Abstract: A method of securing a virtual address space against unauthorized access from an unauthorized agent includes generating a superimposed address space corresponding to the virtual address space, dilating the superimposed address space by inserting dummy memory at a plurality of locations in the superimposed address space, and displacing the superimposed address space by shifting a segment of the superimposed address space by a d-bit key. A computer processor includes a memory and a dedicated functional unit in a stage of a pipeline of the computer processor, the computer processor including an instruction that when executed by the dedicated functional unit causes the computer processor to translate one or more pointers between displaced and dilated address spaces of the memory and virtual address spaces of the memory.

Abstract: A computer system includes an ensemble moving target defense architecture that protects the computer system against attack using one or more composable protection layers that change each churn cycle, thereby requiring an attacker to acquire information needed for an attack (e.g., code and pointers) and successfully deploy the attack, before the layers have changed state. Each layer may deploy a respective attack information asset protection providing multiple respective attack protections each churn cycle, wherein the respective attack information asset protections may differ.

Abstract: A method of securing a virtual address space against unauthorized access from an unauthorized agent includes generating a superimposed address space corresponding to the virtual address space, dilating the superimposed address space by inserting dununy memory at a plurality of locations in the superimposed address space, and displacing the superimposed address space by shifting a segment of the superimposed address space by a d-bit key. A computer processor includes a memory and a dedicated functional unit in a stage of a pipeline of the computer processor, the computer processor including an instruction that when executed by the dedicated functional unit causes the computer processor to translate one or more pointers between displaced and dilated address spaces of the memory and virtual address spaces of the memory.

Abstract: A computer system includes an ensemble moving target defense architecture that protects the computer system against attack using one or more composable protection layers that change each churn cycle, thereby requiring an attacker to acquire information needed for an attack (e.g., code and pointers) and successfully deploy the attack, before the layers have changed state. Each layer may deploy a respective attack information asset protection providing multiple respective attack protections each churn cycle, wherein the respective attack information asset protections may differ.

Abstract: In one embodiment, a method includes: receiving, from a mobile gateway associated with the computing system, a first request for first content provided by a content publisher, the first request being sent from a mobile device; determining, based on information associated with the first request and one or more policies, that the first content is to be provided to the mobile gateway through one or more caching gateways associated with the mobile gateway; identifying at least one of the one or more caching gateways to provide the requested first content; and sending, to the mobile gateway, first instructions configured to cause the mobile gateway to obtain the requested first content from the identified at least one caching gateway.

Abstract: A computer system includes an ensemble moving target defense architecture that protects the computer system against attack using a plurality of composable protection layers that change each churn cycle, thereby requiring an attacker to acquire information needed for an attack (e.g., code and pointers) and successfully deploy the attack, before the layers have changed state. Each layer may deploy a different attack information asset protection providing multiple different attack protections each churn cycle.

Abstract: In one embodiment, a method includes: receiving, from a mobile gateway associated with the computing system, a first request for first content provided by a content publisher, the first request being sent from a mobile device; determining, based on information associated with the first request and one or more policies, that the first content is to be provided to the mobile gateway through one or more caching gateways associated with the mobile gateway; identifying at least one of the one or more caching gateways to provide the requested first content; and sending, to the mobile gateway, first instructions configured to cause the mobile gateway to obtain the requested first content from the identified at least one caching gateway.

Abstract: A computer system includes an ensemble moving target defense architecture that protects the computer system against attack using a plurality of composable protection layers that change each churn cycle, thereby requiring an attacker to acquire information needed for an attack (e.g., code and pointers) and successfully deploy the attack, before the layers have changed state. Each layer may deploy a different attack information asset protection providing multiple different attack protections each churn cycle.

Abstract: A wireless surface acoustic wave sensor includes a piezoelectric substrate, a surface acoustic wave device formed on the substrate, and an antenna formed on the substrate. In some embodiments, the antenna is formed on the surface of the substrate using one or more of photolithography, thin film processing, thick film processing, plating, and printing.

Abstract: An access controller is coupled to an access point and receives data packets from connected user equipment. The access controller is configured to perform packet inspection techniques on the received packets to determine if they should be locally switched. In some embodiments, packets destined for a local intranet services may be locally switched to avoid congesting a core network link. In further embodiments, a local connection to the Internet may be used so that locally switched packets can also be directed to the Internet without the use of a core network link. In still further embodiment, in addition to packet inspection techniques, the access controller maintains a state table for the states of connected user equipment. The access controller may use the information in this table to further decide whether to perform local switching techniques.

