • Publication number: 20140337937
    Abstract: Methods and devices for detecting unauthorized access to credentials of a credential store on a computing device are disclosed herein. In one broad aspect, the method comprises monitoring a plurality of credentials of the credential store accessed within a period associated with a first setting, and responsive to determining that a number of credentials accessed within the period exceeds a threshold associated with a second setting, outputting, in a user interface, an indication of potential unauthorized access to the credential store. In at least one embodiment, each of the credentials accessed within the period is associated with a different user account.
    Type: Application
    Filed: May 10, 2013
    Publication date: November 13, 2014
    Applicant: RESEARCH IN MOTION LIMITED
    Inventors: Alexander Truskovsky, Christopher Lyle Bender, Daryl Joseph Martin
  • Publication number: 20140337941
    Abstract: Methods and devices for providing a warning associated with credentials to be stored in a credential store on a computing device are disclosed herein. In one broad aspect, the method comprises receiving a request to store, in the credential store, at least one credential for a specified service, determining whether a secure connection between the computing device and the specified service is available, associating the specified service with a level of security based on at least one of an availability of the secure connection or one or more properties of the secure connection, and providing a warning in response to determining that at least one credential stored in the credential store corresponds to the at least one credential for the specified service and is for a service that is associated with a level of security different from the level of security with which the specified service is associated.
    Type: Application
    Filed: May 10, 2013
    Publication date: November 13, 2014
    Applicant: RESEARCH IN MOTION LIMITED
    Inventors: Jeremy L. Kominar, Neil Patrick Adams, Alexander Truskovsky, Christopher Lyle Bender, Daryl Joseph Martin
  • Publication number: 20140310777
    Abstract: Methods and systems for enabling activation of a wireless communication device to operate with a server on a wireless communication network. An activation request is pushed from the server to the device, the activation request being authenticated with a signature signed with a server certificate. After the device verifies the activation request using server certificate and signature, a mutually authenticated communication session is established between the device and the server for activation of the device on the server.
    Type: Application
    Filed: April 12, 2013
    Publication date: October 16, 2014
    Applicant: Research In Motion Limited
    Inventors: Alexander TRUSKOVSKY, Daryl Joseph MARTIN
  • Patent number: 8844026
    Abstract: A system and method for controlling access to a secure resource in a device are disclosed. In some embodiments, the device may include a processor capable of receiving a first request from a first application of a plurality of applications executable by the processor, where the first request requests access to the secure resource, and the first request identifies the plurality of applications. In response to the first request, the processor is capable of generating a ticket associated with the secure resource and with each of the plurality of applications, and then storing the ticket in a memory. After receiving a second request from a second application requesting access to the secure resource, the processor is capable of granting the second application access to the secure resource, if the ticket associated with the secure resource exists and if the ticket is associated with the second application.
    Type: Grant
    Filed: June 1, 2012
    Date of Patent: September 23, 2014
    Assignee: BlackBerry Limited
    Inventors: Alexander Truskovsky, Neil Patrick Adams, Alexander Sherkin