Abstract: Methods and systems are provided for sharing information and improving the functioning of devices by blocking potentially harmful communications. In the methods and systems disclosed, a security component on an electronic device may receive a policy. The security component may also receive, from a local device proxy on the electronic device, information pertaining to a communication. The security component may compare the information pertaining to the communication to the policy. The comparison may result in a determination that the communication is potentially harmful. The security component may then instruct the local device proxy to block the communication from proceeding past the local device proxy.

Abstract: Methods and systems are provided for sharing information and improving the functioning of devices by blocking potentially harmful communications. In the methods and systems disclosed, a security component on an electronic device may receive a policy. The security component may also receive, from a local device proxy on the electronic device, information pertaining to a communication. The security component may compare the information pertaining to the communication to the policy. The comparison may result in a determination that the communication is potentially harmful. The security component may then instruct the local device proxy to block the communication from proceeding past the local device proxy.

Abstract: Methods and systems are provided for sharing security risk information between collections of computing devices, such as mobile communications devices, to improve the functioning of devices associated with the collections. The methods and systems disclosed may share security risk information by identifying a security risk response by a first collection and then providing the security risk response to a second collection when a relationship database profile for the first collection indicates the security response may be shared with the second collection. Methods and systems are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: Methods are provided for determining an enterprise risk level, for sharing security risk information between enterprises by identifying a security response by a first enterprise and then sharing the security response to a second enterprise when a relationship database profile for the first collection indicates the security response may be shared. Methods are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: Methods and systems are provided for sharing security risk information between collections of computing devices, such as mobile communications devices, to improve the functioning of devices associated with the collections. The methods and systems disclosed may share security risk information by identifying a security risk response by a first collection and then providing the security risk response to a second collection when a relationship database profile for the first collection indicates the security response may be shared with the second collection. Methods and systems are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: The embodiments described herein describe technologies for a device definition process to establish a unique identity and a root of trust of a cryptographic manager (CM) device, the CM device to be deployed in a CM system. The device definition process can take place in a device definition phase of a manufacturing lifecycle of the CM device. One implementation includes a non-transitory storage medium to store an initialization application that, when executed by a CM device, causes the CM device to perform a device definition process to generate a device definition request to establish the unique identity and the root of trust. In response to the device definition request, the initialization application obtains device identity and device credentials of the CM device and stores the device definition request in storage space of a removable storage device.

Abstract: An analysis including a comparison is performed of first and second applications and a determination is made regarding whether the first is a counterfeit version of the second application, or vice-versa. Based on the analysis and comparison, and based on an assessment of the first application, an assessment of the second application may be generated.

Abstract: Methods are provided for determining an enterprise risk level, for sharing security risk information between enterprises by identifying a security response by a first enterprise and then sharing the security response to a second enterprise when a relationship database profile for the first collection indicates the security response may be shared. Methods are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: The embodiments described herein describe technologies for a device definition process to establish a unique identity and a root of trust of a cryptographic manager (CM) device, the CM device to be deployed in a CM system. The device definition process can take place in a device definition phase of a manufacturing lifecycle of the CM device. One implementation includes a non-transitory storage medium to store an initialization application that, when executed by a CM device, causes the CM device to perform a device definition process to generate a device definition request to establish the unique identity and the root of trust. In response to the device definition request, the initialization application obtains device identity and device credentials of the CM device and stores the device definition request in storage space of a removable storage device.

Abstract: An analysis including a comparison is performed of first and second applications and a determination is made regarding whether the first is a counterfeit version of the second application, or vice-versa. Based on the analysis and comparison, and based on an assessment of the first application, an assessment of the second application may be generated.

Abstract: A crawler program collects and stores application programs including application binaries and associated metadata from any number of sources such as official application marketplaces and alternative application marketplaces. An analysis including comparisons and correlations are performed among the collected data in order to detect and warn users about pirated or maliciously modified applications.

