Abstract: Embodiments of this application disclose a resource scheduling method, an access network device, and user equipment, to reduce a quantity of times of applying for an uplink resource by using a random access process, reduce additional signaling overheads brought to the user equipment, and reduce power consumption of the user equipment. The method part in the embodiments of this application includes: determining, by an access network device, a target time interval in which user equipment monitors a downlink control channel; and sending, by the access network device, uplink resource scheduling information to the user equipment by using the downlink control channel in the target time interval.

Abstract: A technique for operating a mobile station as wireless local-area network [“WLAN”] gateway. The mobile station is provided with a gateway application to control the following operations: activating (3-0) the WLAN means as a WLAN base station capable of communicating with at least one WLAN terminal over a WLAN network; creating a network identifier (3-2, 3-4) for the WLAN base station; assigning (3-8, 3-10) an internet protocol address for the at least one WLAN terminal; resolving domain name service [“DNS”] queries (3-12 . . . 3-18) in cooperation with an external DNS service system; assigning at least one port number for each protocol supported by the gateway application; and tunneling internet traffic (3-30 . . . 3-36) between the at least one WLAN terminal and an internet host over the broadband connection.

Abstract: Embodiments of the present invention disclose a method, an apparatus, and a system for establishing a security context and relates to the communications field, so as to comprehensively protect UE data. The method includes: acquiring an encryption algorithm of an access node; acquiring a root key and deriving, according to the root key and the encryption algorithm, an encryption key of the access node; sending the encryption key and the encryption algorithm to the access node, so that the access node starts downlink encryption and uplink decryption; sending the encryption algorithm of the access node to the UE so as to negotiate the encryption algorithm with the UE; and instructing the access node to start downlink encryption and uplink decryption and instructing, during algorithm negotiation, the UE to start downlink decryption and uplink encryption.

Abstract: Methods for operating a UE, a network node, a Session Management Function (SMF) and a Unified Data Management (UDM) are disclosed. The methods include transmitting, by a UE, a Protocol Data Unit (PDU) Session Establishment Request message toward an SMF in the communication network (902A), and receiving at the UE a policy decision on security protection of User Plane (UP) data terminating in a RAN for the PDU Session (904A). The policy decision received at the UE may be in accordance with a UP security policy provided by the SMF to the RAN during PDU Session Establishment. Also disclosed are a UE, network node, SMF and UDM.

Abstract: Embodiments of the present disclosure relate to a method for encryption and decryption, a programmable switch, and a computer program product. The method comprises receiving, at a programmable switch, encrypted data to be sent to a certain Internet of Things (IoT) device, wherein the encrypted data is encrypted using a public key of the programmable switch. The method further comprises decrypting the encrypted data using a private key of the programmable switch to obtain decrypted data, and then sending the decrypted data from the programmable switch to the IoT device. According to the embodiments of the present disclosure, the encryption and decryption operations of the IoT device can be transferred to the programmable switch for processing, and the programmable switch is used to help the IoT device perform encryption and decryption.

Abstract: A method, apparatus and computer program product are provided for facilitating efficient device discovery. In regards to a method implemented by a master device, a first identifier is received from a remote source. The method also receives one or more wireless device discovery packets comprising a second identifier from a proximate device, wherein the wireless device discovery packet comprises information compliant with a short-range communication technology to advertise presence of the proximate device or information compliant with a short-range communication technology to scan for proximate devices according to proximity-based communication technology.

Abstract: An automobile device receives first data from one or more transmitters located in an automobile. A random access preamble is transmitted on an uplink carrier to a base station in response to a pre-defined condition being met based on at least one of the following: the first data; a value of an internal timer; and a user input. A first message is transmitted to a network server via the base station over a bearer. The first message is configured to trigger establishment of a connection to the network server. A second message is received from the network server via the base station over the bearer. The second message is configured to cause transmission of the first data to the network server. The first data is transmitted to the base station via an established bearer.

Abstract: A camera has two or more color elements that are removable and replaceable. The color elements may include a lens, a color filter with a filter data interface, and an image sensor. A security processor includes a private key, firmware, and has storage room for one or more vegetation indices. The security processor securely decrypts, stores, and uses the indices. Firmware checks license terms and installed filters required in a selected index, and analyzes images based on a formula in the index, thresholds for the index value, and thresholds for an object's height above ground level. A positioning receiver (e.g. GPS) determines time and position, which the firmware uses for the license check and for the height AGL calculation. Differences in camera position allow determining a parallax calculation on correlated groups of pixels. The camera provides on-the-fly analysis, and tags and stores images for which alert conditions are met.

