Abstract: An ID is being calculated in a manner distributed among devices of the user's personal area network (PAN). The devices communicate in a wireless manner. A server runs a simulation of the PAN. If the server and the PAN calculate matching results, it is assumed that the user's ID is correct for purposes of conditional access. The distribution of the calculation of the ID among the user's PAN devices and its, for practical purposes, stochastic nature render the system very hard to hack.

Abstract: A wireless local area network system (100) supporting mobile radio telephony reduces the time to complete an authenticated handover from one access point (104) to another (108) by a mobile station (102) by performing some of the steps normally performed upon leaving one access point while still associated with that access point. More particularly, the mobile station causes a cryptographic key (204) to be preestablished (212) for use when handing over to a new access point. The cryptographic key is derived at the mobile station, and is also derived in the WLAN infrastructure and stored until the mobile station initiates a handover.

Abstract: Installation (wired connection) of a function expansion device in a portable information terminal is detected. This detection causes a connection authentication code to be generated. The generated connection authentication code is stored in each of the portable information terminal and the function expansion device via a wire circuit so as to be used for authentication for wireless connection.

Abstract: A cellular phone has distributed encrypted content data and an encrypted content key stored in a memory. The encrypted content key data read out from the memory is decrypted by a decryption processing unit using key data Kp stored in a Kp hold unit, and then applied to a audio reproduction module. A decryption processing unit decrypts encrypted content data read out from the memory using a content key Kc extracted by the decryption processing unit to reproduce content data Dc.

Abstract: A method for setting up a radio bearer in a radio interface protocol, including transferring ciphering performance information from a designated layer to a radio resource control (RRC) layer, transferring the ciphering performance information from the RRC layer to a radio link control (RLC) layer, and enciphering data at the RLC layer in accordance with the ciphering performance information.

Abstract: The phone number used by a caller accessing a telecommunication service is derived. For example, this phone number may be used to look up in a first database the name of the user registered with the service, and in a second database the name of the subscriber assigned the phone number. If the two names correspond, the caller is provided with the telecommunication service. Otherwise, a fraud has been detected and various consequences may be visited upon the caller or the user. Some of these consequences include denying use of the service, charging the caller extra for use of the service, etc.

Abstract: A wireless LAN access authentication system capable of shortening the time required for an access authentication procedure of a radio terminal apparatus. In this wireless LAN access authentication system, when a radio terminal apparatus 116 of a user who has sent an access request is already registered through initial access, a gateway apparatus 111 searches for a WEP key assigned to the radio terminal apparatus 116 through a WEP key control section 306 and redistributes the WEP key registered beforehand to a new access point section 124 in the destination area and the radio terminal apparatus 116. The radio terminal apparatus 116 and access point section 124 to which the WEP key has been distributed encrypt transmission/reception data in a predetermined radio section using the redistributed WEP key and carry out a communication.

Abstract: Data administration method which prevents the infringement of a copyright by encrypting and distributing digital content, and readily grasps which contents are contained in the digital content included in the data. Preparing symbol information symbolized so as to visually and auditorily recognize the contents of the digital content that conduct distribution (Step S12), embedding the symbol information in a header data section (Step S13), encrypting the digital content (Step S15), embedding consent information including the information on the contents key in the header data section as an electronic watermark (Step S16), and compositing the real data section and the consent-information-added header data section and distributing the composite data (Step S17).

Abstract: The invention protects the security of a communication between a mobile radio and a radio access network (RAN). A connection is established through the RAN to support a communication with the mobile radio. The connection is configured with a first security configuration. One or more messages are sent over the connection using the first security configuration, each message having a message sequence number. When the connection needs to be configured to a second security configuration, an activation message sequence number associated with the reconfiguration is set. When the reconfiguration process is complete and the second security configuration is to be activated, the next message is sent over the connection with the activation message sequence number. Until that time and during the reconfiguration, when the mobile radio transmits a message with a message sequence number lower than the activation message sequence number to the RAN, it uses the first security configuration.

