Patents by Inventor Alexander Truskovsky
Alexander Truskovsky has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8909934Abstract: A certificate enrollment assistant module may be provided to inject a challenge password into a certificate signing request to be sent, to a Certificate Authority, from a computing device. The certificate enrollment assistant module, thereby, acts as a trusted proxy to assist the computing device in building a valid certificate signing request without the computing device having access to the challenge password.Type: GrantFiled: July 29, 2013Date of Patent: December 9, 2014Assignee: BlackBerry LimitedInventors: Alexander Sherkin, Michael Anthony Carrara, Alexander Truskovsky
-
Publication number: 20140337937Abstract: Methods and devices for detecting unauthorized access to credentials of a credential store on a computing device are disclosed herein. In one broad aspect, the method comprises monitoring a plurality of credentials of the credential store accessed within a period associated with a first setting, and responsive to determining that a number of credentials accessed within the period exceeds a threshold associated with a second setting, outputting, in a user interface, an indication of potential unauthorized access to the credential store. In at least one embodiment, each of the credentials accessed within the period is associated with a different user account.Type: ApplicationFiled: May 10, 2013Publication date: November 13, 2014Applicant: RESEARCH IN MOTION LIMITEDInventors: Alexander Truskovsky, Christopher Lyle Bender, Daryl Joseph Martin
-
Publication number: 20140337941Abstract: Methods and devices for providing a warning associated with credentials to be stored in a credential store on a computing device are disclosed herein. In one broad aspect, the method comprises receiving a request to store, in the credential store, at least one credential for a specified service, determining whether a secure connection between the computing device and the specified service is available, associating the specified service with a level of security based on at least one of an availability of the secure connection or one or more properties of the secure connection, and providing a warning in response to determining that at least one credential stored in the credential store corresponds to the at least one credential for the specified service and is for a service that is associated with a level of security different from the level of security with which the specified service is associated.Type: ApplicationFiled: May 10, 2013Publication date: November 13, 2014Applicant: RESEARCH IN MOTION LIMITEDInventors: Jeremy L. Kominar, Neil Patrick Adams, Alexander Truskovsky, Christopher Lyle Bender, Daryl Joseph Martin
-
Publication number: 20140310777Abstract: Methods and systems for enabling activation of a wireless communication device to operate with a server on a wireless communication network. An activation request is pushed from the server to the device, the activation request being authenticated with a signature signed with a server certificate. After the device verifies the activation request using server certificate and signature, a mutually authenticated communication session is established between the device and the server for activation of the device on the server.Type: ApplicationFiled: April 12, 2013Publication date: October 16, 2014Applicant: Research In Motion LimitedInventors: Alexander TRUSKOVSKY, Daryl Joseph MARTIN
-
Patent number: 8844026Abstract: A system and method for controlling access to a secure resource in a device are disclosed. In some embodiments, the device may include a processor capable of receiving a first request from a first application of a plurality of applications executable by the processor, where the first request requests access to the secure resource, and the first request identifies the plurality of applications. In response to the first request, the processor is capable of generating a ticket associated with the secure resource and with each of the plurality of applications, and then storing the ticket in a memory. After receiving a second request from a second application requesting access to the secure resource, the processor is capable of granting the second application access to the secure resource, if the ticket associated with the secure resource exists and if the ticket is associated with the second application.Type: GrantFiled: June 1, 2012Date of Patent: September 23, 2014Assignee: BlackBerry LimitedInventors: Alexander Truskovsky, Neil Patrick Adams, Alexander Sherkin
-
Patent number: 8826007Abstract: To validate a received certificate issuance notification message, a device may verify that the certificate issuance notification message conforms to expected norms or authenticate a signature associate with the certificate issuance notification message. Upon validating, the device may then transmit a uniform resource locator, extracted from the certificate issuance notification message, to a network entity configured for processing certificate issuance.Type: GrantFiled: July 23, 2012Date of Patent: September 2, 2014Assignee: BlackBerry LimitedInventors: Alexander Truskovsky, Van Quy Tu, Cheryl Mok, Shivangi Gandhi, Eli Jackson, Neil Patrick Adams
-
