Abstract: A computer device, having at least two long-range wireless profiles and coupled with a communication bus of a vehicle, receives a notice that a vehicle-centric download for the computer device, or for a vehicle device coupled to the communication bus, is pending from a remote server. The vehicle computer device determines the size and security requirement associated with the pending download, and a current operational state of the vehicle. If the size or security requirement is low, a consumer-centric profile may be used for the download even if the vehicle is currently being used. If the download file size is large or requires very high security, or if a user is currently using the computer device according to the consumer-centric profile, the computer device may schedule the download to occur after receiving a trigger event occurrence message.

Abstract: A computer device, having at least two long-range wireless profiles and coupled with a communication bus of a vehicle, receives a notice that a vehicle-centric download for the computer device, or for a vehicle device coupled to the communication bus, is pending from a remote server. The vehicle computer device determines the size and security requirement associated with the pending download, and a current operational state of the vehicle. If the size or security requirement is low, a consumer-centric profile may be used for the download even if the vehicle is currently being used. If the download file size is large or requires very high security, or if a user is currently using the computer device according to the consumer-centric profile, the computer device may schedule the download to occur after receiving a trigger event occurrence message.

Abstract: A wireless mobile device (“UE”) operating in a battery-conserving low-power state processes incoming signaling or data in a received message to determine whether to act further on information in the message by enabling additional processing capability in the UE. A server may generate awaken information derived from a stored secret value that only the UE device and a server that manages the UE can obtain. The awaken information may also be based on a shared value shared between the server and the UE. The UE may separately derive the awaken information and may exit a low power state when awaken information received from the server in an awaken message in a first protocol matches the separately derived awaken information. The server may transmit a fall-back second awaken message in a different protocol than the first protocol if no confirmation is received that the UE received the first awaken message.

Abstract: Pre Shared Keys (“PSK”) for application and data session security are generated using application authentication secret values stored in a SIM device/card. The SIM internally uses the secret values as inputs to a security algorithm engine, but the secret values are not accessible outside of the SIM. The application authentication secret values cannot be used to authenticate the SIM, or a device that includes the SIM, to a communication network. Rather, symmetric keys and keying material are generated for use by applications outside of the standard and conventional wireless networking uses of a SIM device. Updated PSKs are generated at different network endpoints such that the PSKs are generated individually and separately at the endpoints; the ‘preshared’ keys are not actually shared. Thus, a client endpoint and a server endpoint, or an endpoint associated with the server, independently generate the same PSK without the PSK being transmitted between the endpoints.

Abstract: A vehicle processing device authenticates that an authorized user has requested an action by the vehicle and generates an authentication acknowledgement message. At least two security devices being present within the cabin of, or close to, the vehicle during a predetermined period following an authentication trigger event that occurs while the user performs a predetermined sequence of authentication activities (i.e., button presses, operating the vehicle or a part of it, etc.) provides a basis for the authentication acknowledgement message. Typically, information unique to each security device has been associated with the vehicle at a service provider's server. The authentication acknowledgement may include an activation code that results from processing the information, unique to each security device, received from the security devices and other random information, such as date.

Abstract: A network platform manages the provisioning of a UE with a dominant identity profile and a recessive identity profile. The dominant profile is associated with a user's existing wireless data plan and the recessive profile corresponds to a data plan of a provider of device, or machine-to-machine, services to the UE. The UE uses the two profiles to transmit separate data contexts on separate respective bearers. When managing two separate bearers, the UE always uses the dominant profile first for managing a handoff to a stronger cell. The UE reports that the new cell that now serves the dominant context is the only cell that has enough strength to support the recessive context, even if other cells near the UE have signals strong enough. This necessarily causes the recessive context to always be handed off to the same cell to which the dominant context has already been handed off.

Abstract: A vehicle processing device authenticates that an authorized user has requested an action by the vehicle and generates an authentication acknowledgement message. At least two security devices being present within the cabin of, or close to, the vehicle during a predetermined period following an authentication trigger event that occurs while the user performs a predetermined sequence of authentication activities (i.e., button presses, operating the vehicle or a part of it, etc.) provides a basis for the authentication acknowledgement message. Typically, information unique to each security device has been associated with the vehicle at a service provider's server. The authentication acknowledgement may include an activation code that results from processing the information, unique to each security device, received from the security devices and other random information, such as date.