Abstract: A communication method, a communication device, and a readable storage medium, wherein the communication method includes: establishing a communication connection with a data source device; establishing a second wired connection with at least one other device; and exchanging identification information with the at least one other device through the second wired connection, thereby the at least one other device receiving communication data sent from the data source device according to the received identification information. With the above method, multi-device communication is performed quickly and reliably.

Abstract: The technology uses aggregated health data and outbreak models to conduct differential diagnosis and provide risk assessments that indicate a likelihood of contracting COVID-19. A healthcare organization server provides COVID-19 diagnostic kits and health applications to participating computing devices that log user health data and registers contacts with other participating users via wireless interactions. The organization compares received data with data received from computing devices from a plurality of other users and identifies common occurrences. The server creates an outbreak model of a geographic region based on the data. The server communicates a determined likelihood of contracting COVID-19 of the user to the user computing device. The server provides the outbreak model to the user, healthcare workers, or others for use in responding to the outbreak.

Abstract: A new compromise-resilient and compact cryptographic tool is provided that ensures a breach-resilient authentication and integrity of system measurements in computer systems. The described methods are forward-secure digital signatures with signature and partial public key aggregation capabilities. The methods reduce the total space overhead of signature and public key storage. The methods offer a high space efficiency for systems who has relatively low state transitions, wherein the same message is continuously signed and then followed by different messages.

Abstract: A telecommunications network includes a serving network and a home network. In some examples the serving network receives, from the home network, identity data associated with a network terminal. The serving network determines a tied key using a tying key derivation function (TKDF) based on the identity data, then prepares an authentication request based on the tied key and sends the request to the terminal. In some examples, the home network receives the identity data from the access network and determines a tied key using a TKDF. The home network then determines a confirmation message based on the first tied key. In some examples, the serving network receives the identity data from the home network, and receives a network-slice selector associated with the network terminal. The serving network determines a tied key using a TKDF based on the identity data and the network-slice selector.

Abstract: A vehicle control device is provided. The vehicle control device includes a terminal device authentication unit that determines whether a terminal device of a user registered as a user of a vehicle, in advance, is present around or within the vehicle. The vehicle control device also includes a communication unit that communicates with the terminal device. Also included in the vehicle control device is a control unit that causes a display device provided in the vehicle to output a screen for setting communication between the communication unit and the terminal device. The display device outputs the screen in a case where it is determined by the terminal device authentication unit that the terminal device is present and the display device is started up.

Abstract: A method includes providing a public encryption key and a seed to a party and receiving a first encrypted data set encrypted using the public encryption key and marked by the party with a first mark based on the seed. The method also includes aggregating the first encrypted data set into an aggregated data set at an aggregator and receiving an indication that a first operation associated with the party has been performed on the aggregated data set. In response to the receiving, updating the first encrypted data set of the aggregated data set by updating the first mark to a second mark according to the first operation, generating a verification encrypted data set according to at least the second mark and at least the corresponding first operation, verifying the aggregated data set by comparing the updated first encrypted data set and the verification encrypted data set.

Abstract: User identities, password, etc. represent the barrier between a user's confidential data and any other third party seeking to access this data. As multiple software applications, web applications, web services, etc. embody this confidential data it is a tradeoff between easy recollection of said identities, passwords, etc. and data security. However, malware by intercepting user credentials provides third parties access to even complex passwords, user credentials, security keys etc. even where these are changed/updated regularly. Within the prior art substantial work has gone into addressing malware. However, in many instances the user is at or very near the computer with a software application executing a transaction requiring credentials/authorisation with a portable electronic device or another device. Accordingly, it would be beneficial to provide users with an out-of-band communications channel for exchanging credentials and/or keys etc.

