Patents by Inventor Johnathan George WHITE
Johnathan George WHITE has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11954203Abstract: Methods and devices for determining whether a mobile device has been compromised. The mobile device has a managed portion of memory and an unmanaged portion of memory, a managed profile and an unmanaged profile, and the managed profile includes files stored in the managed portion of memory and the unmanaged profile includes files stored in the unmanaged portion of memory. The managed profile is governed by a device policy set by a remote administrator. File tree structure information for the unmanaged profile of the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in the unmanaged portion of memory. It is determined from the file tree structure information that the mobile device has been compromised and, based on that determination, an action is taken.Type: GrantFiled: February 1, 2023Date of Patent: April 9, 2024Assignee: BlackBerry LimitedInventors: Chang Fung Yang, Robert Joseph Lombardi, Chi Hing Ng, Johnathan George White
-
Publication number: 20230224307Abstract: Methods and devices for determining whether a mobile device has been compromised. File tree structure information for the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in a portion of memory. The file tree structure information is analyzed to determine that the mobile device has been compromised, has not been compromised, or might be compromised. Based on determining that the mobile device might be compromised, the mobile device is instructed to execute a restricted action. If the restricted action occurs on the mobile device then it is determined that the mobile device has been compromised. Based on that determination, an action is taken.Type: ApplicationFiled: March 14, 2023Publication date: July 13, 2023Applicant: BlackBerry LimitedInventors: Chang Fung YANG, Robert Joseph LOMBARDI, Chi Hing NG, Johnathan George WHITE
-
Publication number: 20230185914Abstract: Methods and devices for determining whether a mobile device has been compromised. The mobile device has a managed portion of memory and an unmanaged portion of memory, a managed profile and an unmanaged profile, and the managed profile includes files stored in the managed portion of memory and the unmanaged profile includes files stored in the unmanaged portion of memory. The managed profile is governed by a device policy set by a remote administrator. File tree structure information for the unmanaged profile of the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in the unmanaged portion of memory. It is determined from the file tree structure information that the mobile device has been compromised and, based on that determination, an action is taken.Type: ApplicationFiled: February 1, 2023Publication date: June 15, 2023Applicant: BlackBerry LimitedInventors: Chang Fung YANG, Robert Joseph LOMBARDI, Chi Hing NG, Johnathan George WHITE
-
Patent number: 11645402Abstract: Methods and devices for determining whether a computing device has been compromised. File tree structure information for the computing device is obtained that details at least a portion of a tree-based structure of folders and files in a memory on the computing device. It is then determined from the file tree structure information that the computing device is compromised and, based on the determination that the computing device has been compromised, an action is taken.Type: GrantFiled: August 15, 2019Date of Patent: May 9, 2023Assignee: BlackBerry LimitedInventors: Chang Fung Yang, Chi Hing Ng, Robert Joseph Lombardi, Johnathan George White
-
Patent number: 11632377Abstract: Methods and devices for determining whether a mobile device has been compromised. File tree structure information for the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in a portion of memory. The file tree structure information is analyzed to determine that the mobile device has been compromised, has not been compromised, or might be compromised. Based on determining that the mobile device might be compromised, the mobile device is instructed to execute a restricted action. If the restricted action occurs on the mobile device then it is determined that the mobile device has been compromised. Based on that determination, an action is taken.Type: GrantFiled: August 15, 2019Date of Patent: April 18, 2023Assignee: BlackBerry LimitedInventors: Chang Fung Yang, Robert Joseph Lombardi, Chi Hing Ng, Johnathan George White
-
Patent number: 11599639Abstract: Methods and devices for determining whether a mobile device has been compromised. The mobile device has a managed portion of memory and an unmanaged portion of memory, a managed profile and an unmanaged profile, and the managed profile includes files stored in the managed portion of memory and the unmanaged profile includes files stored in the unmanaged portion of memory. The managed profile is governed by a device policy set by a remote administrator. File tree structure information for the unmanaged profile of the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in the unmanaged portion of memory. It is determined from the file tree structure information that the mobile device has been compromised and, based on that determination, an action is taken.Type: GrantFiled: August 15, 2019Date of Patent: March 7, 2023Assignee: BlackBerry LimitedInventors: Chang Fung Yang, Robert Joseph Lombardi, Chi Hing Ng, Johnathan George White
-
Patent number: 11599676Abstract: Described herein is a system and method of application container access, the method includes performing a foreground unlock on an application container; creating a copy of a container key of the application container; locking the application container; receiving a background unlock trigger; determining whether a background unlock is authorized; performing the background unlock on at least a portion of the application container using the copy of the container key in response to determining the background unlock is authorized; and storing data in the at least a portion of the application container while the application container is in the background unlock.Type: GrantFiled: March 7, 2019Date of Patent: March 7, 2023Assignee: BlackBerry LimitedInventors: Johnathan George White, Rajeev Ragunathan Nair, David John Reynolds
