Abstract: The present techniques generally describe a machine-implemented method for configuring a retransmission timer, the method performed at the server including: receiving, from a client, a first handshake message as part of a first handshake with the client; deriving a retransmission parameter from the first handshake message; setting a first wait time of the retransmission timer based on or in response to the retransmission parameter.

Abstract: A device, device initialisation and method of installing a delta update of executable code on a device, the method comprising: generating an unrelocation table based upon a symbol table and a relocation table associated with relocatable code by: identifying an entry in the relocation table that references a symbol in the symbol table; and storing in the unrelocation table the relocated address of the identified entry in the relocation table; generating a first executable program code based upon the symbol table, the relocation table, and the relocatable code; and storing the first executable program code and the unrelocation table on the device.

Abstract: Aspects of the present disclosure relate to an apparatus comprising first interface circuitry to communicate with a first computing device and second interface circuitry to communicate with a second computing device. The first interface circuitry is configured to receive a handshake message from the first computing device. The second interface circuitry is configured to transmit the handshake message to the second computing device and to receive a handshake response message from the second computing device. The first interface circuitry is configured to transmit the handshake response message to the first computing device, whereby to establish a communication session between the first computing device and the second computing device.

Abstract: Broadly speaking, embodiments of the present technique provide methods, apparatuses and systems for operating a server in communication with a network-attachable electronic device, comprising: storing, in storage accessible by the server, a device registration and a registration lifetime value for the device; receiving at least one message from the device; analysing the message to derive a confidence modifier associated with a message type associated with that message; applying the derived confidence modifier to a calculation of a confidence score for the device; and responsive to the calculation, determining whether a stored registration lifetime value for the device is to be adjusted based upon the confidence score.

Abstract: Broadly speaking, embodiments of the present technique provide methods, apparatuses and systems for controlling device resource subscriptions by an LwM2M server, comprising receiving at said LwM2M server a registration request message from a LwM2M client device, the message comprising an enumeration of a plurality of subscribable elements of an object hierarchy of the device; storing, using the LwM2M server, an association between the device and the plurality of subscribable elements; and sending from the LwM2M server to the LwM2M client device a subscription message comprising a unitary compressed expression representing plural ones of said plurality of subscribable elements associated with said device.

Abstract: Broadly speaking, the present techniques relate to a computer implemented method comprising: receiving, at a first server, one or more device identifiers from a device; determining, with the first server, the availability of a resource template for the device based on or in response to the one or more device identifiers; when the resource template is available for the device: provisioning, from the first server to the device, a template identifier to enable the device to register with a second server using the template identifier.

Abstract: A method of provisioning a device to use a data service provided by a data service provider comprises maintaining a list of unique identifiers of devices to which a trusted certificate has been issued and receiving a data service request for a device. The request will include a unique identifier for the device and a certificate. In response to the data service request, the list of device unique identifiers is consulted in order to verify that the certificate contained in the data service request is a trusted certificate. If the certificate contained in the service request is a trusted certificate, the certificate may then be forwarded to the data service provider.

Abstract: A machine-implemented method for controlling a configuration data item in a storage-equipped device having at least two security domains, comprising receiving, by one of the security domains, a configuration data item; storing the configuration data item; providing a security indication for the configuration data item; and when an event indicates untrustworthiness of the data item, invalidating a configuration effect of the stored configuration data item. Further provided is a machine-implemented method for controlling a storage-equipped device as a node in a network of devices, comprising receiving information that a data source or type of a configuration data item is untrusted; analysing metadata for the data source and the configuration data item; populating a knowledge base with analysed metadata; and responsive to the analysed metadata, transmitting security information to the network of devices. A corresponding device and computer program product are also described.

Abstract: A method of identifying an object within an environment is described for capturing visual data associated with the environment and comparing data defining a candidate object in the environment with an object data store storing object templates providing data pertaining to one or more objects; responsive to matching the data defining the candidate object in the environment and an object template, identifying the candidate object; and responsive to failing to match data representing the candidate object in the environment with an object template, identifying one or more object identifiers disposed in the environment to define identifier search data, and using the identifier search data to interrogate a further object data store to identify the candidate object.

