Patents by Inventor Christopher Lyle Bender
Christopher Lyle Bender has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9698975Abstract: There is provided a method and apparatus for resetting a password for a device or managing the device, the device having an encryption perimeter. A device shares a public/private key pair with a server, the public key being on the device and the private key being on the server. An intermediate value is encrypted on the mobile device using the public key. If the password is lost or the device needs to be managed, the server can request the encrypted intermediate value, decrypt it, and send the decrypted value to the mobile device which may then resume operations. A new password may be provided by the server or the user may set a new password once the encryption key is recreated from the decrypted intermediate value.Type: GrantFiled: February 15, 2012Date of Patent: July 4, 2017Assignees: BlackBerry Limited, 2236008 Ontario Inc.Inventors: Sivakumar Nagarajan, Srdan Dikic, Mark A. McConnaughay, Christopher Lyle Bender, Marius Bozsitz
-
Patent number: 9613219Abstract: In some implementations, a method of managing access to resources in a single device including receiving, from a first resource assigned to a first perimeter, a request to access a second resource assigned to a second perimeter different from the first perimeter. The single device includes the first perimeter and the second perimeter. Whether access to the second resource is prohibited is determined based on a management policy for the first perimeter. The management policy defining one or more rules for accessing resources assigned to the second perimeter including the second resource.Type: GrantFiled: November 10, 2011Date of Patent: April 4, 2017Assignees: BlackBerry Limited, 2236008 Ontario Inc.Inventors: Geordon Thomas Ferguson, Christopher Lyle Bender, Alberto Daniel Zubiri, Kenneth Cyril Schneider, Oliver Whitehouse, Christopher William Lewis Hobbs
-
Patent number: 9563780Abstract: In some implementations, a method of managing access to resources in a single device including receiving, from a first resource assigned to a first perimeter, a request to access a second resource assigned to a second perimeter different from the first perimeter. The single device includes the first perimeter and the second perimeter. Whether access to the second resource is prohibited is determined based on a management policy for the first perimeter. The management policy defining one or more rules for accessing resources assigned to the second perimeter including the second resource.Type: GrantFiled: November 10, 2011Date of Patent: February 7, 2017Assignees: BlackBerry Limited, 2236008 Ontario Inc.Inventors: Geordon Thomas Ferguson, Christopher Lyle Bender, Alberto Daniel Zubiri, Kenneth Cyril Schneider, Oliver Whitehouse, Christopher William Lewis Hobbs
-
Patent number: 9531731Abstract: A method, device and system for establishing plural modes of operation on a mobile device, including: associating each application on the mobile device with one of a plurality of modes; and restricting access to data on the mobile device to only a subset of applications based on the mode associated for the each application. A system includes connection of an untrusted device to a trusted device and restricting data access for restricted data to a subset of trusted applications on the untrusted device.Type: GrantFiled: September 28, 2015Date of Patent: December 27, 2016Assignee: BlackBerry LimitedInventors: Christopher Lyle Bender, Herbert Anthony Little, Michael Kenneth Brown, Michael Stephen Brown
-
Publication number: 20160373452Abstract: Some aspects of what is described here relate to managing the use of network resources on a mobile device. User input received at the device indicates whether to allow an application associated with a first perimeter on the device to access a network resource associated with a second perimeter on the device. For example, in some instances user input may indicate whether to allow data from applications associated with a personal perimeter on the device to be transmitted over an enterprise communication system. When outbound data associated with the first perimeter are received, the device determines, according to the indication from the user input, whether to route the outbound data to the network resource associated with the second perimeter.Type: ApplicationFiled: June 13, 2016Publication date: December 22, 2016Inventors: Christopher RYERSON, Christopher Lyle Bender, Michael Thomas Winkler, David Bukurak, Benjamin Altman
-
Patent number: 9525999Abstract: A method for securely transferring a service from a first mobile device to a second mobile device, the service being associated with a server configured for facilitating provisioning of services to mobile devices over a wireless communications network. The method includes generating in the first mobile device a shared key, the shared key being generated using a master key unique to the server and to the first mobile device, the master key being accessible by the server and by the first mobile device; and sending said shared key from the first mobile device to the second mobile device using an alternate communication mechanism independent from the server.Type: GrantFiled: December 21, 2009Date of Patent: December 20, 2016Assignee: BlackBerry LimitedInventors: James Andrew Godfrey, Herbert Anthony Little, Christopher Lyle Bender, Connor Patrick O'Rourke
-
Patent number: 9519765Abstract: A method for differentiated access control on a computing device, and the computing device, the method including starting a timer on the computing device; resetting the timer if activity occurs on the computing device prior to the expiration of the timer; and preventing a subset of applications from being launched or enabled on expiry of the timer.Type: GrantFiled: June 1, 2015Date of Patent: December 13, 2016Assignee: BlackBerry LimitedInventors: Michael Kenneth Brown, Christopher Lyle Bender, Herbert Anthony Little
