Abstract: A communication system including: a cloud facility and a capture server, wherein the capture serve receives session identification information from the cloud facility that receives a session generation request from the communication facility. If a capture function is enabled for the SIM associated with the session identification information, the capture server starts a capture process for capturing a packet whose session identification information included in a header matches session identification information associated with the SIM whose capture function has been enabled, among packets received by mirroring of data transmitted toward the cloud facility, and the cloud facility transmits a response to the session generation request to the communication facility connected to the cloud facility, after the capture process is started.

Abstract: A connection management apparatus of a relay system specifies, when terminal identification information for identifying a target terminal is acquired from a client terminal, a first relay apparatus that relays communication, and specifies connecting information for the client terminal to connect to the first relay apparatus. The connection management apparatus stores the specified connecting information and the terminal identification information in a storage in association with each other, and notifies the client terminal of the specified connecting information. When the specified first relay apparatus receives access based on the connecting information from the client terminal, the specified first relay apparatus relays the communication between the client terminal and the target terminal on the basis of the terminal identification information associated with the connecting information.

Abstract: A device management apparatus according to one embodiment of the present invention for managing a plurality of devices which consume or deplete a product, said apparatus having a storage for storing device identification information and provider information in association with one another, a receiving unit for receiving device identification information and product information which has been transmitted by a device among the plurality of devices, a determination unit for determining whether or not the consumption status or depletion status expressed by the product information satisfies determination conditions, and a notification unit which, when the determination unit has determined that the determination conditions are met, notifies a provider device which is associated with the provider identified on the basis of the provider information associated with the device identification information about an action which pertains to a product which is consumed or depleted by the device identified by the device iden

Abstract: A communication system for providing a wireless terminal with access to a network, the wireless terminal storing an identification number for accessing a first network, the communication system being configured to receive a connection initiation request from the wireless terminal while the wireless terminal is located in a second service area of a second network, the second service area being different from a first service area of the first network; select, in response to the connection initiation request, a gateway of a third network connected to the second network; and send a gateway ID of the selected gateway toward the second network. A method and a non-transitory computer-readable storage medium storing a program are also disclosed.

Abstract: Transmitting or receiving data between IoT device and external server on IP network, with a first server receiving signaling data including a message over a cellular network from the IoT device, the signaling data transmitted to a telephone number of the first server, a second server identifying a destination of the message or data corresponding to the message based on the signaling data, the signaling data includes a destination identifier being a numeral or a symbol with predetermined digits or digits less than the predetermined digits, different from the telephone number, and indirectly representing the destination of the external server on the IP network, the destination is specified with reference to a correspondence between destination identifiers includable in the signaling data and URLs of external servers, and the second server transmits the message or data corresponding to the message to the destination by an HTTP request over IP network.

Abstract: A communication system for providing an access to an Internet Protocol (IP) network to a wireless terminal, having a gateway to pass data from the wireless terminal to the IP network and having first and second groups of servers, the first group includes a plurality of servers and the second group includes a plurality of servers. The first group is configured to: receive data from the wireless terminal, select a destination address as a selected destination address for the received data, and forward the data to a server of the second group corresponding to the selected destination address. The server of the second group performs data processing of the forwarded data, the data processing including modification of a part of a General Packet Radio Service (GPRS) tunneling protocol (GTP) payload of the forwarded data, and output the processed data to the IP network.

Abstract: Facilitate configuration of authentication information for a service provided over IP network when there is no shared authentication information between IoT device and service provider device for a service used by IoT device, an intermediary device capable of authenticating legitimate access mediates between devices. An example: a cipher key CK stored in intermediary device and IoT device, as a result of SIM authentication of the SIM of the IoT device, is used as master key for services used by IoT device. By generating unique application key for a service used by IoT device on the intermediary device and IoT device on the basis of master key, and sending it to service provider apparatus from intermediary device by secure connection, common keys are set as authentication information to IoT device and service provider apparatus. A SIM authentication process for generating cipher key can suppress SQN attack based on a bad request.

Abstract: Updating a subscriber identity module, SIM, on a host device by deriving a pre-shared key by requesting a SIM identifier via communication module of the host device; receiving SIM identifier and deriving an agent identifier from SIM identifier; transmitting agent and SIM identifiers to SIM update server; receiving a random value from SIM update server and supplying it to the SIM to initiate SIM authentication procedure. In reply, receiving an authentication response from the SIM; and deriving pre-shared key from authentication response; transmitting an update request message to SIM update server, wherein the update request message comprises the agent identifier and is encrypted before transmission using the pre-shared key; receiving an update response message from the SIM update server which has update data and is encrypted using pre-shared key; and following decryption of update response message using derived pre-shared key, transmitting update data to communication module.

Abstract: A server for providing a token to a mobile terminal includes a network interface and a processing unit coupled to the network interface. The processing unit is configured to receive from the mobile terminal a request asking for the token, to obtain subscriber identification information of the mobile terminal, to obtain a token which includes a user profile associated with the subscriber identification information and to which an electronic signature is added, and to transmit the token to the mobile terminal.

Abstract: A control apparatus for a gateway functioning as the endpoint of a core network in a mobile communication system is provided. The gateway includes a first server configured to receive data from a user apparatus and one or more second servers configured to transfer the data received by the first server to an external network. The control apparatus performs an operation of changing performance of the one or more second servers, an operation of monitoring a processing status of the one or more second servers, and an operation of selecting, from the one or more second servers in accordance with the processing status of the one or more second servers, a second server as a transfer destination of the data received from the user apparatus by the first server.