Abstract: A security protection method and an apparatus to implement security protection for a plurality of non-access stratum (NAS) connection links. The method includes determining, by a terminal, a first parameter, where the first parameter is used to indicate an access technology used to transmit a non-access stratum NAS message. The terminal can support at least two access technologies, and can separately maintain a corresponding NAS COUNT for each of the at least two access technologies. The method further includes performing, by the terminal, security protection on the NAS message based on the first parameter, a NAS key, and a NAS COUNT corresponding to an access technology used to transmit the NAS message. This application is applicable to a process of performing security protection on a NAS message.

Abstract: Provided is a method for changing, by a user equipment (UE), packet data convergence protocol (PDCP) version. The method may include: receiving a security mode command message, which includes a first security algorithm configuration for a PDCP of a first system and a second security algorithm configuration for a PDCP of a second system, from a base station (BS); deriving a first security key for the PDCP of the first system, based on the first security algorithm configuration; when the security mode command message passes an integrity protection check based on the first security key, changing the PDCP version from the PDCP of the first system to the PDCP of the second system; deriving a second security key for the PDCP of the second system, based on the second security algorithm configuration; and transmitting a security mode complete message, based on the second security key, to the BS.

Abstract: A method in a virtual private network (VPN) service environment, the method including measuring, during a given interval of time, respective durations of time associated with performing a plurality of processes for configuring VPN connections; calculating average respective durations of time based at least in part on the measured respective durations of time; configuring a progress indicator to indicate a total duration of time associated with configuring a VPN connection for a user device, the total duration of time being substantially equal to a sum of the average respective durations of time; and transmitting, to the user device, information associated with the progress indicator to enable display of the progress indicator on a screen associated with the user device. Various other aspects are contemplated.

Abstract: Embodiments of the present invention provide apparatus and methods for multi-link operations that include retransmission of data using different wireless links. The following discussion describes one such exemplary electronic system or computer system that can be used as a platform for implementing embodiments of the present invention. The multi-link device can be a multi-link wireless access point or a multi-link wireless station, for example. The multi-link device can operate multiple transceivers simultaneously to perform multi-link operations including retransmission using different wireless links. For example, the multi-link device can transmit an encrypted MPDU using a first wireless link, and retransmit the MPDU using a second wireless link by setting a MAC header of the MPDU according to a MAC address of the second wireless link, to advantageously enhance the performance, reliability, and efficiency of the wireless network.

Abstract: A network with a set of servers can support authentication from a module, where the module includes an embedded universal integrated circuit card (eUICC). The network can send a first network module identity, a first key K, and an encrypted second key K for an eUICC profile to an eUICC subscription manager. The second key K can be encrypted with a symmetric key. The module can receive and activate the eUICC profile, and the network can authenticate the module using the first network module identity and the first key K. The network can (i) authenticate the user of the module using a second factor, and then (ii) send the symmetric key to the module. The module can decrypt the encrypted second key K using the symmetric key. The network can authenticate the module using the second key K. The module can comprise a mobile phone.

Abstract: This disclosure relates to systems and methods for verifying the presentation of content to a target audience using generated metrics indicative of a likelihood that the content was presented to actual human individuals within the target audience. In some instances, such a metric may be associated with a probability model estimating that a user (e.g., a user of a device) is human and not a bot and/or other automated service. Metrics consistent with aspects of the disclosed embodiments may be generated based, at least in part, on user information received from a user and/or associated devices and/or associated services. Consistent with various disclosed embodiments, metrics indicative of whether a user is human, content distribution decisions and user agency decisions may use such metrics.

Abstract: An audio accessory having a locally stored and executed policy. The policy includes a rule related to audio output generation. The audio accessory can be a peripheral audio accessory, and the policy can be stored on the peripheral audio accessory so that the policy can be applied to communications from any source.

Abstract: Certain aspects of the present disclosure provide techniques for managing security keys for enciphering and deciphering packets transmitted in a wireless communications system. According to certain aspects, a method of wireless communication by a user equipment (UE) is provided. The method generally includes obtaining an indication of a key area identifier (ID) of a first cell node, wherein the key area ID identifies a set of cell nodes that are associated with a network node that uses a first key for enciphering or deciphering messages and communicating a first set of messages with the first cell node using the first key for enciphering or deciphering the first set of messages.