Abstract: The present invention provides a method of operating a femtocell control module in control of a femtocell, comprising transmitting a request to operate the femtocell to an external control system; receiving a response from the external control system, where the response comprises an operational constraint on the femtocell; and causing the femtocell to conduct cellular communications according to the operational constraint.

Abstract: A system and method for establishing a multimedia session between a wireless user terminal and a network device. Embodiments include systems and methods for receiving a request from a wireless terminal initiating a call event to the network device; generating and sending a multimedia session invitation to a multimedia call control entity requesting a multimedia session with the network device; receiving a multimedia status message from the multimedia call control entity indicating the progress of initiating the multimedia session; and triggering setup of a radio access bearer to handle the multimedia session in response to the multimedia status message.

Abstract: A wireless surface acoustic wave sensor includes a piezoelectric substrate, a surface acoustic wave device formed on the substrate, and an antenna formed on the substrate. In some embodiments, the antenna is formed on the surface of the substrate using one or more of photolithography, thin film processing, thick film processing, plating, and printing.

Abstract: The present application describes methods for performing proxy communications between mobile stations connected to a femtocell network and a central telephone network controlled by a network operator. In some embodiments, a private branch exchange is configured to temporarily assign identification numbers to the mobile stations connected to the femtocell network. Incoming calls are directed to the private branch exchange rather than the connected mobile stations. After receiving the incoming call, the private branch exchange routes the incoming call to the correct mobile station. In some embodiments, these methods also enable mobile stations to cross between femtocell coverage areas within the same femtocell network without constantly updating the central network operator.

Abstract: A system and method for establishing a multimedia session between a wireless user terminal and a network device. Embodiments include systems and methods for receiving a request from a wireless terminal initiating a call event to the network device; generating and sending a multimedia session invitation to a multimedia call control entity requesting a multimedia session with the network device; receiving a multimedia status message from the multimedia call control entity indicating the progress of initiating the multimedia session; and triggering setup of a radio access bearer to handle the multimedia session in response to the multimedia status message.

Abstract: Methods, apparatus and computer program products for providing an autonomously organizing network enable a cellular network to maintain stable operation despite unpredictable addition or removal of network devices. In addition, a network operator can create a scalable deployment that provides for operational efficiency and reduced cost burden of new equipment by enabling many existing processes to remain relevant. A method for providing such a network provides for collecting radio data from a first peer device, collecting topological data from the first peer device or a second peer device, creating a message from the topological and the radio data, and sending the message to a network device.

Abstract: In a cellular communication network having a plurality of access points serving wireless terminals, methods and apparatus for facilitating handoff of a wireless terminal from a first access point to a second access point. In various embodiments, the process includes storing in a memory device at the wireless terminal a cell identifier, wherein the cell identifier includes a special character enabling the cell identifier to identify a plurality of access points to which the wireless terminal can be handed off; and the wireless terminal using the stored address information to determine access points to which a handoff may be implemented. One or more cell identifiers stored in the memory can be used as a neighbor list, which can be used to identify handoff possibilities or topographical adjacencies.

Abstract: An access controller is coupled to an access point and receives data packets from connected user equipment. The access controller is configured to perform packet inspection techniques on the received packets to determine if they should be locally switched. In some embodiments, packets destined for a local intranet services may be locally switched to avoid congesting a core network link. In further embodiments, a local connection to the Internet may be used so that locally switched packets can also be directed to the Internet without the use of a core network link. In still further embodiment, in addition to packet inspection techniques, the access controller maintains a state table for the states of connected user equipment. The access controller may use the information in this table to further decide whether to perform local switching techniques.

Abstract: Apparatus and methods for providing a virtual communication link between a network controller such as a femtocell controller and other entities external to the femtocell network. A femtocell controller can be configured to receive messages (for example, cells or packages) from a plurality of femtocells within the femtocell network and to package those messages for transport in an aggregated manner across an external network that utilizes a protocol different from the femtocell network, creating a virtual circuit or tunnel across that network to the external entity.

Abstract: The present application describes methods for performing proxy communications between mobile stations connected to a femtocell network and a central telephone network controlled by a network operator. In some embodiments, a private branch exchange is configured to temporarily assign identification numbers to the mobile stations connected to the femtocell network. Incoming calls are directed to the private branch exchange rather than the connected mobile stations. After receiving the incoming call, the private branch exchange routes the incoming call to the correct mobile station. In some embodiments, these methods also enable mobile stations to cross between femtocell coverage areas within the same femtocell network without constantly updating the central network operator.