Patent number: 8799634Abstract: Methods and devices for controlling system settings of a computing device are described herein. One example embodiment comprises: determining configuration data associated with a software application, wherein the configuration data identifies one or more new system settings to be temporarily enforced on the computing device during an execution of the software application, and wherein the configuration data is digitally signed; and in response to an initiation of the execution of the software application, reconfiguring system settings on the computing device; wherein the reconfiguring comprises verifying at least one digital signature associated with the digitally signed configuration data; wherein if the at least one digital signature associated with the digitally signed configuration data successfully verifies, then the reconfiguring further comprises temporarily enforcing new system settings for the duration of the execution of the software application.Type: GrantFiled: December 23, 2011Date of Patent: August 5, 2014Assignee: BlackBerry LimitedInventors: Sean Alexander Courtney, Alexander Truskovsky, Neil Patrick Adams
-
Publication number: 20140215206Abstract: A system for providing security services to a mobile device where the mobile device is in communication with a public network through a first network path that is subject to interference by a third party. The system includes a security server and a private network. The security server is operative to communicate with the mobile device through the private network. The security server is also operative to communicate with the public network through a second network path that is less susceptible to the interference by the third party than is the first network path. The security server communicates with the public network through the second network path to provide security services to the mobile device that are delivered over the private network.Type: ApplicationFiled: March 11, 2013Publication date: July 31, 2014Applicants: CERTICOM CORP., RESEARCH IN MOTION LIMITEDInventors: Sean Alexander Courtney, Matthew John Campagna, George Ross Staikos, Alexander Truskovsky
-
Publication number: 20140136834Abstract: A client application, when executed by a processor, is operative to create a HyperText Transfer Protocol (HTTP) request containing a target header that includes a confidential value. The HTTP request is to be sent over a Secure Sockets Layer (SSL) 3.0 connection or a Transport Layer Security (TLS) 1.0 connection to a web server. The client application implements at its HTTP layer a countermeasure to a blockwise chosen-boundary attack. The client application generates an additional header having a header name that is not recognizable by the web server and inserts the additional header into the HTTP request ahead of the target header, thus creating a modified HTTP request. The modified HTTP request is to be sent, instead of the unmodified HTTP request, over the SSL 3.0 connection or the TLS 1.0 connection to the web server.Type: ApplicationFiled: November 14, 2012Publication date: May 15, 2014Applicants: CERTICOM CORP., RESEARCH IN MOTION LIMITEDInventors: Alexander SHERKIN, Gregory Marc ZAVERUCHA, Alexander TRUSKOVSKY, Michael MATOVSKY, Osman Zohaib ARFEEN
-
Patent number: 8701166Abstract: Apparatus, systems, and methods provide a mechanism to enhance the security of operating client devices with systems controlling secure data. Various embodiments include apparatus and methods to authenticate a communication session between a server and a client device without providing authentication tokens to the client device. Additional apparatus, systems, and methods are disclosed.Type: GrantFiled: December 9, 2011Date of Patent: April 15, 2014Assignee: BlackBerry LimitedInventors: Sean Alexander Courtney, Herbert Anthony Little, Alexander Truskovsky
-
Patent number: 8639236Abstract: The disclosure provides a system, method and device for controlling function on an electronic device. The method comprises: receiving a communication from a communication network at the first device, the communication addressed to an account accessed by the first device and providing a first request for a meeting, a start time for the meeting and a second request to control a function of the first device for the meeting; identifying a component on the first device associated with the function; and deactivating the component when the start time arrives on the first device.Type: GrantFiled: August 12, 2011Date of Patent: January 28, 2014Assignee: BlackBerry LimitedInventors: Alexander Truskovsky, Shivangi Anantrupa Gandhi, Lei Zhang
-
Publication number: 20130326614Abstract: A system and method for controlling access to a secure resource in a device are disclosed. In some embodiments, the device may include a processor capable of receiving a first request from a first application of a plurality of applications executable by the processor, where the first request requests access to the secure resource, and the first request identifies the plurality of applications. In response to the first request, the processor is capable of generating a ticket associated with the secure resource and with each of the plurality of applications, and then storing the ticket in a memory. After receiving a second request from a second application requesting access to the secure resource, the processor is capable of granting the second application access to the secure resource, if the ticket associated with the secure resource exists and if the ticket is associated with the second application.Type: ApplicationFiled: June 1, 2012Publication date: December 5, 2013Applicant: RESEARCH IN MOTION LIMITEDInventors: Alexander Truskovsky, Neil Patrick Adams, Alexander Sherkin
-
Publication number: 20130311779Abstract: A certificate enrolment assistant module may be provided to inject a challenge password into a certificate signing request to be sent, to a Certificate Authority, from a computing device. The certificate enrolment assistant module, thereby, acts as a trusted proxy to assist the computing device in building a valid certificate signing request without the computing device having access to the challenge password.Type: ApplicationFiled: July 29, 2013Publication date: November 21, 2013Applicant: BlackBerry LimitedInventors: Alexander SHERKIN, Michael Anthony CARRARA, Alexander Truskovsky