-
Patent number: 11343258Abstract: Methods and devices for determining whether a mobile device has been compromised. The mobile device has a managed portion of memory and an unmanaged portion of memory, a managed profile and an unmanaged profile, and the managed profile includes files stored in the managed portion of memory and the unmanaged profile includes files stored in the unmanaged portion of memory. The managed profile is governed by a device policy set by a remote administrator. File tree structure information for the managed profile of the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in the managed portion of memory. It is determined from the file tree structure information that the mobile device has been compromised and, based on that determination, an action is taken.Type: GrantFiled: August 15, 2019Date of Patent: May 24, 2022Assignee: BlackBerry LimitedInventors: Chang Fung Yang, Robert Joseph Lombardi, Chi Hing Ng, Johnathan George White
-
Patent number: 11240026Abstract: Devices and methods of managing data stored within a container. The container may be associated with at least one registered user. The data within the container may be encrypted by a data encryption key (DEK). A computing device includes: a security module including a crypto-processor, a main processor, and memory. The memory stores instructions that, when executed, configure a processor to: authenticate a user based on a user secret associated with the container and generate a soft key based on the user secret. The instructions cause a crypto-processor to generate a secure generator output including a crypto key component and generate a hardened user key based on a key agreement protocol using the soft key and the crypto key component. The instructions cause a processor to construct an unencrypted DEK associated with the hardened user key and decrypt the subset of data using the unencrypted DEK.Type: GrantFiled: May 16, 2019Date of Patent: February 1, 2022Assignee: BlackBerry LimitedInventors: Johnathan George White, Daniel Richard L. Brown
-
Patent number: 11233784Abstract: A method for managing access to a shared endpoint of a network is disclosed. The method includes: receiving a user request to access a service associated with the shared endpoint; verifying that a user associated with the user request is authorized to access the service; in response to verifying that the user is authorized to access the service, obtaining a unique session identifier (USID) associated with the user request; receiving, via input from a device associated with the user, an access code; in response to determining that the inputted access code matches the USID, granting access to the service for the user.Type: GrantFiled: May 6, 2019Date of Patent: January 25, 2022Assignee: BlackBerry LimitedInventors: Rajeev Ragunathan Nair, Seung Sub Jung, Johnathan George White
-
Patent number: 11182494Abstract: A method of controlling access to data on a first electronic device, the method comprising steps of establishing a shared encryption key with a first software application instance running on a second electronic device, receiving a ‘begin session’ command sent by the first software application instance and responsive to the ‘begin session’ command, creating a storage location in a data store of the electronic device, obtaining a data encryption key, receiving data, encrypting the data using the data encryption key and storing the encrypted data in the storage location, receiving an ‘end session’ command sent by the first software application instance and responsive to the ‘end session’ command, discarding the shared encryption key, and deleting the encrypted data from the storage location.Type: GrantFiled: September 25, 2019Date of Patent: November 23, 2021Assignee: BlackBerry LimitedInventors: Siavash James Joorabchian Hawkins, Phillip Riscombe-Burton, Johnathan George White
-
Publication number: 20210051158Abstract: Methods and devices for determining whether a mobile device has been compromised. File tree structure information for the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in a portion of memory. The file tree structure information is analyzed to determine that the mobile device has been compromised, has not been compromised, or might be compromised. Based on determining that the mobile device might be compromised, the mobile device is instructed to execute a restricted action. If the restricted action occurs on the mobile device then it is determined that the mobile device has been compromised. Based on that determination, an action is taken.Type: ApplicationFiled: August 15, 2019Publication date: February 18, 2021Applicant: BlackBerry LimitedInventors: Chang Fung YANG, Robert Joseph LOMBARDI, Chi Hing NG, Johnathan George WHITE
-
Publication number: 20210049287Abstract: Methods and devices for determining whether a computing device has been compromised. File tree structure information for the computing device is obtained that details at least a portion of a tree-based structure of folders and files in a memory on the computing device. It is then determined from the file tree structure information that the computing device is compromised and, based on the determination that the computing device has been compromised, an action is taken.Type: ApplicationFiled: August 15, 2019Publication date: February 18, 2021Applicant: BlackBerry LimitedInventors: Chang Fung YANG, Chi Hing NG, Robert Joseph LOMBARDI, Johnathan George WHITE
-
Publication number: 20210049273Abstract: Methods and devices for determining whether a mobile device has been compromised. The mobile device has a managed portion of memory and an unmanaged portion of memory, a managed profile and an unmanaged profile, and the managed profile includes files stored in the managed portion of memory and the unmanaged profile includes files stored in the unmanaged portion of memory. The managed profile is governed by a device policy set by a remote administrator. File tree structure information for the unmanaged profile of the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in the unmanaged portion of memory. It is determined from the file tree structure information that the mobile device has been compromised and, based on that determination, an action is taken.Type: ApplicationFiled: August 15, 2019Publication date: February 18, 2021Applicant: BlackBerry LimitedInventors: Chang Fung YANG, Robert Joseph LOMBARDI, Chi Hing NG, Johnathan George WHITE