Abstract: A crawler program collects and stores application programs including application binaries and associated metadata from any number of sources such as official application marketplaces and alternative application marketplaces. An analysis including comparisons and correlations are performed among the collected data in order to detect and warn users about pirated or maliciously modified applications.

Abstract: The invention proposes a method for controlling a packet transmission between a sender and a receiver sent via a packet transport protocol, the receiver being a mobile network element, comprising the steps of detecting whether a mobility event has occurred, detecting whether a downlink packet loss has occurred, and providing, in case a mobility event and a packet loss has been detected, an indication to the sender that a packet loss due to mobility has occurred.

Abstract: The present invention provides an enhanced H-ARQ scheme that optimizes bandwidth utilization and spectrum efficiency. When an H-ARQ attempt is unsuccessful due to loss or error over a hop between the BS and MS/SS, then only the first node in the hop chain that fails to decode the packet transmits another H-ARQ attempt. The BS determines the first node that fails on decoding based on certain information such as the feedback information sent from the nodes on the path. The previous node of the failed node is then instructed to retransmit by the BS.

Abstract: Various example embodiments are disclosed relating to efficient techniques for error detection and authentication in wireless networks. For example, according to an example embodiment, an apparatus adapted for wireless communication in a wireless network may include a processor. The processor may be configured to transmit a message including a field to provide both authentication and error detection for the message. The field may include an authenticated checksum sequence.

Abstract: A mobile station (100) and a compression/decompression node in a wireless network (5), preferably the GGSN 30 (30), agree on whether to apply compression/decompression, and what compression/decompression scheme to use either by pre-configuration (when the GGSN 30 is in the home network of the mobile terminal) or by signalling (when the GGSN 30 is in a visited or a roamed-to network). Additional information, such as a profile-specific dictionary, may be used to increase the compression efficiency, particularly during start-up. Dynamic data can also be accommodated. The compression/decompression may be turned on and off on a packet-by-packet basis, depending on whether the compression actually results in a smaller packet. A compressed/uncompressed indicator bit or bits can be inserted explicitly on a per packet basis, and/or the compressed/uncompressed indication can be derived implicitly.

Abstract: Various example embodiments are disclosed relating to efficient techniques for error detection and authentication in wireless networks. For example, according to an example embodiment, an apparatus adapted for wireless communication in a wireless network may include a processor. The processor may be configured to transmit a message including a field to provide both authentication and error detection for the message. The field may include an authenticated checksum sequence.

Abstract: Various example embodiments are disclosed relating to contention window management in relay networks. In an example embodiment, a data unit transmitted from a network node based on a first contention window associated with a first network station may be received, for example, by the first network station located, for example, on a first level. The data unit may be forwarded to a second network station based on a second contention window associated with the second network station. The second network station may, for example, be located on a second level. The first network station may, for example, include a relay station and the second network station may, for example, include a base station.

Abstract: A method and equipment for accelerating throughput of communication segments from a sender (30) to a receiver (40) each of which include a protocol layer (30a 40a) for providing such segments, the method in case of TCP including a first step (20a) in which the sender protocol layer (30a) initializes a congestion window (cwnd) to some initial size (iwnd) and increases the congestion window by one segment each time it receives an ACK, but upon receiving an indication of low congestion, performs a step (20c) of accelerated start in which it sets a slow start threshold (SSTHRES) to a standard initial value (typically 65535) and re-initializes cwnd to a new value, and the sender protocol layer (30a) then increments cwnd at one or another predetermined rate—depending on whether the start immediately follows a new connection or instead follows a transfer of an existing connection to a new path—in respect to received ACKs.

Abstract: The present invention provides an enhanced H-ARQ scheme that optimizes bandwidth utilization and spectrum efficiency. When an H-ARQ attempt is unsuccessful due to loss or error over a hop between the BS and MS/SS, then only the first node in the hop chain that fails to decode the packet transmits another H-ARQ attempt. The BS determines the first node that fails on decoding based on certain information such as the feedback information sent from the nodes on the path. The previous node of the failed node is then instructed to retransmit by the BS.