-
Patent number: 8522035Abstract: A certificate enrollment assistant module may be provided to inject a challenge password into a certificate signing request to be sent, to a Certificate Authority, from a computing device. The certificate enrollment assistant module, thereby, acts as a trusted proxy to assist the computing device in building a valid certificate signing request without the computing device having access to the challenge password.Type: GrantFiled: February 9, 2012Date of Patent: August 27, 2013Assignee: BlackBerry LimitedInventors: Alexander Sherkin, Michael Carrara, Alexander Truskovsky
-
Publication number: 20130166899Abstract: Methods and devices for controlling system settings of a computing device are described herein. One example embodiment comprises: determining configuration data associated with a software application, wherein the configuration data identifies one or more new system settings to be temporarily enforced on the computing device during an execution of the software application, and wherein the configuration data is digitally signed; and in response to an initiation of the execution of the software application, reconfiguring system settings on the computing device; wherein the reconfiguring comprises verifying at least one digital signature associated with the digitally signed configuration data; wherein if the at least one digital signature associated with the digitally signed configuration data successfully verifies, then the reconfiguring further comprises temporarily enforcing new system settings for the duration of the execution of the software application.Type: ApplicationFiled: December 23, 2011Publication date: June 27, 2013Applicant: RESEARCH IN MOTION LIMITEDInventors: Sean Alexander Courtney, Alexander Truskovsky, Neil Patrick Adams
-
Publication number: 20130152176Abstract: Apparatus, systems, and methods provide a mechanism to enhance the security of operating client devices with systems controlling secure data. Various embodiments include apparatus and methods to authenticate a communication session between a server and a client device without providing authentication tokens to the client device. Additional apparatus, systems, and methods are disclosed.Type: ApplicationFiled: December 9, 2011Publication date: June 13, 2013Inventors: Sean Alexander Courtney, Herbert Anthony Little, Alexander Truskovsky
-
Publication number: 20130073856Abstract: A certificate enrollment assistant module may be provided to inject a challenge password into a certificate signing request to be sent, to a Certificate Authority, from a computing device. The certificate enrollment assistant module, thereby, acts as a trusted proxy to assist the computing device in building a valid certificate signing request without the computing device having access to the challenge password.Type: ApplicationFiled: February 9, 2012Publication date: March 21, 2013Applicant: RESEARCH IN MOTION LIMITEDInventors: Alexander SHERKIN, Michael CARRARA, Alexander Truskovsky
-
Patent number: 8397274Abstract: A system, devices and methods for verifying an administrator computing device to a guest computing device, verifying the guest device to the administrator device and outputting a list of the guest device capabilities for the administrator device such that the guest device is capable of verifying the administrator device, for example to ensure it does not divulge its capabilities to imposters, and the administrator device is capable of identifying whether the list of device capabilities is authentic. Verification can be achieved through cryptographic hashes of private certificates, digital signatures or expected output from verified modules. The list of device capabilities may be restricted based on the authorization granted to the administrator computer and may be altered or watermarked for verification. A failure to verify the administrator device may restrict execution of instructions on the guest device to prevent unauthorized access to the guest device's capabilities.Type: GrantFiled: July 13, 2010Date of Patent: March 12, 2013Assignee: Research In Motion LimitedInventors: Sean Alexander Courtney, Eli Omen Jackson, Alexander Truskovsky
-
Publication number: 20130040631Abstract: The disclosure provides a system, method and device for controlling function on an electronic device. The method comprises: receiving a communication from a communication network at the first device, the communication addressed to an account accessed by the first device and providing a first request for a meeting, a start time for the meeting and a second request to control a function of the first device for the meeting; identifying a component on the first device associated with the function; and deactivating the component when the start time arrives on the first device.Type: ApplicationFiled: August 12, 2011Publication date: February 14, 2013Inventors: Alexander Truskovsky, Shivangi Anantrupa Gandhi, Lei Zhang
-
Publication number: 20120290835Abstract: To validate a received certificate issuance notification message, a device may verify that the certificate issuance notification message conforms to expected norms or authenticate a signature associate with the certificate issuance notification message. Upon validating, the device may then transmit a uniform resource locator, extracted from the certificate issuance notification message, to a network entity configured for processing certificate issuance.Type: ApplicationFiled: July 23, 2012Publication date: November 15, 2012Applicant: RESEARCH IN MOTION LIMITEDInventors: Alexander Truskovsky, Van Quy Tu, Cheryl Mok, Shivangi Gandhi, Eli Jackson, Neil Patrick Adams