Abstract: A same wireless access profile is installed on each of multiple mobile communication devices. The wireless access profile includes outer identity information and anonymous inner identity information for each service. The anonymous inner identity information includes a credential used by each of the multiple mobile communication devices to use the service. To use the service such as access a remote network, a respective mobile communication device communicates an anonymous username and password assigned to the service to a policy server during first level authentication. The policy server stores a network address of the authenticated mobile communication device. During second level authentication, the policy server receives an identity of the mobile communication device from a network gateway. The policy server provides access control information (assigned to the service) to the network gateway.

Abstract: A same wireless access profile is installed on each of multiple mobile communication devices. The wireless access profile includes outer identity information and anonymous inner identity information for each service. The anonymous inner identity information includes a credential used by each of the multiple mobile communication devices to use the service. To use the service such as access a remote network, a respective mobile communication device communicates an anonymous username and password assigned to the service to a policy server during first level authentication. The policy server stores a network address of the authenticated mobile communication device. During second level authentication, the policy server receives an identity of the mobile communication device from a network gateway. The policy server provides access control information (assigned to the service) to the network gateway.

Abstract: Communication management hardware controls network access via generation and distribution of wireless access profiles. For example, the communication management hardware receives a network access request from first user equipment to use a network over an open SSID network. In response to detecting that the first user equipment operated by a non-subscriber is not yet authorized to use the network, such as because the first user equipment has not signed up for use of the network, the communication management hardware directs the first user equipment to a portal. The communication management hardware then communicates a wireless access profile to the first user equipment. In one arrangement, the wireless access profile is derived based on input from the first user equipment. The wireless access profile provides the first user equipment wireless access to the network via a secure SSID.

Abstract: A same wireless access profile is installed on each of multiple mobile communication devices. The wireless access profile includes outer identity information and anonymous inner identity information for each service. The anonymous inner identity information includes a credential used by each of the multiple mobile communication devices to use the service. To use the service such as access a remote network, a respective mobile communication device communicates an anonymous username and password assigned to the service to a policy server during first level authentication. The policy server stores a network address of the authenticated mobile communication device. During second level authentication, the policy server receives an identity of the mobile communication device from a network gateway. The policy server provides access control information (assigned to the service) to the network gateway.