Abstract: A system (100) for managing incoming calls in a user's mobile device (3) while using a user's virtual reality, VR, device (1), comprising a user's mobile device (3) comprising a SIM card associated to a Mobile Subscriber Integrated Services Digital Number, MSISDN, the SIM card associated to a mobile carrier from an IP Multimedia. Subsystem, IMS, network (6), a user's virtual reality, VR, device (1) comprising computing means (2) to perform a pairing process between the mobile device (3) and the user's VR device (1) and managing incoming calls, an authentication module (4) configured to authenticate the user's mobile device (3), wherein authenticate means that the VR user (A) is in possession of the user's mobile device (3) comprising the SIM card; and a Web Real Time Communications Gateway, WebRTC GW(5) connected to the IMS network (6) of the mobile carrier and configured to translate IMS signaling into WebRTC signaling.

Abstract: A method and an orchestration server for packet data network service slicing over a network infrastructure for real-time IP services are provided. The method comprises providing an orchestration server that has knowledge of a whole connectivity status of a network infrastructure and that is configured to manage service nodes. The server receives a session request for a real-time IP service from a UE device located in a given region and requests to one or more service nodes of said given region whether it has/they have network resources. Each of the one or more service nodes compute a QoS measurement thereof in terms of KPIs including latency, jitter and bandwidth, the QoS measurement being computed by a software module that is implemented on a virtual machine deployed on the service node; and tag a plurality of interfaces. The orchestration server selects a given service node in view of said QoS measurement.

Abstract: A system and a method for user authentication and/or authorization, including a passive card to encode a first portion of an authentication or authorization code for a user via capacitive points, and a portable computing device with a capacitive screen to encode a second portion of the code. Each capacitive point is connected to an electronic circuit, being activable by physical contact of the user or with an electrical ground. Once the user has requested access to a specific service or operation, and when at least some of the passive points are activated and the passive card is in contact with the capacitive screen, the device reads the capacitive points, decoding the first portion of the code, and cryptographically signs the decoded portion using the second portion, providing the code, which is used as cryptographic key to grant access to the service or operation.

Abstract: The invention relates to a computer-implemented method for generating passwords and to computer program products of same. The method comprises: accessing, by a user (100), by means of a first computation device (200), for the first time, a webpage or website identified by a web domain that requires the Identification of the user (100) on the webpage or website; and generating, by means of a password generator, a password required by the webpage or website, based on the use of a result obtained from the execution of a cryptographic function using password policies related to the domain, the use of a master password (101) known only to the user (100) and the use of an Id_Hash (208).

Abstract: It is proposed a technical solution to leverage the level of trust in scenarios with a high number of independent computing nodes from independent and heterogeneous DLT networks. This solution defines the technical modules required to implement a self-governed decentralized infrastructure that ensures that every participant node (computing node) in a DLT network connected to the proposed system (implementing the proposed method) can exploit additional validation and consensus policies in their transactions and smart contracts. Through the proposed mechanism they can enjoy an equivalent level of trust as if all the nodes from the connected networks were part of a single common DLT network. The proposed solution enables the implementation of dedicated validation policies to leverage the level of trust of any of the connected networks without the need of dedicated infrastructure.

Abstract: The present invention proposes a method, device and system for protecting the connection to a wireless network (a WiFi network) by users of electronic communications devices, even the first time the user device connects to the network. The proposed method, device and system provides an improved security when connecting to a WiFi network, avoiding attacks that may jeopardize the security, confidentiality, integrity and availability of WiFi users and WiFi infrastructure. In the proposed solution, the network will be certified by the user device before connecting to an access point for accessing the wireless network.

Abstract: The system includes a passive card (10) configured to store a first portion of an authentication or authorization code via a set of capacitive points (11) included on its surface; and a portable computing device (20) having a capacitive screen and being configured to store a second portion of said authentication or authorization code. Such that, once the user (1) has requested access to a specific service or to a specific operation and when the passive card (10) is in contact with the capacitive screen, the portable computing device (20) is further configured to read at least some of the set of capacitive points (11), decoding the first portion, and cryptographically signing the decoded first portion using said stored second portion, providing the authentication or authorization code, which is used as cryptographic key to grant access to said specific service or specific operation to the user (1).