Abstract: Provided is a physical layer blind authentication method for a time-varying fading channel based on a smoothing technique. The method includes that: a transmitter transmits a carrier signal to a wireless channel, the carrier signal includes an authentication signal, a pilot signal and an information signal, and the wireless channel is the time-varying fading channel; a receiver receives the carrier signal, and performs BKIC processing and differential signal processing on the carrier signal to obtain a target authentication signal, performs the differential signal processing on the reference signal to obtain a reference authentication signal, and calculates a correlation between the target authentication signal and the reference authentication signal to obtain a test statistic; and compares the test statistic with a prescribed threshold to determine whether the carrier signal is capable of passing authentication.

Abstract: A wearable device provides protection for personal identity information by fragmenting a key needed to release the personal identity information among members of a body area network of wearable devices. A shared secret algorithm is used to allow unlocking the personal identity information with fragmental keys from less than all of the wearable devices in the body area network. The wearable devices may also provide protection for other personal user data by employing a disconnect and erase protocol that causes wearable devices to drop connections with an external personal data space and erase locally stored personal information if a life pulse from a connectivity root device is not received within a configurable predefined period.

Abstract: One innovative aspect of the subject matter described in this disclosure may be implemented in a method for wireless communication. The method may be performed, for example, by a first multi-link device (MLD), that includes a first station (STA) and a second STA, to generate and provide block acknowledgment (BA) status reports for Medium Access Control (MAC) Protocol Data Units (MPDUs) transmitted by the first STA of the first MLD and the second STA of the first MLD. Another innovative aspect of the subject matter described in this disclosure may be implemented in a method for wireless communication. The method may be performed, for example, by a logical entity of a first MLD to receive and process a BA status report.

Abstract: Embodiments of this application provide methods, apparatuses, and terminal devices for managing communications services. In an implementation, a method comprises: identifying, by an input device of a terminal device, an operation performed on the terminal device for entering a service mode that prioritizes data services over voice services; sending, by a subscriber identification module (SIM) card of the terminal device, one or more instructions to a network server, wherein the one or more instructions instruct the network server to disable the voice services of the SIM card; and in response to identifying the operation, activating, by the SIM card, the service mode by disabling a function on the terminal device corresponding to the voice services.

Abstract: Techniques to facilitate prevention of malicious attacks on a web service are disclosed herein. In at least one implementation, a computing system intercepts a web request directed to a web server providing the web service. The computing system identifies whether or not the web request is malicious. When the web request is identified as malicious, the computing system redirects the web request to an isolated mitigation server configured to mimic responses of the web server. The isolated mitigation server processes the web request to generate artificial content based on the web request that appears to be genuine content provided by the web server, and presents the artificial content in response to the web request.

Abstract: A method of performing a security mode control procedure by a user equipment (UE), and an apparatus therefor are disclosed. The method includes performing, over a 3rd generation partnership project (3GPP) access, a first authentication procedure and a first key agreement procedure with an access and mobility management function (AMF), wherein a key set identifier (ngKSI) is changed during the first authentication procedure and the first key agreement procedure, receiving, from the AMF over the 3GPP access, a first security mode command message including the ngKSI, and receiving, from the AMF over a non-3GPP access, a second security mode command message including the ngKSI, wherein the UE is registered to the AMF and a same public land mobile network (PLMN) over both the 3GPP access and the non-3GPP access.

Abstract: A radio system includes a radio voice terminal, a relay server, a command center and a radio network gateway. The radio network gateway includes a communication module in communication with the relay server; a radio voice control module in communication with the first radio voice terminal, receiving a radio voice signal from the first radio voice terminal; and a processing module in communication with the communication module and the radio voice control module, converting the radio voice signal into a digital voice file, executing a voice recognition process to extract at least one keyword from the digital voice file, and transmitting the at least one keyword to the relay server through the communication module.

Abstract: Systems, apparatuses, and methods are described for a dynamic network identification to facilitate a selection of a desired audio. A premises (e.g., a public bar) may have a plurality of display devices (e.g., television screens) outputting videos associated with a plurality of content items (e.g., television programs). A computing device may assign an audio data of each of the content items to be transmitted over a separate wireless network. A user may be able to listen to the audio of a desired content item by causing a user device to join a wireless network assigned to transmit an audio data of the desired content item. The wireless network may be reused to transmit a different audio data. A network identifier of the wireless network may be renamed to indicate the different audio data. The network identifier may be based on metadata associated with a content item.

