Abstract: In a wireless network environment comprising first and second packet-switched access networks, each access network using a tunnelling-type micro-mobility protocol and a Quality of Service (QoS) routing protocol to route packet data to and from mobile nodes attached thereto, and each access network comprising an access router to which a mobile node may attach, a mobility agent with which said mobile node may register and a gateway, a method of facilitating network layer handover of said mobile node from said first access network to said second access network, said mobile node registered in said first access network with a serving mobility agent, which method comprises the steps of: said mobile node receiving a router advertisement from said second access network, which router advertisement comprises a network-layer address of a target mobility agent in said second access network with which said mobile node may register; and said mobile node forwarding said network-layer address to said serving mobility agent,

Abstract: In a wireless network environment comprising a mobile router serving a moving network, said mobile router for attaching to a packet-switched access network that uses a micro-mobility protocol and a Quality of Service (QoS) protocol to route packet data to and from said mobile router, wherein said mobile router has a QoS aggregate requirement generated by nodes attached thereto, a method of handover of said mobile router to a mobility agent in said access network, which method comprises the steps of: (i) said mobile router sends a QoS request message to said mobility agent, which QoS request message comprises a QoS parameter representing said QoS aggregate; (ii) upon receipt by said mobility agent, said access network takes a QoS admission decision on the basis of said QoS parameter; and (iii) said mobility agent sends a QoS acknowledgement to said mobile router whereby said mobility agent informs said mobile router of the outcome of said QoS admission decision; characterized by the step of (iv) if said QoS ad

Abstract: In a wireless network environment comprising a mobile router serving a moving network, said mobile router for attaching to a packet-switched access network that uses a micro-mobility protocol and a Quality of Service (QoS) protocol to route packet data to and from said mobile router, wherein said mobile router has a QoS aggregate requirement generated by nodes attached thereto, a method of handover of said mobile router to a mobility agent in said access network, which method comprises the steps of: (i) said mobile router sends a QoS request message to said mobility agent, which QoS request message comprises a QoS parameter representing said QoS aggregate; (ii) upon receipt by said mobility agent, said access network takes a QoS admission decision on the basis of said QoS parameter; and (iii) said mobility agent sends a QoS acknowledgement to said mobile router whereby said mobility agent informs said mobile router of the outcome of said QoS admission decision; characterized by the step of (iv) if said QoS ad

Abstract: Device authentication is implemented at the application layer of a computer communication model to add a factor to user authentication without requiring any action by the user. User space applications, such as web browsers, e-mail readers, and such, can remain completely unaffected. Instead, the additional authentication factor is provided at the application layer, typically in an operating system, where protocols such as HTTP(s), FTP(s), POP, SMTP, SNMP and DNS are implemented. Authentication is performed by a challenge/response transaction and the client device's digital fingerprint is compared to a whitelist of digital fingerprints of authorized client devices.

Abstract: An installation image for installing an unprotected software product is used to install a protected version of the same product. A protected version of the executable file is embedded in a new installation image with the original installation image, in which the unprotected version of the executable file is damaged so as to be unusable and unreadable. The new installation image causes the original installation image to operate, installing the damaged installation file and other data files. The new installation image then replaces the damaged installation file with the protected installation file.

Abstract: A method for detecting an attempted attack on a security system. In one preferred embodiment of the present invention, the method includes the step of retrieving a parameter from a hardware system, wherein the parameter changes during an operation of the hardware system. Then, comparing the retrieved parameter with a previously stored parameter; and, detecting a lack of change between the retrieved parameter and the previously stored parameter. An apparatus and an article of manufacture for detecting an attempted attack on a security system is also disclosed.

Abstract: A method for authenticating a device including the steps of operating the device to create at least one failure condition; obtaining a measurement based on the at least one failure condition; and, comparing the measurement based on the at least one failure condition with a previously stored measurement based on the at least one failure condition to determine an identity of the device. An apparatus and an article of manufacture for authenticating a device is also disclosed.

Abstract: A method for authenticating a device including the steps of measuring at least one performance parameter of the device to obtain a measurement; and comparing the measurement of the at least one performance parameter with a previously stored measurement of the at least one performance parameter to determine an identity of the device. An apparatus and an article of manufacture for authenticating a device is also disclosed.

Abstract: A method for using optical media for identification purpose including the steps of exposing a portion of the optical media to a source of radiation; detecting an imperfection in the portion of the optical media; and, quantifying the imperfection to create a unique identifier. An apparatus for using an optical media for identification purposes, including a light source for exposing a portion of the optical media to a radiation; and, a receptor for receiving the radiation through the portion of the optical media, wherein the receptor measures a change in radiation that is received once the radiation has passed through the portion of the optical media.

Abstract: Systems and methods are provided for controlling access to online services. For example, the system may include an application running on a user computer (130) that collects platform data (e.g. physical device parameters) and generates a machine fingerprint (stage 602). The computer (130) may send the machine fingerprint to the authentication server (110). The server (110) may associate the received machine fingerprint with the appropriate online account information received from a host server (120) or the like (stage 604). The authentication server (110) may send the appropriate registration status signal to the host server (120), which in turn may update the online profile information to include the user's registration status (stage 606).

Abstract: Systems and methods are provided for determining the efficacy of online advertising campaigns. In one approach, the method involves, in response to a user of a network device accessing a web page on which an advertisement is displayed, caching an impression in a first database, and receiving device data regarding the network device. The device data may comprise a combination of user-configurable and non-user-configurable machine parameters. A unique device identifier for the network device may be generated based on the machine parameters. The generated device identifier may be utilized to gain insight into which online ads users look at and which products and/or services they tend to buy.

Abstract: Devices and methods are provided for securing communication between a traffic management center (TMC) and a traffic controller via utilization of a field security device. In one embodiment, the field security device transmits a device identifier to the TMC upon being powered up or connected to the traffic controller. The device identifier is generally based on a combination of user-configurable and non-user-configurable parameters of the field security device. In response to the TMC authenticating the device identifier, the field security device establishes a secure private network (SPN) between the field security device and the TMC.