-
Publication number: 20160337862Abstract: In some implementations, a method includes receiving, from a user of a first device, a request to enable access, through a second device, to a server resource account of an enterprise. The first device includes a first enterprise perimeter including an internal resource and a first enterprise identifier and configured to prevent external resources from accessing the internal resource. A request is wirelessly transmit, to the second device, to the second device for a second enterprise identifier assigned to a second enterprise perimeter included in the second device. Whether to grant access to the internal resource is determined based on a first enterprise identifier assigned to the first device and a second enterprise identifier assigned to the second device.Type: ApplicationFiled: July 25, 2016Publication date: November 17, 2016Inventors: Christopher Lyle Bender, Graham Russell, Natalie Michelle Silvanovich
-
Publication number: 20160314310Abstract: A computing device and a method for a computing device to control access to data stored on a data store of the device. An access component of the device having control over access to the data. The access component being operative to receive a request for data from a requesting component, identify an assigned access domain of the requesting component and an assigned data domain of the requested data and determine whether the requesting component is authorized to access the data by comparing the assigned access domain and the data domain with permissions specified in a security policy. If the assigned access domain is authorized to access the data domain, the access component may provide access to the requested data.Type: ApplicationFiled: December 28, 2015Publication date: October 27, 2016Applicant: BlackBerry LimitedInventors: Christopher Lyle BENDER, Van Quy Tu, Daniel Jonas Major, Jonathan Raymond Cardy
-
Patent number: 9479339Abstract: In one illustrative scenario, a mobile device receives configuration information which includes information for use in constructing a request message for obtaining a digital certificate from a certificate authority (CA). After receipt of the configuration information, the mobile device constructs the request message for the digital certificate and causes it to be sent to a host server of a communication network. In response, the host server requests and obtains the digital certificate from the CA on behalf of the mobile device, and thereafter “pushes” the received digital certificate to the mobile device. The mobile device receives the digital certificate and stores it for use in subsequent communications. The host server may be part of a local area network (LAN) which includes a wireless LAN (WLAN) adapted to authenticate the mobile device based on the digital certificate, so that the mobile device may obtain access to the WLAN.Type: GrantFiled: February 29, 2008Date of Patent: October 25, 2016Assignee: BLACKBERRY LIMITEDInventors: Christopher Lyle Bender, Sam Cheng-Fu Shih, Neil Patrick Adams
-
Patent number: 9479928Abstract: Often, for reasons of wireless bandwidth conservation, incomplete messages are provided to wireless messaging devices. Employing cryptography, for secrecy or authentication purposes, when including a received message that has been incompletely received can lead to lack of context on the receiver's end. By automatically obtaining the entirety of the message to be included, an outgoing message that includes the received message can be processed in a manner that securely and accurately represents the intended outgoing message. Alternatively, a server can assemble a composite message from a new message and an original message and, in cooperation with a wireless messaging device, encrypt and sign the composite message. Conveniently, security considerations are maintained even in view of bandwidth optimization measures.Type: GrantFiled: November 15, 2011Date of Patent: October 25, 2016Assignee: BlackBerry LimitedInventors: Nikhil Vats, Alexander Sherkin, Ravi Singh, Neil Patrick Adams, Christopher Lyle Bender
-
Publication number: 20160306987Abstract: A method for differentiated access control on a computing device having a connection with a second device, the method checking whether a timer has expired on the second device or if a connection is lost to the second device; and preventing at least one of the plurality of application subsets from being launched or enabled if the timer has expired on the second device or the connection is lost to the second device.Type: ApplicationFiled: June 27, 2016Publication date: October 20, 2016Inventors: Michael Kenneth BROWN, Christopher Lyle BENDER, Herbert Anthony LITTLE, Michael Stephen BROWN
-
Patent number: 9419997Abstract: Methods and systems for mitigating the effects of a malicious software application are disclosed. A dedicated module on the computing device receives from a malicious software detector a message indicating whether the application is malicious or has a malicious component. The dedicated module obtains a set of permissions to be granted to the application, and instructs software on the computing device that controls the permissions of the application to grant the set of permissions.Type: GrantFiled: August 29, 2014Date of Patent: August 16, 2016Assignee: BlackBerry LimitedInventors: Oliver Whitehouse, Michael Grant Kirkup, Christopher Lyle Bender, Michael Kenneth Brown
-