-
Publication number: 20210051156Abstract: Methods and devices for determining whether a mobile device has been compromised. The mobile device has a managed portion of memory and an unmanaged portion of memory, a managed profile and an unmanaged profile, and the managed profile includes files stored in the managed portion of memory and the unmanaged profile includes files stored in the unmanaged portion of memory. The managed profile is governed by a device policy set by a remote administrator. File tree structure information for the managed profile of the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in the managed portion of memory.Type: ApplicationFiled: August 15, 2019Publication date: February 18, 2021Applicant: BlackBerry LimitedInventors: Chang Fung YANG, Robert Joseph LOMBARDI, Chi Hing NG, Johnathan George WHITE
-
Publication number: 20200366483Abstract: Devices and methods of managing data stored within a container. The container may be associated with at least one registered user. The data within the container may be encrypted by a data encryption key (DEK). A computing device includes: a security module including a crypto-processor, a main processor, and memory. The memory stores instructions that, when executed, configure a processor to: authenticate a user based on a user secret associated with the container and generate a soft key based on the user secret. The instructions cause a crypto-processor to generate a secure generator output including a crypto key component and generate a hardened user key based on a key agreement protocol using the soft key and the crypto key component. The instructions cause a processor to construct an unencrypted DEK associated with the hardened user key and decrypt the subset of data using the unencrypted DEK.Type: ApplicationFiled: May 16, 2019Publication date: November 19, 2020Applicant: BlackBerry LimitedInventors: Johnathan George WHITE, Daniel Richard L. BROWN
-
Publication number: 20200358754Abstract: A method for managing access to a shared endpoint of a network is disclosed. The method includes: receiving a user request to access a service associated with the shared endpoint; verifying that a user associated with the user request is authorized to access the service; in response to verifying that the user is authorized to access the service, obtaining a unique session identifier (USID) associated with the user request; receiving, via input from a device associated with the user, an access code; in response to determining that the inputted access code matches the USID, granting access to the service for the user.Type: ApplicationFiled: May 6, 2019Publication date: November 12, 2020Applicant: BlackBerry LimitedInventors: Rajeev Ragunathan NAIR, Seung Sub JUNG, Johnathan George WHITE
-
Patent number: 10797890Abstract: Systems, methods, and software can be used to provide inter-enterprise data communications between enterprise applications on an electronic device. In some aspects, a method comprises: receiving, by a bridge application executing on an electronic device, an interoperation request for a first enterprise, wherein the interoperation request includes a first token and a second token; sending, from the bridge application to an application of the first enterprise, the first token, wherein the application of the first enterprise executes on the electronic device; receiving, by the bridge application from the application of the first enterprise, a certificate in response to the first token, wherein the certificate is encrypted by the second token; decrypting, by the bridge application, the certificate by using the second token; and validating, by the bridge application, the application of the first enterprise based on the decrypted certificate.Type: GrantFiled: February 26, 2018Date of Patent: October 6, 2020Assignee: BlackBerry LimitedInventors: Johnathan George White, Siavash James Joorabchian Hawkins, Fraser George Stewart
-
Publication number: 20200285774Abstract: Described herein is a system and method of application container access, the method includes performing a foreground unlock on an application container; creating a copy of a container key of the application container; locking the application container; receiving a background unlock trigger; determining whether a background unlock is authorized; performing the background unlock on at least a portion of the application container using the copy of the container key in response to determining the background unlock is authorized; and storing data in the at least a portion of the application container while the application container is in the background unlock.Type: ApplicationFiled: March 7, 2019Publication date: September 10, 2020Inventors: Johnathan George White, Rajeev Ragunathan Nair, David John Reynolds
-
Publication number: 20200104517Abstract: A method of controlling access to data on a first electronic device, the method comprising steps of establishing a shared encryption key with a first software application instance running on a second electronic device, receiving a ‘begin session’ command sent by the first software application instance and responsive to the ‘begin session’ command, creating a storage location in a data store of the electronic device, obtaining a data encryption key, receiving data, encrypting the data using the data encryption key and storing the encrypted data in the storage location, receiving an ‘end session’ command sent by the first software application instance and responsive to the ‘end session’ command, discarding the shared encryption key, and deleting the encrypted data from the storage location.Type: ApplicationFiled: September 25, 2019Publication date: April 2, 2020Inventors: Siavash James Joorabchian HAWKINS, Phillip RISCOMBE-BURTON, Johnathan George WHITE