Abstract: A method of granting, to a user communications device, access to a service provided by a plurality of service communications devices where an access key code is generated during an initial communications session between the user communications device and one of the service communications devices. The established access key code is subsequently stored in the user communications device and made available to the service communications devices for use in subsequent communications sessions between the user communications device and any one of the service communications devices. The invention further relates to a communications system and a user communications device.

Abstract: An enterprise communications system for implementing, accessing, using, and managing enterprise-specific resources includes one or more Mandate clients, each Mandate client including a wireless communication device and an enterprise-specific identity module installed in such wireless communication device, a digital mobile communications network operative to provide a wireless communications link to each Mandate client, a Mandate server interfaced with the digital mobile communications network and interconnected to the enterprise-specific resources, each enterprise-specific identity module having stored therein a unique authentication key and cryptographic algorithms, the unique authentication key and the cryptographic algorithms of each enterprise-specific identity module being available to the digital mobile communications network and the Mandate server, wherein each Mandate client, the digital mobile communications network and the Mandate server utilize the unique authentication key and the cryptographic al

Abstract: A method for executing secure data transfer between a communication device and an application server in a wireless network, in which a request requiring a secure transaction of data is sent from either the communication device or the server. An agreement proposal for the secure transaction is sent to the communication device, and if the agreement proposal is considered acceptable, the agreement proposal is sent to a security adapter. Details of the transaction are entered into a message and sent to a smart card in order to activate a signing application in the smart card. The details of the transaction are displayed on the communication device, and if the transaction is accepted, the signing application signs the data and sends it to the security adapter via messages, the signature is verified, and the data is sent to the server.

Abstract: The infrastructure has a core network, radio network controllers linked to the core network and base stations provided with radio interfaces and each linked to one of the controllers. Ciphered information is transmitted over a first communication path in circuit mode between the core network and the terminal, passing through a first master controller, then over a second communication path in circuit mode between the core network and the terminal, passing through a second master controller. The second path is established in a transfer procedure comprising the transmission of adjustment data from the first to the second master controller and the suppression of the first path. These data are representative of a current value of a sequence number used to encipher the information and incremented at regular intervals, and of an offset between this sequence number and a time reference available to the second controller.

Abstract: Multiple format secure voice apparatus for communication handsets includes a core unit with a speaker, a microphone, a keypad, and a display. The core unit also includes an audio circuit coupled to the speaker and the microphone, an encryption/decryption element coupled to the audio circuit, a coder/decoder element coupled to the audio circuit and the encryption/decryption element, and a control element coupled to the keypad, the display, the audio circuit, the encryption/decryption element, and the coder/decoder element. A standard interface coupling is connected to an audio I/O terminal, a data I/O terminal of the coder/decoder element, and a control I/O terminal of the control element. A mating standard interface coupling mates with the standard interface coupling of the core unit and is coupled to the mating standard interface coupling.

Abstract: In a communications system, a method of transforming a set of message signals representing a message comprising the steps of first encoding one of the set of message signals in accordance with a first keyed transformation, a second encoding of the one of the set of message signals in accordance with at least one additional keyed transformation, a third encoding of the one of the set of message signals in accordance with a self inverting transformation in which at least one of the set of message signals is altered, a fourth encoding of the one of the set of message signals in accordance with at least one additional inverse keyed transformation wherein each of the at least one additional inverse keyed transformation is a corresponding inverse of at least one additional keyed transformation, and fifth encoding the one of the set of message signals in accordance with first inverse keyed transformation wherein the first inverse keyed transformation is the inverse of the first keyed transformation.

Abstract: Ciphered information is transmitted over a first communication path in circuit mode between a core network and a terminal, passing through a first master controller, then over a second path between the core network and the terminal, passing through a second master controller. The second path is established in a procedure comprising the transmission of data from the first to the second master controller, a phase of simultaneous transmission of radio signals by the infrastructure on the first and second paths, then the suppression of the first path. The radio signals transmitted on the two paths during the phase of simultaneous transmission transport the same information, ciphered with offset sequence numbers, and the radio terminal switches over from the first to the second path while advancing the ciphering sequence number in such a way as to align it with the offset number used by the second controller.

