Abstract: A system and method for performing multifactor mobile authentication are described whereby a mobile communications device includes a contactless reader for receiving and validating a unique identifier stored in an external authenticating module prior to granting access to locally stored electronic authenticating material required to access an external resource. In one embodiment, the mobile communications device is a mobile telephone having an RFID reader for receiving the unique identifier from an RFID tag incorporated into the external authenticating module. Preferably, the external authenticating module is associated with a user, such as by being part of the user's jewelry or clothing. The mobile authentication device includes an RFID authenticator module that detects external resource access requests and checks whether the requested resource is on a list of resources that require additional user authentication prior to granting access to locally stored authenticating material.

Abstract: A system and method are described whereby a mobile device controls access to mobile applications based on access conditions associated with a current access network. To prevent mobile applications from running when the access conditions are not suitable, the mobile device includes a policy database used to store a list of access conditions that are inappropriate for launching the installed applications. The access conditions are based on the type of the current access network used by the mobile device for launching or maintaining the requested application session. The access conditions indicate whether the mobile device is currently accessing its home network or roaming on another provider's network. Similarly, the access conditions indicate the type of network access interface used by the current network to provide the data connection necessary to run the requested application. The policy database correlates predetermined actions with the access conditions associated with a given application session.

Abstract: A method for offloading encryption and decryption of a message received at a message server to one or more end devices that are remote from the message server. An encrypting end device remote from the message server encrypts a message using cryptographic context and transmits the cryptographic context and encrypted message to the message server for storage at the message server. The message server stores the encrypted message as received without decrypting the message. The message server sends the stored cryptographic context and the encrypted message to a decrypting end device in response to the decrypting end device sending a request for the message server to transmit the encrypted message to the decrypting end device. The decrypting end device uses the cryptographic context to decrypt the encrypted message and then presents the decrypted message to a user of the decrypting end device.

Abstract: A Media Gateway proxy receives a message and parses the message. The message contains an attribute, sub-command, and a destination address. The proxy stores the message and the attributes. Each of the attributes corresponds to a selected one of a plurality of Media Gateways. Each of the gateways has an address. The proxy finds in the memory the address of the selected Media Gateway using the destination address and the attribute. The proxy then forms a message using said sub-command, said address, and said attribute and transmits the message to the destination Media Gateway.

Abstract: A system and method for performing multifactor mobile authentication are described whereby a mobile communications device includes a contactless reader for receiving and validating a unique identifier stored in an external authenticating module prior to granting access to locally stored electronic authenticating material required to access an external resource. In one embodiment, the mobile communications device is a mobile telephone having an RFID reader for receiving the unique identifier from an RFID tag incorporated into the external authenticating module. Preferably, the external authenticating module is associated with a user, such as by being part of the user's jewelry or clothing. The mobile authentication device includes an RFID authenticator module that detects external resource access requests and checks whether the requested resource is on a list of resources that require additional user authentication prior to granting access to locally stored authenticating material.

Abstract: A method to support the assignment of a globally unique network public address and, optionally, a number of locally unique ports to a first private network subdevice having a private network address on a network access system from a second private network subdevice having a public network address using Realm Specific Internet Protocol, wherein the public network address is used by the first private network device to communicate with network devices on an external network.

Abstract: A system and method are described whereby a mobile device controls access to mobile applications based on access conditions associated with a current access network. To prevent mobile applications from running when the access conditions are not suitable, the mobile device includes a policy database used to store a list of access conditions that are inappropriate for launching the installed applications. The access conditions are based on the type of the current access network used by the mobile device for launching or maintaining the requested application session. The access conditions indicate whether the mobile device is currently accessing its home network or roaming on another provider's network. Similarly, the access conditions indicate the type of network access interface used by the current network to provide the data connection necessary to run the requested application. The policy database correlates predetermined actions with the access conditions associated with a given application session.

Abstract: A method for offloading encryption and decryption of a message received at a message server to one or more end devices that are remote from the message server. An encrypting end device remote from the message server encrypts a message using cryptographic context and transmits the cryptographic context and encrypted message to the message server for storage at the message server. The message server stores the encrypted message as received without decrypting the message. The message server sends the stored cryptographic context and the encrypted message to a decrypting end device in response to the decrypting end device sending a request for the message server to transmit the encrypted message to the decrypting end device. The decrypting end device uses the cryptographic context to decrypt the encrypted message and then presents the decrypted message to a user of the decrypting end device.

Abstract: A Media Gateway proxy receives a message and parses the message. The message contains an attribute, sub-command, and a destination address. The proxy stores the message and the attributes. Each of the attributes corresponds to a selected one of a plurality of Media Gateways. Each of the gateways has an address. The proxy finds in the memory the address of the selected Media Gateway using the destination address and the attribute. The proxy then forms a message using said sub-command, said address, and said attribute and transmits the message to the destination Media Gateway.