Abstract: A method and system for controlling internet browsing user security is provided. A control device (120) receives, via a first communication channel, a web page request from a control agent (102) implemented in a browser (101), the browser (101) being installed in a computer device operated by a user. Then, the control device (120) requests, to a control service (130), via a second communication channel, a security level of said requested web page including a status of the user and the presence of risks in the requested web page. The control service (130) executes a security check on said requested web page by checking whether the requested web page is included in a blacklist or a whitelist and also by checking certain risk control criteria of the requested web page. Finally, in response to receipt a result of said security check, the control device (120) allows or denies access to said web page.

Abstract: A method, a system and computer program products for securely enabling in-network functionality over encrypted data sessions, the method involving establishing an encrypted data session between a client communication application (100) and a server communication application (200) over a communication network; receiving and/or transmitting, by the client communication application (100), in the established encrypted data session, at least one encrypted communication data (D) from/to the server communication application (200) through a computing network element (M); and performing, by the computing network element (M), different actions other than data packet forwarding from one communication application to the other on the encrypted communication data (D). The encrypted communication data (D) has a plurality of data portions, or contexts, (CTX), each encrypted by a context key, and the different actions being specific for the computing network element (M) and for one or more of the contexts (CTX_X).

Abstract: Method and system for recovering cryptographic keys of a blockchain network. A computing device or an element associated with the same has stored a pair of cryptographic keys representative of the identity of the user in a blockchain network, including a public key and a private key. An identity manager maintains a registry of the user in a distributed directory. When a request from the user is received due to the loss/theft of their private key, the information on the public key of the user is eliminated from the registry and the user is revoked as the owner of a smart contract, a new pair of keys is generated, stored in the device or in said element; and the user is identified and authenticated. Once correctly authenticated, the manager receives the new public key of the user, updates the registry and updates the ownership of the smart contract.

Abstract: An auto-provision method, system and computer programs for FTTH backhaul, midhaul or fronthaul for mobile base stations based on SDN. The method comprises detecting, by OLT when an ONU is connected to an optical termination point and responsive to said detection said OLT notifying a SDN controller. The SDN controller then provides connectivity to a base station connected to the ONU to a first restricted network providing access to a web site with limited connectivity. Then, said web site receives credential information identifying a technician of the base station and, once the technician is connected therein, further receives configuration information specifying which FTTH services the base station requires subscription. The SDN controller then disconnects the base station from the web site and reconnects it to a second network configured to provide access to a core network and to the subscribed FTTH services to the base station.

Abstract: It is provided computer implemented method for analysis of a software extension for installation and execution in a computing system, the method comprising obtaining a software extension from a marketplace, analyzing contents of the obtained software extension and computing a risk index based on the analyzed software extension and on information related to previously-downloaded software extensions stored in a local database, as well as related to previously detected malware. The risk index is computed before installing and executing the software extension in the computing system and wherein a high value of the risk index persuades a user to install and execute the software extension in the computing system.

Abstract: The present invention relates to the detection of malicious software in electronic documents and comprises: detecting an executable code in the electronic document provided to a client module; extracting information from the electronic document comprising the executable code and metadata of the electronic document; creating a binary vector associated with the electronic document; comparing, in a classifier module (200), the binary vector with one or more groups of vectors previously classified and stored in a database (400); classifying the vector in one of the groups, where each group has associated therewith a verdict about the presence of malicious software; and determining that the document contains malicious software depending on the verdict associated with the group in which its associated vector has been classified.