Abstract: A network platform manages the provisioning of a UE with a dominant identity profile and a recessive identity profile. The dominant profile is associated with a user's existing wireless data plan and the recessive profile corresponds to a data plan of a provider of device, or machine-to-machine, services to the UE. The UE uses the two profiles to transmit separate data contexts on separate respective bearers. When managing two separate bearers, the UE always uses the dominant profile first for managing a handoff to a stronger cell. The UE reports that the new cell that now serves the dominant context is the only cell that has enough strength to support the recessive context, even if other cells near the UE have signals strong enough. This necessarily causes the recessive context to always be handed off to the same cell to which the dominant context has already been handed off.

Abstract: A wireless mobile device in a public communication network receives network-initiated signaling or messaging, while operating in a battery-conserving mode, or modes that, keep(s) minimal baseband processing functions awake. The baseband processing functions process incoming signaling or data in a received message to determine whether to act further on information in the incoming message by enabling additional processing capability in the mobile device. The mobile device may have permanent template criteria values, either coded in firmware or implemented in hardware, or temporary template criteria values, stored in RAM or processor registers, that are compared to values of an incoming message or datagram from the mobile network to determine whether to perform additional actions, such as awakening an application processor.

Abstract: A wireless mobile device in a public communication network receives network-initiated signaling or messaging, while operating in a battery-conserving mode, or modes that, keep(s) minimal baseband processing functions awake. The baseband processing functions process incoming signaling or data in a received message to determine whether to act further on information in the incoming message by enabling additional processing capability in the mobile device. The mobile device may have permanent template criteria values, either coded in firmware or implemented in hardware, or temporary template criteria values, stored in RAM or processor registers, that are compared to values of an incoming message or datagram from the mobile network to determine whether to perform additional actions, such as awakening an application processor.

Abstract: A vehicle processing device authenticates that an authorized user has requested an action by the vehicle and generates an authentication acknowledgement message. At least two security devices being present within the cabin of, or close to, the vehicle during a predetermined period following an authentication trigger event that occurs while the user performs a predetermined sequence of authentication activities (i.e., button presses, operating the vehicle or a part of it, etc.) provides a basis for the authentication acknowledgement message. Typically, information unique to each security device has been associated with the vehicle at a service provider's server. The authentication acknowledgement may include an activation code that results from processing the information, unique to each security device, received from the security devices and other random information, such as date.

Abstract: A vehicle processing device authenticates that an authorized user has requested an action by the vehicle, and generates an authentication acknowledgement message. At least two security devices being present within the cabin of, or close to, the vehicle during a predetermined period following an authentication trigger event that occurs while the user performs a predetermined sequence of authentication activities (i.e., button presses, operating the vehicle or a part of it, etc.) provides a basis for the authentication acknowledgement message. Typically, information unique to each security device has been associated with the vehicle at a service provider's server. The authentication acknowledgement may include an activation code that results from processing the information, unique to each security device, received from the security devices and other random information, such as date.

Abstract: A device of a public communication network initiates an action at a destination UE device of a private communication network by transmitting an action request message to a translating device that has a network/logical connection to both networks. The action request message contains security credentials of the initiating device, but does not contain a network address of the destination UE device. The translating device uses the security credentials of the initiating device contained in the action request message to determine a network address of the private network corresponding to the desired destination UE device. The security credentials may also be used to establish a secure connection from the initiating device. The translating device forwards the action request message to the desired destination device at the address associated with the initiator-device security credentials that it received in the action request message. The translating device may be a publish-subscribe broker.

