Abstract: A wireless device may perform a local authentication to reduce the traffic on a network. The local authentication may be performed using a local web server and/or a local OpenID provider (OP) associated with the wireless device. The local web server and/or local OP may be implemented on a security module, such as a smartcard or a trusted execution environment for example. The local OP and/or local web server may be used to implement a provisioning phase to derive a session key, associated with a service provider, from an authentication between the wireless device and the network. The session key may be reusable for subsequent local authentications to locally authenticate a user of the wireless device to the service provider.

Abstract: A mobile trusted platform (MTP) configured to provide virtual subscriber identify module (vSIM) services is disclosed. In one embodiment, the MTP includes: a device manufacturer-trusted subsystem (TSS-DM) configured to store and provide credentials related to a manufacturer of the MTP; a mobile network operator—trusted subsystem (MNO-TSS) configured to store and provide credentials related to a mobile network operator (MNO); and a device user/owner—trusted subsystem (TSS-DO/TSS-U) configured to store and provide credentials related to user of the MTP. The TSS-MNO includes a vSIM core services unit, configured to store, provide and process credential information relating to the MNO. The TSS-DO/TSS-U includes a vSIM management unit, configured to store, provide and process credential information relating to the user/owner of the MTP. The TSS-DO/TSS-U and the TSS-MNO communicate through a trusted vSIM service.

Abstract: A trusted computing environment, such as a smartcard, UICC, Java card, global platform, or the like may be used as a local host trust center and a proxy for a single-sign on (SSO) provider. This may be referred to as a local SSO provider (OP). This may be done, for example, to keep authentication traffic local and to prevent over the air communications, which may burden an operator network. To establish the OP proxy in the trusted environment, the trusted environment may bind to the SSO provider in a number of ways. For example, the SSO provider may interoperate with UICC-based UE authentication or GBA. In this way, user equipment may leverage the trusted environment in order to provide increased security and reduce over the air communications and authentication burden on the OP or operator network.

Abstract: Disclosed is method and apparatus for operation of a base station in wireless communications, including self-configuration of the base station for secure and authenticated communications with other base stations.

Abstract: A method and apparatus for identifying a code group representative of a predetermined number of base stations is disclosed. A chip offset within a frame is input into a first correlator. A plurality of samples of chips at which a primary synchronization code (PSC) has been detected are input into the first correlator. Output of the first correlator is multiplied by the complex conjugate of the PSC to obtain a magnitude for the signals being transmitted at the chips inputted into the first correlator. The magnitude is summed over four frames. The summed signals view of a predetermined set of decision variables is evaluated. A case number, a code group, a timeslot location, and a system frame number are determined based on the evaluation and noise estimation.

Abstract: Methods and apparatus are disclosed to provide protection against Unsolicited Communication (UC) in a network, such as, without limitation, an Internet Protocol (IP) Multimedia Subsystem (IMS). A communication may originate from a sending device and may be intended for delivery to a receiving device. A network may determine authentication information associated with the sending device. The network may send the authentication information to a receiving entity to evaluate if the communication is unsolicited using the authentication information. If the communication is determined to be acceptable, a connection associated with the communication may be allowed.

Abstract: Disclosed is method and apparatus for operation of a base station in wireless communications, including self-configuration of the base station for secure and authenticated communications with other base stations.

Abstract: A wireless transmit/receive unit (WTRU) and a Node B, respectively, perform joint randomness not shared by others (JRNSO) measurement to generate JRNSO bits based on a channel estimate between the WTRU and the Node B. The WTRU and the Node B then perform a reconciliation procedure to generate a common JRNSO bits. The Node B sends the common JRNSO bits to a serving network. The WTRU and the SN secure a session key (such as an integrity key, a cipher key and an anonymity key), using the common JRNSO bits. The JRNSO measurements are performed on an on-going basis, and the session key is updated using a new set of common JRNSO bits. The JRNSO bits may be expanded by using a pseudorandom number generator (PNG) or a windowing technique. A handover may be intentionally induced to increase the JRNSO bits generation rate.

Abstract: Methods and instrumentalities are disclosed that enable one or more domains on one or more devices to be owned or controlled by one or more different local or remote owners, while providing a level of system-wide management of those domains. Each domain may have a different owner, and each owner may specify policies for operation of its domain and for operation of its domain in relation to the platform on which the domain resides, and other domains. A system-wide domain manager may be resident on one of the domains. The system-wide domain manager may enforce the policies of the domain on which it is resident, and it may coordinate the enforcement of the other domains by their respective policies in relation to the domain in which the system-wide domain manager resides. Additionally, the system-wide domain manager may coordinate interaction among the other domains in accordance with their respective policies.

Abstract: An apparatus and method for providing home evolved node-B (H(e)NB) integrity verification and validation using autonomous validation and semi-autonomous validation is disclosed herein.

