Abstract: Systems and methods for the configuration of network nodes without a secured connection in a telecommunications system are described herein. These network nodes can be wireless network nodes which are part of the network infrastructure, such as, wireless relays, wireless repeaters and self-back-hauled eNodeBs.

Abstract: Methods and arrangements for enabling the use of a first device (300) for controlling transfer of media content from a content provider (306) to a second device (302). The first device has a pre-established security association with the communications network. When the network detects a request made by the first device for delivery of media content to the second device, key information is established which enables determination of one or more media keys for encryption of the media content. The network sends key information to the content provider and to the first device. The content provider then delivers media content encrypted by the media key(s) to the second device. Further, the first device forward the media key(s) over a local communication link to the second device for decryption of media content encrypted by the media key(s) when delivered by the content provider.

Abstract: It is presented a security server arranged to set up communication between a merchant device and a customer payment application. The security server comprises: a receiver arranged to receive a first message comprising a customer identifier, an application identifier and a security token; a determiner arranged to determine whether the merchant device is authorised; a transmitter arranged to send a second message to the merchant device, the second message indicating that the merchant device is authorised to effect payment; and a channel establisher arranged to set up a secure channel between the merchant device and the customer payment application in a secure element being adapted to be comprised in a mobile communication terminal, wherein all communication between the merchant device and the customer payment application is controlled by the security server. Corresponding methods, merchant device, computer programs and computer program products are also presented.

Abstract: A base station, computer readable medium and method for determining whether a neighbor cell is a neighbor of a serving cell, where the serving cell and the neighbor cell belong to a same communication network that includes a user terminal served by the serving cell. The method includes receiving at a base station of the serving cell, via the user terminal, a first identity of the neighbor cell, a second identity of the neighbor cell, and a random number generated by a base station of the neighbor cell; sending, from the base station of the serving cell, a request to the base station of the neighbor cell, for establishing a neighbor relation, wherein the request includes the received random number; and obtaining at the base station of the serving cell a response from the base station of the neighbor cell in response to the request, the response indicating acceptance or denial of the neighbor relation.

Abstract: A method and arrangement in a first mobile terminal (600) for determining allocation of radio resources for DMO communication amongst a group of mobile terminals. M the first mobile terminal, a first determining module 600a determines a communication (Sout, Sin) with a second mobile terminal (602) of the group. A second determining module (600b) determines a resource element (RE) for communication by applying a predefined cryptographic function P based on a terminal identification (K)). The cryptographic function has been configured in the mobile terminals of the group to provide terminal-specific resource elements for different mobile terminals within respective radio frames. A communication module (600c) then communicates with the second mobile terminal (602), either by transmission or reception of the data, on the determined resource element (RE).

Abstract: It is presented a security server arranged to set up communication between a merchant device and a customer payment application. The security server comprises: a receiver arranged to receive a first message comprising a customer identifier, an application identifier and a security token; a determiner arranged to determine whether the merchant device is authorised; a transmitter arranged to send a second message to the merchant device, the second message indicating that the merchant device is authorised to effect payment; and a channel establisher arranged to set up a secure channel between the merchant device and the customer payment application in a secure element being adapted to be comprised in a mobile communication terminal, wherein all communication between the merchant device and the customer payment application is controlled by the security server. Corresponding methods, merchant device, computer programs and computer program products are also presented.

Abstract: Devices for providing flexible control of rendering of protected media comprising first and second content objects are provided. An instruction database combines with traditional use of digital rights objects for determining, at rights parsing and instruction handler, conditions for rendering of first content object. Conditions may force the user to render second content objects or to input requested data and may adapt to environmental conditions exemplary relating to user profile, location, or time of day. A set of second content objects may be pre-determined and specified in provided instructions. User selection, from a list of second content objects, of a specified number of second content objects, provides for generation of a key enabling successful rendering of first content object.

Abstract: A method in a first user equipment (UE 1) connectable to a second user equipment (UE 2) via a communication network or via a direct radio communication link, of using a direct radio communication link for communication between the UEs is initiated when one of the UEs receives probe signaling information comprising a first probe token via the communication network. The UEs exchange probe signaling messages including a second and/or the first probe token at least partly according to the probe signaling information, such that one of the UEs can compare the probe tokens, generate a probing report and provide the probing report to the communication network, or to the opposite UE for evaluation in case of a successful comparison and such that a direct radio communication link can be used for communication with UE 2 in response to receiving instructions to use the second direct radio communication link from the entity by which the probing report was evaluated.

Abstract: Methods and arrangements for enabling the use of a first device (300) for controlling transfer of media content from a content provider (306) to a second device (302). The first device has a pre-established security association with the communications network. When the network detects a request made by the first device for delivery of media content to the second device, key information is established which enables determination of one or more media keys for encryption of the media content. The network sends key information to the content provider and to the first device. The content provider then delivers media content encrypted by the media key(s) to the second device. Further, the first device forward the media key(s) over a local communication link to the second device for decryption of media content encrypted by the media key(s) when delivered by the content provider.

Abstract: The invention refers to monitoring usage of digital content provided from a content provider over a network to a client system. In the client system, a logging agent generates and stores information concerning usage of the digital content individually for each usage to be monitored. The generated information is entered in a usage log, either stored in the client system or at a trusted party. The logged usage information is also authenticated allowing identification of the client using the associated digital content. The entries of the log may include a representation of the content, information about usage quality and/or usage time. The logging agent is preferably implemented in a portable tamper-resistant module, e.g. a network subscriber identity module. The module may be pre-manufactured with the logging agent, or the agent can be downloaded thereto.

