Abstract: A technique for controlling cryptographic document protection and verification is presented. In one implementation, a device is associated with a device identifier and with a cryptographic key is configured to obtain an electronically processable document representation (EPDR) of content of a document that is to be protected and to apply the cryptographic key to the EPDR to obtain a cryptographically processed document representation (CPDR). The device is further configured to transmit the device identifier and a verification parameter comprising at least one of the EPDR and the CPDR towards a transaction server that is configured to log the device identifier and the verification parameter in a tamper-proof manner. The device is also configured to receive a transaction identifier associated with the device identifier and the verification parameter from the transaction server, and trigger printing of the transaction identifier and the CPDR on a physical document that corresponds to the EPDR.

Abstract: In some examples, a cloud-based management system receives information identifying electronic devices to be onboarded for cloud-based management by the cloud-based management system, receives, from a first electronic device, a request to establish a secure connection between the cloud-based management system and the first electronic device, and receives, from the first electronic device, a certificate. The cloud-based management system confirms, based on information in the certificate and the information identifying the electronic devices to be onboarded for cloud-based management, that the cloud-based management system is to perform the cloud-based management of the first electronic device over the secure connection.

Abstract: In some examples, a cloud-based management system receives information identifying electronic devices to be onboarded for cloud-based management by the cloud-based management system, receives, from a first electronic device, a request to establish a secure connection between the cloud-based management system and the first electronic device, and receives, from the first electronic device, a certificate. The cloud-based management system confirms, based on information in the certificate and the information identifying the electronic devices to be onboarded for cloud-based management, that the cloud-based management system is to perform the cloud-based management of the first electronic device over the secure connection.

Abstract: In some examples, a cloud-based management system receives information identifying electronic devices to be onboarded for cloud-based management by the cloud-based management system, receives, from a first electronic device, a request to establish a secure connection between the cloud-based management system and the first electronic device, and receives, from the first electronic device, a certificate. The cloud-based management system confirms, based on information in the certificate and the information identifying the electronic devices to be onboarded for cloud-based management, that the cloud-based management system is to perform the cloud-based management of the first electronic device over the secure connection.

Abstract: In some examples, a cloud-based management system receives information identifying electronic devices to be onboarded for cloud-based management by the cloud-based management system, receives, from a first electronic device, a request to establish a secure connection between the cloud-based management system and the first electronic device, and receives, from the first electronic device, a certificate. The cloud-based management system confirms, based on information in the certificate and the information identifying the electronic devices to be onboarded for cloud-based management, that the cloud-based management system is to perform the cloud-based management of the first electronic device over the secure connection.

Abstract: The invention relates to a method to process data packets of a vehicle message received by a privacy gateway (100) from a vehicle (10) via a mobile communications network (20). The method comprises the following steps: The vehicle message transmitted by the vehicle (10) is received. A source IP address in the data packets of the vehicle message is identified. The source IP address in the data packets of the vehicle message is replaced by an IP address of a location collecting entity (50) of the mobile communications network (20). Said mobile communications network collects location information of a plurality of vehicles (10) resulting in an adapted vehicle message with adapted data packets containing the IP address of the location collecting entity as source IP address. Then, the adapted vehicle message is transmitted to a service providing entity (40) which is configured to provide location dependent services for the plurality of vehicles.

Abstract: A technique for controlling cryptographic document protection and verification is presented. In one implementation, a device is associated with a device identifier and with a cryptographic key is configured to obtain an electronically processable document representation (EPDR) of content of a document that is to be protected and to apply the cryptographic key to the EPDR to obtain a cryptographically processed document representation (CPDR). The device is further configured to transmit the device identifier and a verification parameter comprising at least one of the EPDR and the CPDR towards a transaction server that is configured to log the device identifier and the verification parameter in a tamper-proof manner. The device is also configured to receive a transaction identifier associated with the device identifier and the verification parameter from the transaction server, and trigger printing of the transaction identifier and the CPDR on a physical document that corresponds to the EPDR.

Abstract: A network node initiates a multicast transmission of a data item via a cellular network to a plurality of devices. Associated with the multicast transmission, the network node provides a request that at least a subgroup of the devices each send a report indicating whether an action on the basis of the data item received by the device was successfully completed by the device. Depending on the reports, the network node adjusts the repeated multicast transmission of the data item.

Abstract: A method for broadcasting an event message to a geographical area comprising the steps of receiving (S61) an event message with geographical information for which the event message is relevant; requesting (S62) information about available service areas and/or logical areas, wherein at least one logical area is covered by a service area; determining (S63) at least one affected geographical area based on the geographical information of the event message and the received service and/or logical areas; and providing (S64) the event message to the at least one affected geographical area.

Abstract: A network node initiates a multicast transmission of a data item via a cellular network to a plurality of devices. Associated with the multicast transmission, the network node provides a request that at least a subgroup of the devices each send a report indicating whether an action on the basis of the data item received by the device was successfully completed by the device. Depending on the reports, the network node adjusts the repeated multicast transmission of the data item.