Abstract: A connection management apparatus of a relay system specifies, when terminal identification information for identifying a target terminal is acquired from a client terminal, a first relay apparatus that relays communication, and specifies connecting information for the client terminal to connect to the first relay apparatus. The connection management apparatus stores the specified connecting information and the terminal identification information in a storage in association with each other, and notifies the client terminal of the specified connecting information. When the specified first relay apparatus receives access based on the connecting information from the client terminal, the specified first relay apparatus relays the communication between the client terminal and the target terminal on the basis of the terminal identification information associated with the connecting information.

Abstract: A second network which communicates with a communication system for providing access to a network other than a first network, via the second network, to a wireless terminal on which an identification number for accessing the first network is stored, configured to: receive a connection initiation request on C-plane from the wireless terminal to send the connection initiation request to the communication system, receive a gateway ID of a gateway on U-plane to the network connected to the second network, selected on the communication system based on a network ID of the second network, in response to the connection initiation request, wherein the gateway is within a third network other than the first network, and establish a communication path between the gateway on U-plane designated by the gateway ID.

Abstract: A communication system for providing an access to an IP network to a wireless terminal, comprising a gateway for passing data from the wireless terminal to the IP network, wherein the gateway comprises a first group of servers with a receiving unit for receiving data from the wireless terminal, a selecting unit for selecting one of a plurality of destination addresses based on a header of the received data, and a forwarding unit for forwarding the data to the destination address selected by the selecting unit, wherein each of the first group of servers forwards the data to a server constituting a second group of servers corresponding to one of the plurality of destination addresses.

Abstract: A control apparatus for a gateway functioning as the endpoint of a core network in a mobile communication system is provided. The gateway includes a first server configured to receive data from a user apparatus and one or more second servers configured to transfer the data received by the first server to an external network. The control apparatus performs an operation of changing performance of the one or more second servers, an operation of monitoring a processing status of the one or more second servers, and an operation of selecting, from the one or more second servers in accordance with the processing status of the one or more second servers, a second server as a transfer destination of the data received from the user apparatus by the first server.

Abstract: Facilitate configuration of authentication information for a service provided over IP network when there is no shared authentication information between IoT device and service provider device for a service used by IoT device, an intermediary device capable of authenticating legitimate access mediates between devices. An example: a cipher key CK stored in intermediary device and IoT device, as a result of SIM authentication of the SIM of the IoT device, is used as master key for services used by IoT device. By generating unique application key for a service used by IoT device on the intermediary device and IoT device on the basis of master key, and sending it to service provider apparatus from intermediary device by secure connection, common keys are set as authentication information to IoT device and service provider apparatus. A SIM authentication process for generating cipher key can suppress SQN attack based on a bad request.

Abstract: Updating a subscriber identity module, SIM, on a host device by deriving a pre-shared key by requesting a SIM identifier via communication module of the host device; receiving SIM identifier and deriving an agent identifier from SIM identifier; transmitting agent and SIM identifiers to SIM update server; receiving a random value from SIM update server and supplying it to the SIM to initiate SIM authentication procedure. In reply, receiving an authentication response from the SIM; and deriving pre-shared key from authentication response; transmitting an update request message to SIM update server, wherein the update request message comprises the agent identifier and is encrypted before transmission using the pre-shared key; receiving an update response message from the SIM update server which has update data and is encrypted using pre-shared key; and following decryption of update response message using derived pre-shared key, transmitting update data to communication module.

Abstract: A communication system for providing an access to an IP network to a wireless terminal, comprising a gateway for passing data from the wireless terminal to the IP network, wherein the gateway comprises a first group of servers with a receiving unit for receiving data from the wireless terminal, a selecting unit for selecting one of a plurality of destination addresses based on a header of the received data, and a forwarding unit for forwarding the data to the destination address selected by the selecting unit, wherein each of the first group of servers forwards the data to a server constituting a second group of servers corresponding to one of the plurality of destination addresses.

Abstract: A server for providing a token to a mobile terminal includes a network interface and a processing unit coupled to the network interface. The processing unit is configured to receive from the mobile terminal a request asking for the token, to obtain subscriber identification information of the mobile terminal, to obtain a token which includes a user profile associated with the subscriber identification information and to which an electronic signature is added, and to transmit the token to the mobile terminal.

Abstract: A communication system for providing access to a network via a second network to a wireless terminal on which an identification number for accessing a first network is stored, comprising: a receiving unit for receiving a connection initiation request on C-plane from the wireless terminal; a selection unit for selecting a gateway on U-plane to the network connected to the second network based on an obtained network ID of the second network, in response to the connection initiation request; and a sending unit for sending a gateway ID of the selected gateway on U-plane toward the second network.

Abstract: An apparatus for transmitting and receiving data to/from an IoT device to accelerate the spread of IoT. The IoT device 110 generates a message to be transmitted, and transmits, via SMS, the message to the phone number of a first server 101, which is stored in the IoT device 110. The first server 101 notifies the IoT terminal 110, as needed, of having received SMS data including the message, and thereafter delivers the SMS data to a second server 102. The second server 102 specifies a destination with reference to associations between destination identifiers includable in the SMS data and destinations. The second server 102 transmits, to a third external server 123, a portion obtained by excluding the destination identifier from the message or the whole message including the destination identifier.