Patent number: 9402184Abstract: In some implementations, a method includes receiving, from a user of a first device, a request to enable access, through a second device, to a server resource account of an enterprise. The first device includes a first enterprise perimeter including an internal resource and a first enterprise identifier and configured to prevent external resources from accessing the internal resource. A request is wirelessly transmit, to the second device, to the second device for a second enterprise identifier assigned to a second enterprise perimeter included in the second device. Whether to grant access to the internal resource is determined based on a first enterprise identifier assigned to the first device and a second enterprise identifier assigned to the second device.Type: GrantFiled: October 12, 2015Date of Patent: July 26, 2016Assignee: BlackBerry LimitedInventors: Christopher Lyle Bender, Graham Russell, Natalie Michelle Silvanovich
-
Patent number: 9384342Abstract: Methods and devices for providing a warning associated with credentials to be stored in a credential store on a computing device are disclosed herein. In one broad aspect, the method comprises receiving a request to store, in the credential store, at least one credential for a specified service, determining whether a secure connection between the computing device and the specified service is available, associating the specified service with a level of security based on at least one of an availability of the secure connection or one or more properties of the secure connection, and providing a warning in response to determining that at least one credential stored in the credential store corresponds to the at least one credential for the specified service and is for a service that is associated with a level of security different from the level of security with which the specified service is associated.Type: GrantFiled: May 10, 2013Date of Patent: July 5, 2016Assignee: BLACKBERRY LIMITEDInventors: Jeremy L. Kominar, Neil Patrick Adams, Alexander Truskovsky, Christopher Lyle Bender, Daryl Joseph Martin
-
Patent number: 9378394Abstract: A method for differentiated access control on a computing device having a connection with a second device, the method checking whether a timer has expired on the second device or if a connection is lost to the second device; and preventing at least one of the plurality of application subsets from being launched or enabled if the timer has expired on the second device or the connection is lost to the second device.Type: GrantFiled: September 23, 2011Date of Patent: June 28, 2016Assignee: BlackBerry LimitedInventors: Michael Kenneth Brown, Christopher Lyle Bender, Herbert Anthony Little, Michael Stephen Brown
-
Patent number: 9369466Abstract: Some aspects of what is described here relate to managing the use of network resources on a mobile device. User input received at the device indicates whether to allow an application associated with a first perimeter on the device to access a network resource associated with a second perimeter on the device. For example, in some instances user input may indicate whether to allow data from applications associated with a personal perimeter on the device to be transmitted over an enterprise communication system. When outbound data associated with the first perimeter are received, the device determines, according to the indication from the user input, whether to route the outbound data to the network resource associated with the second perimeter.Type: GrantFiled: June 21, 2012Date of Patent: June 14, 2016Assignee: BlackBerry LimitedInventors: Christopher Maybee Ryerson, Christopher Lyle Bender, Michael Thomas Winkler, David Bukurak, Benjamin Altman
-
Publication number: 20160157055Abstract: A communication device includes a display screen upon which information is displayed. A microprocessor configured to execute at least one notification program is provided that displays a notification descriptive of an access control request on the display screen. The at least one notification program is programmed to receive data indicative of an access control request and to receive data descriptive of the access control request. Additionally, the at least one notification program is further programmed to display a notification indicative of the access control request and comprising an explanation of the access control request based on the received descriptive data.Type: ApplicationFiled: February 8, 2016Publication date: June 2, 2016Inventors: Christopher Lyle BENDER, Michael Grant KIRKUP, Michael Kenneth BROWN, Radu Alexandru MANEA, Brian Alexander ZUBERT
-
Patent number: 9342699Abstract: A method and apparatus for controlling access to encrypted data is provided. The device comprises: a processor and a memory, the processor configured to: control access to encrypted data, stored at the memory, the encrypted data categorized according to a plurality of categories, using a respective encryption key for each category in the plurality of categories; and, control access to a given encryption key according to given criteria associated with a given category, respective criteria different for each respective category, access to the given encryption key including one or more of, when the respective criteria are met: generating the given encryption key and decrypting the given encryption key.Type: GrantFiled: November 6, 2013Date of Patent: May 17, 2016Assignees: BLACKBERRY LIMITED, 2236008 ONTARIO INC.Inventors: Roger Paul Bowman, Sivakumar Nagarajan, Christopher Lyle Bender, Timothy Lee Segato
-
Patent number: 9294470Abstract: Plural modes of operation may be established on a mobile device. Specific modes of operation of the mobile device may be associated with specific spaces in memory. By associating the existing certificate store structure and key store structure with a mode of operation, certificates and keys can be assigned to one space among plural spaces. Furthermore, management (viewing/importation/deletion) of certificates associated with specific modes of operation may be controlled based on the presence or absence of a mobile device administration server and the status (enabled/disabled) of an IT policy.Type: GrantFiled: November 18, 2014Date of Patent: March 22, 2016Assignee: BlackBerry LimitedInventors: Christopher Lyle Bender, John Vincent Storozuk, Alan Pak-Lun Ho, Chi Chiu Tse