Abstract: A technique for generating a correlation number for use in lawful interception of telecommunications traffic includes handling one of either a “PDP (Packet Data Protocol) context activation” or “Start of intercept(ion) with PDP context active” event and generating a unique PDP-ID (PDP Context Identifier) in response thereto. An MCC (Mobile Country Code) and an MNC (Mobile Network Code) of a network operator is identified, as is a DF (Delivery Function)-ID of a DF. The MCC and MNC are combined to generate an Operator-ID. The generated PDP-ID and the generated Operator-ID and the DF-ID are combined to generate the correlation number.

Abstract: The image of an object to be monitored is captured periodically by a digital camera. A monitoring computer is accessed from a mobile telephone, whereupon still-image data representing the latest image captured by the digital camera is stored in the monitoring computer. The still-image data is subjected to a data conversion so as to be displayable by a display device of the mobile telephone. The still-image data that has undergone the data conversion is transmitted from the monitoring computer to the mobile telephone.

Abstract: Transmission-based data security is provided in dense wavelength division multiplexing systems using a transmission scheme that incorporates hierarchical scrambling techniques with a unique multiplexing arrangement. Information supplied by one or more sources is multiplexed according to a predetermined scrambling pattern and transmitted in a parallel format using one or more wavelength channels in a wavelength division multiplexed signal. By transmitting the multiplexed and scrambled information in parallel, the wavelength channels effectively function as a parallel bus (a “wavelength bus”). Multiple stages of scrambling can be applied to the multiplexed and scrambled information transported in the wavelength bus. For example, individual bit streams carried within each wavelength channel of the wavelength bus can be separately scrambled according to another predetermined scrambling pattern.

Abstract: Wireless devices and methods employ steganography to convey auxiliary data in addition to audio information. An exemplary application is a battery-powered cell phone, having, e.g., a microphone, a speaker, a modulator, an antenna, and an RF amplifier. The steganographically-encoded auxiliary data can be sent to, and/or sent from, such a device, and used for purposes including authentication, system administration, etc. The auxiliary information may include GPS or location information, date and/or time information, phone identification and user speech or voice identification.

Abstract: A start value is x bits in size and is used to provide an initial value to an n-bit security count value. A wireless communications device establishes channels with a compatible device, and releases channels established with the compatible device. For every channel established by the wireless communications device, a corresponding terminal value is obtained. A terminal value for a channel is the highest value reached by the x most significant bits (MSB ) of an n-bit security count value associated with the channel. The security count value is used to encipher data transmitted along the channel. A final value that is obtained that is the greatest value of all the terminal values. Finally, a start value is stored in the memory of the wireless device that is at least as large as the final value.

Abstract: A system and method for proactively detecting cloning fraud in a cellular mobile telephone environment are discussed. Information is collected which corresponds to registration notifications of the cellular telephones as they operate within the cellular mobile telephone environment. The registration information is used to detect time-space peculiarities. Specifically, registrations having the same mobile identification number and occurring in different mobile switching centers within a predetermined time interval are identified. This time interval, based on a reasonable travel time between cells covered by the different mobile switching centers where the registrations originated, is used as a threshold for detecting cloning fraud.

Abstract: A process controlling unit included in a multifunction-device controller sends an acquired ID number and a request for identifying the user corresponding to the ID number, to a controller server. The controller server searches a user management file for user information corresponding to the ID number. The controller server sends, to the multifunction-device controller, information representing that user verification is successfully made when user information is acquired. Upon reception of such information, the process controlling unit permits the verified user to operate a copier making copies of documents. Upon completion of the copying operation, the process controlling unit acquires information representing the number of copies made by the user. Then, the process controlling unit creates usage information of the copier, and sends the created usage information to the controller server. The controller server stores the received usage information into a usage-information management file.

Abstract: The present invention relates to wireless communication systems, such as cellular systems and PCS systems, and more particularly relates to methods and systems for reducing theft of wireless telephony services by use of steganographically encoded authentication data.