Abstract: A method and device for recording a service in a local network are described. The service includes a set of actions to be carried out on at least one terminal of the network to provide a part of the service. The method includes obtaining a unique identifier, finding capacities of the network terminals, acquiring the found terminal capacities, constructing the service as a sequence of actions on at least one found terminal via a user interface, associating the service with the unique identifier, and recording the service and the associated unique identifier.

Abstract: Examples provide a system and method for initiating contactless communication sessions between computing devices using a variety of modalities. A user pre-registers a selected modality for triggering session initiation. A session initiation device generates trigger data based on a detected occurrence of a predetermined event corresponding to a user selected modality, such as, but not limited to, biometric data, a unique user identifier (ID), a vehicle identifier, or any other type of modality. The trigger data is mapped to a mobile device ID. The mobile device ID can be requested from a connection server. The communication session is established between the first computing device and the mobile user device using the mobile device identifier. The computing device transmits data to the mobile user device via the established communication session when the computing device is brought into proximity to the mobile user device.

Abstract: Method for cash card payment in a payment station for debit and credit cards.

Abstract: A reference architecture is described for supporting multi-link aggregation (MLA) operation. A MLA muxer logical layer is provided, which provides a synchronization function to synchronize data transmission over two or more subordinate air interfaces belonging to an aggregated link.

Abstract: A memory management method applicable to a data storage device is provided. The memory management method includes steps of: requesting a private memory space from a host; recording a reserved memory space given by the host; dividing a mapping table into a plurality of sub-mapping tables; determining whether a capacity of the reserved memory space is sufficient to store the sub-mapping tables; and if yes, uploading the sub-mapping tables to the reserved memory space via an interface logic.

Abstract: Example implementations relate to locating cloud system resources. A system can comprise a processor and a non-transitory memory resource storing machine readable instructions to receive a global positioning system (GPS) coordinate for hardware resources positioned at a plurality of geographic locations, tag resources stored at each of the plurality of geographic locations with a corresponding GPS coordinate, and determine a corresponding geographic location of a portion of the tagged resources based on extracted GPS coordinates for the portion of the tagged resources.

Abstract: An ultrasonic transceiver system includes a transmitter block, a receiver block, a state machine, a computer unit. The transmitter block contains circuitry configured to drive an ultrasound transducer. The receiver block contains circuitry configured to receive signals from the ultrasound transducer and convert the signals into digital data. The state machine is coupled to the transmitter and receiver blocks and contains circuitry configured to act as a controller for those blocks. The computing unit is coupled to the transmitter block, the receiver block, and the state machine and is configured to drive the transmitter block and process data received from the receiver block by executing instructions of a program. The program memory is coupled to the computing unit and is configured to store the program. The computing unit is configured to be reprogrammed with one or more additional programs stored in the program memory.

Abstract: A method for an information processing apparatus, comprising: acquiring first information to be used to establish connection to a connection target access point and second information concerning a communication apparatus to be connected to the access point by imaging a first image displayed on a display unit of another information processing apparatus connected to the access point; establishing wireless connection to the communication apparatus based on the second information acquired in the acquiring the first information; and transmitting the first information to the communication apparatus to cause the communication apparatus to try connection to the access point.

Abstract: A method may perform random access subject to Listen-Before-Talk (LBT) in an NR-U Serving Cell with multiple models. Enhancements may be to the Random Access Preamble Transmission procedure to enable autonomous BWP switching or sub-band in the event the channel is busy for the active UL BWP.

Abstract: Disclosed are systems and methods for improving interactions with and between computers in content providing, generating, securing and/or hosting systems supported by or configured with personal computing devices, servers and/or platforms. The systems interact to identify and retrieve data within or across platforms, which can be used to improve the security and quality of data used in processing interactions between or among processors in such systems. The disclosed systems and methods provide added security features and functionality to media files through computerized, automated encoding and decoding of portions of media file content such that identified portions of the content are obfuscated upon display and communication to other users. The disclosed systems and methods provide a novel, computerized security feature(s) that protects data of media files from unintended exposure to third parties.