Abstract: The method comprises detecting, by an OLT when an ONU is connected to an optical termination point at a CPE of a user; notifying, by said OLT, a SDN controller; providing connectivity to said user to a dedicated and limited network providing access to a single self-provisioning web site by the SDN controller at least connecting said CPE to a service provider site; receiving, by the self-provisioning web site, credential information identifying the user on the self-provisioning web site, wherein the self-provisioning web site, once the user being connected therein, further receiving configuration information specifying which FTTH services the user wants to subscribe; and disconnecting, by the SDN controller, the user from the self-provisioning web site and reconnecting the user to a new network via a vCPE connected to said Internet service provider infrastructure and configured to provide access to Internet and to the subscribed FTTH services to the user.

Abstract: An auto-provision method, system and computer programs for FTTH backhaul, midhaul or fronthaul for mobile base stations based on SDN. The method comprises detecting, by OLT when an ONU is connected to an optical termination point and responsive to said detection said OLT notifying a SDN controller. The SDN controller then provides connectivity to a base station connected to the ONU to a first restricted network providing access to a web site with limited connectivity. Then, said web site receives credential information identifying a technician of the base station and, once the technician is connected therein, further receives configuration information specifying which FTTH services the base station requires subscription. The SDN controller then disconnects the base station from the web site and reconnects it to a second network configured to provide access to a core network and to the subscribed FTTH services to the base station.

Abstract: Present invention provides a method, system and application for providing authentication of a mobile device user, based on the measurement of electromagnetic fields modified by a pre-established movement of a specific magnetic token associated to the user. This univocal process will be able to obtain new authentication factors, including something that the user owns (i.e., the token), something that the user knows (i.e., the interaction between the token and the device), and somewhere that the user is (i.e., where the interaction takes place).

Abstract: The system includes a passive card (10) configured to store a first portion of an authentication or authorization code via a set of capacitive points (11) included on its surface; and a portable computing device (20) having a capacitive screen and being configured to store a second portion of said authentication or authorization code. Such that, once the user (1) has requested access to a specific service or to a specific operation and when the passive card (10) is in contact with the capacitive screen, the portable computing device (20) is further configured to read at least some of the set of capacitive points (11), decoding the first portion, and cryptographically signing the decoded first portion using said stored second portion, providing the authentication or authorization code, which is used as cryptographic key to grant access to said specific service or specific operation to the user (1).

Abstract: The method according to the invention comprises the steps of: identifying one or more entities (21) located in a darknet (50) taking into consideration information relative to network domains thereof, and collecting information of said one or more entities (21) identified; extracting a series of metadata from the information collected from said one or more entities (21) identified; validating said one or more identified entities (21) with information from a surface network (51), said information coming from a surface network (51) associated with the information collected from the identified entities (21); and generating a profile of each identified entity (21) by correlating the validated information of each entity (21) with data and metadata from said surface network (51).

Abstract: The method comprises certifying with integrity and authenticity guarantees, by a second system (20), a received document (Do) by applying a watermark to the document (Do) providing a modified document. Upon the modified document (Dw) is submitted to a transaction, receiving, by a fourth system (40), an identifier of the document (Dw) and an identifier of an operation executed on the document (Dw) during said transaction; storing, by the fourth system (40), information about the transaction in a third computer system (30), the latter executing a computer program storing pairings of said identifier of the document (Dw) and a hash value of the transaction and sending the hash value to the fourth system (40). The latter storing an address of the computer program, an interface thereof and the identifier of the document (Dw) into a record of a database, usable to track future transactions executed on the document (Dw).

Abstract: The method comprises detecting, by an OLT when an ONU is connected to an optical termination point at a CPE of a user; notifying, by said OLT, a SDN controller; providing connectivity to said user to a dedicated and limited network providing access to a single self-provisioning web site by the SDN controller at least connecting said CPE to a service provider site; receiving, by the self-provisioning web site, credential information identifying the user on the self-provisioning web site, wherein the self-provisioning web site, once the user being connected therein, further receiving configuration information specifying which FTTH services the user wants to subscribe; and disconnecting, by the SDN controller, the user from the self-provisioning web site and reconnecting the user to a new network via a vCPE connected to said Internet service provider infrastructure and configured to provide access to Internet and to the subscribed FTTH services to the user.