Abstract: A voice-coded in-band communication device monitors a voice-coded channel to detect data to present to a user. During operation, the communication device can detect a data-encoding signal from the voice-coded channel, such that the voice-coded channel can carry an audio signal that includes a voice signal and the data-encoding signal. The device decodes the data-encoding signal to detect a data element. The data element can include information that is to be presented to a local user, a request from a remote device for information about the local user, or information that the system can use to establish a peer-to-peer connection with the remote device over a separate data channel. The device can also generate a filtered audio signal to present to the user by removing the detected data-encoding signal from the voice-coded channel, and then reproduces the filtered audio signal for the user.

Abstract: A headend gateway can receive a data stream to forward to a client device of a broadcast network, and can determine whether the data stream includes a data block that has been recently broadcasted to any device of the broadcast network. The system can generate a new data stream that includes an identifier to any data block that has been broadcasted recently, and includes an encrypted block-decryption key that allows the recipient of the data stream to decrypt the data block. A client device of the broadcast network can receive a plurality of encrypted data blocks from the broadcast network, and can cache a subset of these encrypted data block regardless of whether or not they are intended for the local client device. The client device can access a cached data block when it receives an identifier and a block-decryption key for the data block.

Abstract: A voice-coded in-band communication device monitors a voice-coded channel to detect data to present to a user. During operation, the communication device can detect a data-encoding signal from the voice-coded channel, such that the voice-coded channel can carry an audio signal that includes a voice signal and the data-encoding signal. The device decodes the data-encoding signal to detect a data element. The data element can include information that is to be presented to a local user, a request from a remote device for information about the local user, or information that the system can use to establish a peer-to-peer connection with the remote device over a separate data channel. The device can also generate a filtered audio signal to present to the user by removing the detected data-encoding signal from the voice-coded channel, and then reproduces the filtered audio signal for the user.

Abstract: A headend gateway can receive a data stream to forward to a client device of a broadcast network, and can determine whether the data stream includes a data block that has been recently broadcasted to any device of the broadcast network. The system can generate a new data stream that includes an identifier to any data block that has been broadcasted recently, and includes an encrypted block-decryption key that allows the recipient of the data stream to decrypt the data block. A client device of the broadcast network can receive a plurality of encrypted data blocks from the broadcast network, and can cache a subset of these encrypted data block regardless of whether or not they are intended for the local client device. The client device can access a cached data block when it receives an identifier and a block-decryption key for the data block.

Abstract: Apparatus and methods are provided for protecting network resources, particularly in association with automatic provisioning of new client devices. A global PKI (Public Key Infrastructure) scheme is rooted at a globally available server. Roots of PKIs for individual organizations also reside at this server or another globally available resource. To enable access to an organization's network, one or more authenticators are deployed, which may be co-located with access points or other network components. After a client device enabler (CDE) and an authenticator perform mutual authentication with certificates issued within the global PKI, the CDE is used to provision a new client device for the organization. After the client is provisioned, it and an authenticator use certificates issued within the per-organization PKI to allow the client access to the network.

Abstract: Apparatus and methods are provided for protecting network resources, particularly in association with automatic provisioning of new client devices. A global PKI (Public Key Infrastructure) scheme is rooted at a globally available server. Roots of PKIs for individual organizations also reside at this server or another globally available resource. To enable access to an organization's network, one or more authenticators are deployed, which may be co-located with access points or other network components. After a client device enabler (CDE) and an authenticator perform mutual authentication with certificates issued within the global PKI, the CDE is used to provision a new client device for the organization. After the client is provisioned, it and an authenticator use certificates issued within the per-organization PKI to allow the client access to the network.

Abstract: Apparatus and methods are provided for protecting network resources, particularly in association with automatic provisioning of new client devices. A global PKI (Public Key Infrastructure) scheme is rooted at a globally available server. Roots of PKIs for individual organizations also reside at this server or another globally available resource. To enable access to an organization's network, one or more authenticators are deployed, which may be co-located with access points or other network components. After a client device enabler (CDE) and an authenticator perform mutual authentication with certificates issued within the global PKI, the CDE is used to provision a new client device for the organization. After the client is provisioned, it and an authenticator use certificates issued within the per-organization PKI to allow the client access to the network.