Abstract: An over-air media server obtains first media content, including external content stored in a location external to the over-air media server, and delivers it for broadcast via on-air broadcast chain. A streaming media server is in communication with the over-air media server and a streaming broadcast chain. The streaming media server operates in a synchronized mode, during which it delivers, under control of the over-air media server, second media content to a streaming broadcast chain. The streaming server transitions from the synchronized mode to an independent mode, during which it delivers the second media content to the streaming broadcast chain independent of control by over-air media server. While operating in the independent mode the streaming media server obtains the second media content, including obtaining external content, from the same location from which over-air media server obtains its external content.

Abstract: In some embodiments, a wireless device receives one or more messages including one or more configuration parameters of a cell. The one or more configuration parameters indicate physical uplink shared channel (PUSCH) resources for transmission of a message A (MsgA) payload of a two-step random-access procedure of the cell. The wireless device transmits, via a first PUSCH resource of the PUSCH resources, the MsgA payload for the two-step random-access procedure. Based on completing the two-step random-access procedure, the wireless device releases the PUSCH resources.

Abstract: A wireless device receives one or more messages including one or more configuration parameters of a cell. The one or more configuration parameters indicate physical uplink shared channel (PUSCH) resources for transmission of a message A (MsgA) payload of a two-step random-access procedure of the cell. A medium access control (MAC) layer of the wireless device is reset based on a request from a radio resource control (RRC) layer of the wireless device. The PUSCH resources are released based on the reset of the MAC layer.

Abstract: The present disclosure relates to a memory device comprising: an array of memory cells; and an access management architecture providing a secure access to a test mode of the array of memory cells, the access management architecture comprising: a register group comprising data identifying the memory device; a cryptographic algorithm calculating an internal signature having a mechanism for ensuring data freshness; a non volatile memory area storing specific data to be used by the cryptographic algorithm for calculating the internal signature; a comparison block for comparing the calculated internal signature with a user provided signature to generate an enable signal allowing access to a test mode of the array of memory cells. The disclosure also relates to a System-on-Chip (SoC) component comprising a memory device as well as to a method for managing access to a memory array into a test mode.

Abstract: A method for avoiding a Bluetooth device from being traced, which comprises the following steps: parsing, by a target Bluetooth device, a second dynamic address to obtain a second random number and a second data; and generating, by the target Bluetooth device, a plurality of the third data successively according to the identity parsed keys in the identity parsed keys list save by the target Bluetooth device and a second random number, and determining whether there exists any third data which is the same as the second data, if yes, determining that there exists the second identity parsed key which is authenticated successfully; otherwise, determining that there isn't the second identity parsed key which is authenticated successfully.

Abstract: Systems and methods are disclosed that provide a secure wireless connection between two electronic devices. Techniques disclosed comprise: generating, on a server, a temporary code; registering, on a first device, the temporary code; sending, from the server to a second device, the temporary code; determining, on the first device, a first temporary credential based on the temporary code; determining, on the second device, a second temporary credential based on the temporary code; establishing, using the first and the second temporary credentials, a temporary connection between the first and the second devices; determining, on the second device, a secure credential; sending, from the second device to the first device, the secure credential via the temporary connection; and establishing, using the secure credential, a secure connection between the first and the second electronic devices.

Abstract: A communication system using a random code as an encryption code is disclosed. A first terminal transfers a request to the second terminal for providing a random code (rKey). The random code is used to encrypt commands in the proceeding communication process instead of using a master key (mKey) so as to avoid that the master key (mKey) is captured. The safety in data transmission is promoted greatly. In practical use, the encryption way can be used to a door access system which includes a mobile phone, a card reader, a door access controller, and a server program (such as ACX server program). The communication system using a random code as an encryption code assures that the communications between these devices are highly safe.

Abstract: A computer-implemented method in a content delivery network (CDN) comprising multiple content delivery (CD) services including at least one beacon service, the method comprising: at particular CD service in the CDN: (A) obtaining and responding to at least one first request; (B) obtaining and responding to at least one second request; and (C) making a beacon request to a beacon CD service, the beacon request including particular information about: (i) the at least one first request, and (ii) the at least one second request, wherein at least some of the particular information is encoded in the beacon request, wherein the beacon request comprises an HTTP request.

Abstract: When a terminal generates an uplink signal in a communication system, the terminal hops a sequence for differentiating itself from another terminal with time. The terminal generates the uplink signal by multiplying a transmission symbol by a sequence of a transmission time corresponding to the transmission symbol.