Abstract: Various implementations described herein are directed to providing time-dependent authentication of a sending device. A message to a designated receiver is prepared. A portion of at least one secret identifier value of the sending device is retrieved. A portion of time information is retrieved. An authentication field is produced using the portion of the at least one secret identifier value and the portion of the time information. The authentication field is attached to the message. The message is transmitted to the designated receiver.

Abstract: The present techniques generally relate to a system comprising: a data resource comprising: a device data log to store a device data record for device data of a first device; a permissions log to store a permissions record for one or more permissions associated with the device data; a consent log to store a consent record comprising a consent status for the one or more permissions; wherein the consent record, permissions record and device data record provide a verifiable data audit to determine whether a party is authorized to access the device data.

Abstract: Techniques are described for debugging node devices. A node device may be connected to a host device for debugging purposes. A debugger, providing debug functionality, such as a debugging web application, may run on a remote server and be accessed via a web browser running at the host device, to debug the node device. Alternatively, the debugging web application may execute in the web browser running at the host device to debug the node device. In another alternative, the debugging web application may execute at a gateway device provided between the node device and the host device. In all cases the debugging web application is controlled via a debug user interface running at the web browser. Consequently, a user of the host device is not required to install a debugger at the host device in order to debug a node device.

Abstract: A method of establishing a communications path between devices comprising: receiving, at a first device, data, the data comprising: a first resource having a first identifier for a second device remote from the first device; a second resource having a second identifier for the second device; addressing the second device with the first identifier; generating, at the first device, first connection data based on the second identifier; transmitting, from the first device to the second device, the first connection data; receiving, at the first device, second connection data; validating, at the first device, the second connection data; establishing the communications path between the first device and second device responsive to valid second connection data.

Abstract: Technology for operating a computer system to manage network communications with plural devices, comprising retrieving from a registry one or more device capability profiles for the identified devices, the registry linking a device capability profile with each of the identified plural devices and the device capability profile identifying one or more capabilities of a device; operating in the computer system a message translation manager to adapt a message according to a linked device capability profile of each of the plural devices; and sending the message in adapted form to each identified one of the plural devices.

Abstract: A proxy node protects at least one edge node in a network of nodes. The proxy node includes a communications module for communicatively coupling the proxy node with the edge node so that all communications to and from that edge node go through the proxy node. The proxy node also has at least one isolated area that is associated with the at least one edge node. The isolated area stores application software for the associated edge node.

Abstract: A registry apparatus is provided for maintaining a device registry of agent devices for communicating with application providing apparatus. The registry comprises authentication information for uniquely authenticating at least one trusted agent device. In response to an authentication request from an agent device, the authentication information for that device is obtained from the registry, and authentication of the agent device is performed. If the authentication is successful, then application key information is transmitted to at least one of the agent device and the application providing apparatus.

Abstract: The present techniques disclose, in at least one embodiment, a method of generating route instructions, the method comprising: receiving, at a control system, route requests from a plurality of users; selecting, at the control system, paths from one or more path networks to satisfy the respective route requests, wherein the paths are selected based, at least in part, on or responsive to one or more path criteria for the respective paths; generating, at the control system, route instructions for the respective route requests, wherein the route instructions comprise the selected paths; transmitting, from the control system to the plurality of users, the respective route instructions.

Abstract: A computer implemented method of initiating a communication session between a client device and a server using an authentication key exchange protocol comprising: including the steps of receiving at the server from the client device a first communication to initiate the communication session, the first communication comprising a first session resumption indicator to indicate whether or not session resumption is required to be used by the client device; and establishing, at the server, a session resumption state for the client device based on or in response to a value of the first session resumption indicator.

Abstract: A machine-implemented method for transactional modification of content in solid state storage, comprising receiving a delta data structure comprising at least one delta targeting at least one data block; copying a first data block targeted by the at least one delta from the first data block's home location into a non-volatile store; first modifying a first flag of a plurality of flags stored in the delta data structure following copying of the first data block; reading the first data block into memory; modifying the first data block in memory according to the delta to produce a ready-to-write data block; erasing a target location to create an empty block; writing the ready-to-write data block to the target location; and recording in the delta data structure that the first data block has been modified.

Abstract: A method of accessing data sent between a remote resource and a data processing device, the method comprising: caching data uploaded from the remote resource or caching data sent to the remote resource at one or more intermediate network nodes between the data processing device and the remote resource; and accessing the cached data stored at the one or more intermediate network nodes.