Abstract: A method for achieving a secure recording and storing of a recorded activity is based on an extended Digital Rights Management (DRM) system. A recording and storing procedure is initiated, in response to recognizing one or more triggers at a device hosted by a user equipment. On the basis of the one or more triggers a Rights Issuer is located, and a Recording and Storing Instruction (RSI) is retrieved from the RI, using an existing DRM standard. Based on the RSI, a trusted storage for storing the recorded activity is located, and one or more recording procedures, involving one or more recording equipments, are activated and managed by the device. Before the recorded content is forwarded to the trusted storage, a protected content is generated from the recorded content, according to content of the RSI.

Abstract: In a procedure for delivering streaming media, a Client first requests the media from an Order Server. The Order Server authenticates the Client and sends a ticket to the Client. Then, the Client sends the ticket to a Streaming Server. The Streaming Server checks the ticket for validity and if found valid encrypts the streaming data using a standardized real-time protocol such as the SRTP and transmits the encrypted data to the Client. The Client receives the data and decrypts them. Copyrighted material adapted to streaming can be securely delivered to the Client. The robust protocol used is very well suited for in particular wireless clients and similar devices having a low capacity such as cellular telephones and PDAs.

Abstract: In a method of enabling Digital Rights Management (DRM) of content in a communications network supporting a DRM system a first user equipment (RMUE), is registering with a first rights issuer of the DRM system from which a delegation assertion, authorizing the RMUE to become a private rights issuer, is retrieved. RMUE retrieves a first, signed rights object from the first rights issuer, that contains a first set of rights for the RMUE to DRM protect private content and to issue at least one second rights object, associated with the private content. DRM protection is then applied on private content, obtained by the RMUE, according to at least the first set of rights. RMUE issues a second rights object, defining a second set of rights for rendering the private content, according to the first set of rights.

Abstract: Systems and methods for the configuration of network nodes without a secured connection in a telecommunications system are described herein. These network nodes can be wireless network nodes which are part of the network infrastructure, such as, wireless relays, wireless repeaters and self-back-hauled eNodeBs.

Abstract: A base station, computer readable medium and method for determining whether a neighbor cell is a neighbor of a serving cell, where the serving cell and the neighbor cell belong to a same communication network that includes a user terminal served by the serving cell. The method includes receiving at a base station of the serving cell, via the user terminal, a first identity of the neighbor cell, a second identity of the neighbor cell, and a random number generated by a base station of the neighbor cell; sending, from the base station of the serving cell, a request to the base station of the neighbor cell, for establishing a neighbor relation, wherein the request includes the received random number; and obtaining at the base station of the serving cell a response from the base station of the neighbor cell in response to the request, the response indicating acceptance or denial of the neighbor relation.

Abstract: Methods, apparatus, and computer program products for creating an association between a first user equipment and at least one access point assisted by a registration server in a telecommunication network are disclosed. The registration server responds to a first contact request carried out using a first association number for the access point, provided by the first user equipment, receives a first association request for the association with the access point, provided by the first user equipment, authorizes the first association request based on a first authorization information provided by the first user equipment; registers the association between the first user equipment and the access point responsive to authorization of the first association request. The first user equipment is associated with the access point and the association is administered by the registration server.

Abstract: In a procedure for delivering streaming media, a Client first requests the media from an Order Server. The Order Server authenticates the Client and sends a ticket to the Client. Then, the Client sends the ticket to a Streaming Server. The Streaming Server checks the ticket for validity and if found valid encrypts the streaming data using a standardized real-time protocol such as the SRTP and transmits the encrypted data to the Client. The Client receives the data and decrypts them. Copyrighted material adapted to streaming can be securely delivered to the Client. The robust protocol used is very well suited for in particular wireless clients and similar devices having a low capacity such as cellular telephones and PDAs.

Abstract: In a procedure for delivering streaming media, a Client first requests the media from an Order Server. The Order Server authenticates the Client and sends a ticket to the Client. Then, the Client sends the ticket to a Streaming Server. The Streaming Server checks the ticket for validity and if found valid encrypts the streaming data using a standardized real-time protocol such as the SRTP and transmits the encrypted data to the Client. The Client receives the data and decrypts them. Copyrighted material adapted to streaming can be securely delivered to the Client. The robust protocol used is very well suited for in particular wireless clients and similar devices having a low capacity such as cellular telephones and PDAs.

Abstract: A method for achieving a secure recording and storing of a recorded activity is based on an extended Digital Rights Management (DRM) system. A recording and storing procedure is initiated, in response to recognising one or more triggers at a device hosted by a user equipment. On the basis of the one or more triggers a Rights Issuer is located, and a Recording and Storing Instruction (RSI) is retrieved from the RI, using an existing DRM standard. Based on the RSI, a trusted storage for storing the recorded activity is located, and one or more recording procedures, involving one or more recording equipments, are activated and managed by the device. Before the recorded content is forwarded to the trusted storage, a protected content is generated from the recorded content, according to content of the RSI.

Abstract: A tamper-resistant electronic circuit is configured for implementation in a device. The electronic circuit securely implements and utilizes device-specific security data during operation in the device, and is basically provided with a tamper-resistantly stored secret not accessible over an external circuit interface. The electronic circuit is also provided with functionality for performing cryptographic processing at least partly in response to the stored secret to generate an instance of device-specific security data that is internally confined within said electronic circuit during usage of the device. The electronic circuit is further configured for performing one or more security-related operations or algorithms in response to the internally confined device-specific security data. In this way, secure implementation and utilization device-specific security data for security purposes can be effectively accomplished.