Abstract: A platform in a wireless public land mobile network environment associates a mobile device's unique identifier with a provider of services to the mobile device as well as with the device's anchor network. When the mobile device wirelessly accesses services from a local wireless network while roaming outside of its anchor network's wireless coverage via an APN of the local network, the platform receives electronic data session transaction information records from the local network and replaces the mobile device's unique identifier with a pseudo/replacement unique device identifier that is associated in the platform with the local network and returns the transaction record to the local network instead of to the anchor network.

Abstract: A computer device, having at least two long-range wireless profiles and coupled with a communication bus of a vehicle, receives a notice that a vehicle-centric download for the computer device, or for a vehicle device coupled to the communication bus, is pending from a remote server. The vehicle computer device determines the size and security requirement associated with the pending download, and a current operational state of the vehicle. If the size or security requirement is low, a consumer-centric profile may be used for the download even if the vehicle is currently being used. If the download file size is large or requires very high security, or if a user is currently using the computer device according to the consumer-centric profile, the computer device may schedule the download to occur after receiving a trigger event occurrence message.

Abstract: A computer device associated with a vehicle pairs during an initial/setup pairing process with a UE device according to a wireless protocol. The devices exchange and store cryptographic information during pairing. Later, either device may detect/discover that the other is currently in its presence. Presence discovery may trigger the vehicle device to generate and broadcast an operational request message based on the cryptographic information, such as a public key of the UE, stored in the vehicle device. The UE receives the request, and transmits in response a vehicle operation permission message that it generates based on user input and cryptographic information, such as a public key of the vehicle device, stored by the UE during initial/setup pairing. The operational request message may be transmitted as an audio signal and received by a microphone of the UE. The vehicle device receives the permission message and generates an operation instruction based thereon.

Abstract: A device of a public communication network initiates an action at a destination UE device of a private communication network by transmitting an action request message to a translating device that has a network/logical connection to both networks. The action request message contains security credentials of the initiating device, but does not contain a network address of the destination UE device. The translating device uses the security credentials of the initiating device contained in the action request message to determine a network address of the private network corresponding to the desired destination UE device. The security credentials may also be used to establish a secure connection from the initiating device. The translating device forwards the action request message to the desired destination device at the address associated with the initiator-device security credentials that it received in the action request message. The translating device may be a publish-subscribe broker.

Abstract: Pre Shared Keys (“PSK”) for application and data session security are generated using application authentication secret values stored in a SIM device/card. The SIM internally uses the secret values as inputs to a security algorithm engine, but the secret values are not accessible outside of the SIM. The application authentication secret values cannot be used to authenticate the SIM, or a device that includes the SIM, to a communication network. Rather, symmetric keys and keying material are generated for use by applications outside of the standard and conventional wireless networking uses of a SIM device. Updated PSKs are generated at different network endpoints such that the PSKs are generated individually and separately at the endpoints; the ‘preshared’ keys are not actually shared. Thus, a client endpoint and a server endpoint, or an endpoint associated with the server, independently generate the same PSK without the PSK being transmitted between the endpoints.

Abstract: Pre Shared Keys (“PSK”) for application and data session security are generated using application authentication secret values stored in a SIM device/card. The SIM internally uses the secret values as inputs to a security algorithm engine, but the secret values are not accessible outside of the SIM. The application authentication secret values cannot be used to authenticate the SIM, or a device that includes the SIM, to a communication network. Rather, symmetric keys and keying material are generated for use by applications outside of the standard and conventional wireless networking uses of a SIM device. Updated PSKs are generated at different network endpoints such that the PSKs are generated individually and separately at the endpoints; the ‘preshared’ keys are not actually shared. Thus, a client endpoint and a server endpoint, or an endpoint associated with the server, independently generate the same PSK without the PSK being transmitted between the endpoints.

Abstract: A platform in a wireless public land mobile network environment associates a mobile device's unique identifier with a provider of services to the mobile device as well as with the device's anchor network. When the mobile device wirelessly accesses services from a local wireless network while roaming outside of its anchor network's wireless coverage via an APN of the local network, the platform receives electronic data session transaction information records from the local network and replaces the mobile device's unique identifier with a pseudo/replacement unique device identifier that is associated in the platform with the local network and returns the transaction record to the local network instead of to the anchor network.