Abstract: Methods, components and apparatus for implementing platform validation and management (PVM) are disclosed. PVM provides the functionality and operations of a platform validation entity with remote management of devices by device management components and systems such as a home node-B management system or component. Example PVM operations bring devices into a secure target state before allowing connectivity and access to a core network.

Abstract: An automatic gain control (AGC) method according to the present invention applies an initial gain by a digital AGC circuit in a timeslot is determined using a final calculated gain from the same timeslot in the previous frame together with an offset factor. An erase function is activated for a given data sample block when the number of saturated data samples that are detected within the block exceeds a threshold value. The power measurement made by the AGC circuit and used to update the gain is adjusted based on the number of measured data samples that are saturated. These elements provide a gain limiting function and allows limiting of the dynamic range for further signal processing.

Abstract: A method and apparatus for securing the interface between a Universal Integrated Circuit Card (UICC) and a Terminal in wireless communications is disclosed. The security of Authentication and Key Agreement (AKA) and application level generic bootstrapping architecture (GBA) with UICC-based enhancements (GBA_U) procedures is improved. A secure shared session key is used to encrypt communications between the UICC and the Terminal. The secure shared session key generated using authenticating or non-authenticating procedures.

Abstract: The present invention is related to a wireless communication system. 3G UMTS mobile phone systems rely on a protected smart card called the UMTS integrated circuit card (UICC) that provides UMTS subscriber identity module (USIM) applications as a basis or root of various security measures protecting the communication path between the 3G mobile terminal and the UMTS wireless network (or UTRAN). Disclosed is a method by which the UICC exchanges information with a terminal, such as an Internal Key Center (IKC 1250) and a Bootstrapping Server Function (BSF 1270) enables a procedure where multiple local keys specific to applications and Network Application Functions (NAFs) (Ks_local) are used for authentication and to encrypt and decrypt messages.

Abstract: A mobile trusted platform (MTP) configured to provide virtual subscriber identify module (vSIM) services is disclosed. In one embodiment, the MTP includes: a device manufacturer-trusted subsystem (TSS-DM) configured to store and provide credentials related to a manufacturer of the MTP; a mobile network operator-trusted subsystem (MNO-TSS) configured to store and provide credentials related to a mobile network operator (MNO); and a device user/owner-trusted subsystem (TSS-DO/TSS-U) configured to store and provide credentials related to user of the MTP. The TSS-MNO includes a vSIM core services unit, configured to store, provide and process credential information relating to the MNO. The TSS-DO/TSS-U includes a vSIM management unit, configured to store, provide and process credential information relating to the user/owner of the MTP. The TSS-DO/TSS-U and the TSS-MNO communicate through a trusted vSIM service.

Abstract: A method and apparatus for identifying a code group representative of a predetermined number of base stations is disclosed. A chip offset within a frame is input into a first correlator. A plurality of samples of chips at which a primary synchronization code (PSC) has been detected are input into the first correlator. Output of the first correlator is multiplied by the complex conjugate of the PSC to obtain a magnitude for the signals being transmitted at the chips inputted into the first correlator. The magnitude is summed over four frames. The summed signals view of a predetermined set of decision variables is evaluated. A case number, a code group, a timeslot location, and a system frame number are determined based on the evaluation and noise estimation.

Abstract: A method and system for performing initial cell search is disclosed. Step 1 processing is preformed to detect a peak primary synchronization code (PSC) location (i.e. chip offset or chip location). Step 2 processing is performed to obtain the toffset and code group. Step 3 processing is performed to identify the midamble of a base station with which the WTRU performing the initial cell search may synchronize with.

Abstract: Disclosed is method and apparatus for operation of a base station in wireless communications, including self-configuration of the base station for secure and authenticated communications with other base stations.

Abstract: A wireless transmit/receive unit (WTRU) and a Node B, respectively, perform joint randomness not shared by others (JRNSO) measurement to generate JRNSO bits based on a channel estimate between the WTRU and the Node B. The WTRU and the Node B then perform a reconciliation procedure to generate a common JRNSO bits. The Node B sends the common JRNSO bits to a serving network. The WTRU and the SN secure a session key (such as an integrity key, a cipher key and an anonymity key), using the common JRNSO bits. The JRNSO measurements are performed on an on-going basis, and the session key is updated using a new set of common JRNSO bits. The JRNSO bits may be expanded by using a pseudorandom number generator (PNG) or a windowing technique. A handover may be intentionally induced to increase the JRNSO bits generation rate.

Abstract: A received power of a code division multiple access (CDMA) signal is determined. Samples of a spectrum associated with the received CDMA signal are taken as received samples, which are then correlated with a code of the CDMA signal. For correlated samples below a first threshold, those correlated samples are processed by being made to be zero. For samples between the first threshold and a second threshold, those correlated samples are processed by rescaling. The correlated samples above the second threshold are passed unchanged. The received power level of the received CDMA signal is determined using the correlated samples after the processing.