Abstract: The invention relates to techniques for restricting a wireless network access for a mobile device (200). There is provided an additional cross-checking functionality on a comparator (106) of an intermediate node (100). The mobile device (200) receives a user key (88) indicating a general validation to access the WLAN of a third party. The third party operates a key server (300). The key server (300) issues a key pair, consisting of the user key (88) and an operator key (99). The operator key (99) is sent to the intermediate node (100) and is processed by a processor (105). The mobile device (200) applies the received user key (88) to an identification set (200i), identifying the device's user, and sends a reference message (22) to the intermediate node (100) via a second communication channel (2). Thereinafter, the device (200) sends its identification set (200i) via another first communication channel (1) for authentication and for cross checking to the intermediate node (100).

Abstract: A network node initiates a multicast transmission of a data item via a cellular network to a plurality of devices. Associated with the multicast transmission, the network node provides a request that at least a subgroup of the devices each send a report indicating whether an action on the basis of the data item received by the device was successfully completed by the device. Depending on the reports, the network node adjusts the repeated multicast transmission of the data item.

Abstract: A user device (10) provides a subscriber with access to a network service. The user device (10) determines service-specific key material and charging-specific key material. The user device (10) determines a charging record indicating usage of the network service by the subscriber and associates the charging record with first authentication information based on the charging-specific key material. The user device (10) generates at least one message including the charging record and the associated first authentication information. The user device (10) associates the at least one message with second authentication information based on the service-specific key material. The user device (10) sends the at least one message to a first network node (150) which is incapable of relating the charging-specific key material or the service-specific key material to a subscriber identity of the subscriber.

Abstract: A user device (10) provides a subscriber with access to a network service. The user device (10) determines service-specific key material and charging-specific key material. The user device (10) determines a charging record indicating usage of the network service by the subscriber and associates the charging record with first authentication information based on the charging-specific key material. The user device (10) generates at least one message including the charging record and the associated first authentication information. The user device (10) associates the at least one message with second authentication information based on the service-specific key material. The user device (10) sends the at least one message to a first network node (150) which is incapable of relating the charging-specific key material or the service-specific key material to a subscriber identity of the subscriber.

Abstract: The invention relates to a method to process data packets of a vehicle message received by a privacy gateway (100) from a vehicle (10) via a mobile communications network (20). The method comprises the following steps: The vehicle message transmitted by the vehicle (10) is received. A The source IP address in the data packets of the vehicle message is identified. The source IP address in the data packets of the vehicle message is replaced by an IP address of a location collecting entity (50) of the mobile communications network (20). Said mobile communications network collects location information of a plurality of vehicles (10) resulting in an adapted vehicle message with adapted data packets containing the IP address of the location collecting entity as source IP address. Then, the adapted vehicle message is transmitted to a service providing entity (40) which is configured to provide location dependent services for the plurality of vehicles.

Abstract: A network node (120) initiates a multicast transmission of a data item via a cellular network to a plurality of devices (10). Associated with the multicast transmission, the network node (120) provides a request that at least a subgroup of the devices (10) each send a report indicating whether an action on the basis of the data item received by the device (10) was successfully completed by the device (10). Depending on the reports, the network node (120) adjusts the repeated multicast transmission of the data item.

Abstract: A method for broadcasting an event message to a geographical area comprising the steps of receiving (S61) an event message with geographical information for which the event message is relevant; requesting (S62) information about available service areas and/or logical areas, wherein at least one logical area is covered by a service area; determining (S63) at least one affected geographical area based on the geographical information of the event message and the received service and/or logical areas; and providing (S64 ) the event message to the at least one affected geographical area.

Abstract: An information presentation device for presenting information to a user is described, which is arranged to receive information transmissions from a remote information source, and comprises: an information transmission receiver for receiving information transmissions, an information extractor for extracting presentation information to be presented, from an information transmission, an information presenter for presenting the extracted presentation information, wherein a monitor is arranged to monitor the operation of one or more of the information extractor and the information presenter, determine whether the operation of one or more of the information extractor and the information presenter fulfills one or more predetermined conditions, and generate an operation condition signal destined for the remote information source, said operation condition signal conveying an indication of the fulfillment or non-fulfillment of said one or more conditions.

Abstract: The invention relates to techniques for restricting a wireless network access for a mobile device (200). There is provided an additional cross-checking functionality on a comparator (106) of an intermediate node (100). The mobile device (200) receives a user key (88) indicating a general validation to access the WLAN of a third party. The third party operates a key server (300). The key server (300) issues a key pair, consisting of the user key (88) and an operator key (99). The operator key (99) is sent to the intermediate node (100) and is processed by a processor (105). The mobile device (200) applies the received user key (88) to an identification set (200i), identifying the device's user, and sends a reference message (22) to the intermediate node (100) via a second communication channel (2). Thereinafter, the device (200) sends its identification set (200i) via another first communication channel (1) for authentication and for cross checking to the intermediate node (100).

Abstract: An information presentation device for presenting information to a user is described, which is arranged to receive information transmissions from a remote information source, and comprises: an information transmission receiver for receiving information transmissions, an information extractor for extracting presentation information to be presented, from an information transmission, an information presenter for presenting the extracted presentation information, wherein a monitor is arranged to monitor the operation of one or more of the information extractor and the information presenter, determine whether the operation of one or more of the information extractor and the information presenter fulfils one or more predetermined conditions, and generate an operation condition signal destined for the remote information source, said operation condition signal conveying an indication of the fulfillment or non-fulfillment of said one or more conditions.